[16/Jan/2023:01:03:45 +0100] 194.110.203.111 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Autodiscover/autodiscover.json?a=zona@ohara.biz/mapi/nspi/ HTTP/1.1" 441 [16/Jan/2023:01:04:07 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327 [16/Jan/2023:01:25:38 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /scripts/WPnBr.dll HTTP/1.1" 400 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 925 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /CSS/Miniweb.css HTTP/1.1" 398 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1673828738 HTTP/1.1" 407 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /start.html HTTP/1.1" 393 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /vCMV HTTP/1.1" 387 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal0000.htm HTTP/1.1" 397 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Portal/Portal.mwsl HTTP/1.1" 401 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /pools/default/buckets HTTP/1.1" 404 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /localstart.shtml HTTP/1.1" 399 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" - [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 424 [16/Jan/2023:01:25:39 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /__Additional HTTP/1.1" 395 [16/Jan/2023:01:25:49 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [16/Jan/2023:01:25:49 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /docs/cplugError.html/ HTTP/1.1" 404 [16/Jan/2023:01:25:49 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /server-status HTTP/1.1" 396 [16/Jan/2023:01:25:49 +0100] 172.105.246.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/HEAD HTTP/1.1" 392 [16/Jan/2023:02:28:01 +0100] 20.110.65.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304 [16/Jan/2023:02:28:02 +0100] 20.110.65.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301 [16/Jan/2023:03:46:18 +0100] 13.40.29.185 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 316 [16/Jan/2023:04:08:34 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/harm.at-database.tar.gz HTTP/1.1" 409 [16/Jan/2023:04:19:36 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/easyzumfuehrerschein.com-database.tar.gz HTTP/1.1" 443 [16/Jan/2023:04:22:55 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:04:34:18 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309 [16/Jan/2023:04:40:28 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:04:42:26 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310 [16/Jan/2023:05:26:21 +0100] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388 [16/Jan/2023:05:36:46 +0100] 213.32.122.82 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [16/Jan/2023:05:42:14 +0100] 198.199.97.203 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328 [16/Jan/2023:05:42:29 +0100] 143.110.233.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/ HTTP/1.1" 399 [16/Jan/2023:05:53:09 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319 [16/Jan/2023:06:14:40 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/db.tar HTTP/1.1" 409 [16/Jan/2023:06:56:39 +0100] 107.170.224.15 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:08:52:06 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301 [16/Jan/2023:10:31:23 +0100] 159.89.125.34 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304 [16/Jan/2023:10:31:24 +0100] 159.89.125.34 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304 [16/Jan/2023:10:31:28 +0100] 159.89.125.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:10:52:09 +0100] 71.6.232.20 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:10:53:10 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315 [16/Jan/2023:12:05:06 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhostdb.tar HTTP/1.1" 401 [16/Jan/2023:12:56:14 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [16/Jan/2023:12:58:41 +0100] 198.199.103.135 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310 [16/Jan/2023:13:44:14 +0100] 20.110.65.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304 [16/Jan/2023:13:44:15 +0100] 20.110.65.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301 [16/Jan/2023:13:56:53 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost_db.tar HTTP/1.1" 411 [16/Jan/2023:13:57:31 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost_db.tar HTTP/1.1" 402 [16/Jan/2023:14:43:00 +0100] 51.158.237.126 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [16/Jan/2023:14:43:00 +0100] 51.158.237.126 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309 [16/Jan/2023:14:58:20 +0100] 161.35.140.200 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304 [16/Jan/2023:14:58:21 +0100] 161.35.140.200 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304 [16/Jan/2023:14:58:26 +0100] 161.35.140.200 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:15:37:46 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383 [16/Jan/2023:15:53:28 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost-db.tar HTTP/1.1" 402 [16/Jan/2023:16:12:54 +0100] 18.184.139.87 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 316 [16/Jan/2023:16:19:43 +0100] 152.32.140.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [16/Jan/2023:16:19:44 +0100] 152.32.140.237 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309 [16/Jan/2023:16:20:07 +0100] 152.32.140.237 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308 [16/Jan/2023:16:20:25 +0100] 152.32.140.237 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 309 [16/Jan/2023:17:06:35 +0100] 154.89.5.83 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [16/Jan/2023:18:04:25 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost_database.tar HTTP/1.1" 408 [16/Jan/2023:19:18:11 +0100] 192.241.220.21 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335 [16/Jan/2023:19:40:31 +0100] 180.149.125.159 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:19:51:20 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost-database.tar HTTP/1.1" 417 [16/Jan/2023:19:53:05 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost-database.tar HTTP/1.1" 408 [16/Jan/2023:20:14:38 +0100] 87.236.176.135 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301 [16/Jan/2023:20:19:21 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304 [16/Jan/2023:20:19:21 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304 [16/Jan/2023:20:19:22 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311 [16/Jan/2023:20:19:22 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311 [16/Jan/2023:20:19:23 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310 [16/Jan/2023:20:19:23 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310 [16/Jan/2023:20:19:24 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310 [16/Jan/2023:20:19:24 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310 [16/Jan/2023:20:19:25 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308 [16/Jan/2023:20:19:25 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308 [16/Jan/2023:20:19:25 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306 [16/Jan/2023:20:19:26 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306 [16/Jan/2023:20:19:26 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309 [16/Jan/2023:20:19:27 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309 [16/Jan/2023:20:19:27 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307 [16/Jan/2023:20:19:28 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307 [16/Jan/2023:20:19:28 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307 [16/Jan/2023:20:19:29 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307 [16/Jan/2023:20:19:29 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307 [16/Jan/2023:20:19:29 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307 [16/Jan/2023:20:28:19 +0100] 154.89.5.72 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383 [16/Jan/2023:22:08:23 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/harm.atdb.tar HTTP/1.1" 399 [16/Jan/2023:22:29:16 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/easyzumfuehrerschein.comdb.tar HTTP/1.1" 433 [16/Jan/2023:22:32:47 +0100] 54.185.6.41 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307 [16/Jan/2023:22:33:26 +0100] 34.214.9.234 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307 [16/Jan/2023:22:34:14 +0100] 44.242.146.77 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314 [17/Jan/2023:00:08:30 +0100] 130.211.54.158 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301 [17/Jan/2023:00:40:15 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/easyzumfuehrerschein.com_db.tar HTTP/1.1" 434