[27/Dec/2022:01:21:28 +0100] 107.170.239.9 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[27/Dec/2022:01:23:31 +0100] 52.12.216.159 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[27/Dec/2022:01:24:00 +0100] 54.202.225.214 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[27/Dec/2022:01:46:32 +0100] 162.243.132.21 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[27/Dec/2022:02:34:53 +0100] 128.14.133.58 TLSv1.2 AES256-SHA "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 330
[27/Dec/2022:03:33:40 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET /remote/login HTTP/1.1" 309
[27/Dec/2022:03:34:54 +0100] 205.210.31.147 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 389
[27/Dec/2022:04:13:19 +0100] 162.243.140.44 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[27/Dec/2022:04:20:33 +0100] 198.199.92.121 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[27/Dec/2022:04:21:06 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/klub.kornland.at-db.rar HTTP/1.1" 412
[27/Dec/2022:04:21:40 +0100] 162.243.136.25 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[27/Dec/2022:04:27:17 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[27/Dec/2022:04:48:10 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[27/Dec/2022:04:56:55 +0100] 207.46.13.230 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[27/Dec/2022:04:56:57 +0100] 207.46.13.230 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 311
[27/Dec/2022:04:57:07 +0100] 157.55.39.65 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[27/Dec/2022:06:10:17 +0100] 192.241.235.9 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:06:40:35 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[27/Dec/2022:07:36:18 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[27/Dec/2022:07:48:57 +0100] 128.14.133.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:08:11:57 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/harm.at-database.rar HTTP/1.1" 400
[27/Dec/2022:08:12:43 +0100] 66.240.236.109 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:09:20:58 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/easyzumfuehrerscheindb.rar HTTP/1.1" 423
[27/Dec/2022:10:11:26 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/klubdb.rar HTTP/1.1" 399
[27/Dec/2022:10:48:53 +0100] 65.49.20.68 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:10:58:53 +0100] 65.49.20.68 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[27/Dec/2022:11:03:11 +0100] 65.49.20.68 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:11:04:42 +0100] 65.49.20.68 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[27/Dec/2022:11:14:07 +0100] 62.233.50.248 - - "-" -
[27/Dec/2022:11:46:01 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[27/Dec/2022:12:05:52 +0100] 164.90.175.13 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:12:11:35 +0100] 172.104.193.53 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:12:38:46 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/klub-db.rar HTTP/1.1" 400
[27/Dec/2022:13:15:54 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/easyzumfuehrerschein-db.rar HTTP/1.1" 424
[27/Dec/2022:13:21:36 +0100] 174.138.27.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dns-query?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 338
[27/Dec/2022:13:21:39 +0100] 139.180.209.73 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /dns-query HTTP/1.1" 308
[27/Dec/2022:13:21:44 +0100] 159.65.14.199 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 333
[27/Dec/2022:13:21:45 +0100] 134.209.98.10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[27/Dec/2022:13:21:48 +0100] 134.209.110.37 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?name=baidu.com&type=A HTTP/1.1" 323
[27/Dec/2022:13:24:39 +0100] 198.235.24.172 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[27/Dec/2022:13:32:00 +0100] 143.198.90.105 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[27/Dec/2022:13:32:03 +0100] 143.198.90.105 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[27/Dec/2022:13:32:11 +0100] 143.198.90.105 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:14:18:53 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/harm_database.rar HTTP/1.1" 397
[27/Dec/2022:14:25:55 +0100] 69.164.217.74 - - "-" -
[27/Dec/2022:14:26:26 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db/easyzumfuehrerschein_database.rar HTTP/1.1" 430
[27/Dec/2022:14:54:02 +0100] 62.233.50.248 - - "-" -
[27/Dec/2022:15:05:36 +0100] 157.55.39.65 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 304
[27/Dec/2022:15:16:26 +0100] 193.105.207.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[27/Dec/2022:16:41:34 +0100] 162.142.125.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Dec/2022:16:41:35 +0100] 162.142.125.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:16:41:36 +0100] 162.142.125.211 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Dec/2022:16:42:41 +0100] 198.235.24.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[27/Dec/2022:18:03:35 +0100] 23.251.102.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:18:41:06 +0100] 107.170.230.10 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[27/Dec/2022:19:03:54 +0100] 167.99.188.216 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[27/Dec/2022:19:04:55 +0100] 146.190.48.204 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 314
[27/Dec/2022:19:06:20 +0100] 147.182.238.183 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[27/Dec/2022:19:26:38 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db_backup.klub.sql.gz HTTP/1.1" 416
[27/Dec/2022:19:48:49 +0100] 198.12.252.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db_backup.harm.sql.gz HTTP/1.1" 407
[27/Dec/2022:19:56:07 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[27/Dec/2022:19:56:07 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[27/Dec/2022:19:56:08 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[27/Dec/2022:19:56:08 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[27/Dec/2022:19:56:09 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[27/Dec/2022:19:56:09 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[27/Dec/2022:19:56:10 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[27/Dec/2022:19:56:10 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[27/Dec/2022:19:56:11 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[27/Dec/2022:19:56:11 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[27/Dec/2022:19:56:12 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[27/Dec/2022:19:56:12 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[27/Dec/2022:19:56:13 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[27/Dec/2022:19:56:13 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[27/Dec/2022:19:56:14 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[27/Dec/2022:19:56:14 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[27/Dec/2022:19:56:14 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[27/Dec/2022:19:56:15 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[27/Dec/2022:19:56:15 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[27/Dec/2022:19:56:16 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[27/Dec/2022:20:53:55 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[27/Dec/2022:20:58:57 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Dec/2022:20:59:22 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[27/Dec/2022:20:59:43 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[27/Dec/2022:21:00:27 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db_backup.sql.gz HTTP/1.1" 411
[27/Dec/2022:21:00:51 +0100] 193.105.207.58 - - "-" -
[27/Dec/2022:21:17:29 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db_backup.sql.gz HTTP/1.1" 402
[27/Dec/2022:21:25:35 +0100] 51.222.253.19 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 302
[27/Dec/2022:21:30:40 +0100] 146.88.240.11 TLSv1.2 AES256-SHA "-" -
[27/Dec/2022:21:35:16 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[27/Dec/2022:21:54:54 +0100] 181.214.218.69 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[27/Dec/2022:22:09:53 +0100] 208.100.26.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[27/Dec/2022:23:14:52 +0100] 185.7.214.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[28/Dec/2022:00:22:21 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db_backup.easyzumfuehrerschein.sql HTTP/1.1" 437
[28/Dec/2022:00:22:55 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db_backup.harm.sql HTTP/1.1" 404
[28/Dec/2022:00:34:19 +0100] 20.63.78.213 TLSv1.2 AES256-SHA "GET /phpmyadmin/ HTTP/1.1" 309
[28/Dec/2022:00:38:10 +0100] 193.105.207.58 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[28/Dec/2022:00:52:13 +0100] 34.140.248.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301