[20/Jan/2023:01:32:40 +0100] 184.105.247.252 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:01:42:02 +0100] 184.105.247.252 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[20/Jan/2023:01:46:22 +0100] 35.91.76.30 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[20/Jan/2023:01:46:35 +0100] 184.105.247.252 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:01:46:40 +0100] 35.92.185.156 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[20/Jan/2023:01:46:44 +0100] 35.92.185.156 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[20/Jan/2023:01:47:51 +0100] 184.105.247.252 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[20/Jan/2023:02:15:59 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost_database.rar HTTP/1.1" 408
[20/Jan/2023:02:32:14 +0100] 185.180.143.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:03:46:07 +0100] 185.142.236.43 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Jan/2023:03:46:15 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[20/Jan/2023:03:46:15 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[20/Jan/2023:03:46:16 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[20/Jan/2023:03:46:20 +0100] 185.142.236.43 TLSv1.2 AES256-SHA "quit" 379
[20/Jan/2023:03:46:22 +0100] 185.142.236.43 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[20/Jan/2023:03:46:23 +0100] 185.142.236.43 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[20/Jan/2023:03:46:23 +0100] 185.142.236.43 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[20/Jan/2023:03:46:30 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[20/Jan/2023:03:46:33 +0100] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[20/Jan/2023:04:32:14 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/localhost-database.rar HTTP/1.1" 417
[20/Jan/2023:06:34:13 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/klub.kornland.atdb.rar HTTP/1.1" 417
[20/Jan/2023:07:07:07 +0100] 162.243.140.11 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:07:10:45 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/easyzumfuehrerschein.comdb.rar HTTP/1.1" 433
[20/Jan/2023:08:13:25 +0100] 185.180.143.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:08:28:53 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/klub.kornland.at_db.rar HTTP/1.1" 418
[20/Jan/2023:08:30:10 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[20/Jan/2023:08:32:34 +0100] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[20/Jan/2023:08:47:49 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/harm.at_db.rar HTTP/1.1" 400
[20/Jan/2023:10:10:21 +0100] 171.240.66.220 TLSv1.2 AES256-SHA "GET /0/license.txt HTTP/1.1" 304
[20/Jan/2023:10:41:06 +0100] 141.135.238.97 TLSv1.2 AES256-SHA "GET /0/license.txt HTTP/1.1" 316
[20/Jan/2023:12:37:57 +0100] 34.76.158.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[20/Jan/2023:12:46:44 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:13:03:23 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/klub.kornland.at_database.rar HTTP/1.1" 424
[20/Jan/2023:13:22:52 +0100] 220.119.162.224 TLSv1.2 AES256-SHA "GET /00/license.txt HTTP/1.1" 305
[20/Jan/2023:13:25:16 +0100] 103.203.59.1 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Jan/2023:13:49:38 +0100] 159.203.208.8 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[20/Jan/2023:13:55:29 +0100] 94.189.15.81 TLSv1.2 AES256-SHA "GET /00/license.txt HTTP/1.1" 317
[20/Jan/2023:14:43:31 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[20/Jan/2023:14:43:32 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[20/Jan/2023:14:43:33 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[20/Jan/2023:14:43:34 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[20/Jan/2023:14:43:35 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[20/Jan/2023:14:43:36 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[20/Jan/2023:14:43:37 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[20/Jan/2023:14:43:38 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[20/Jan/2023:14:43:39 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[20/Jan/2023:14:43:40 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[20/Jan/2023:14:43:41 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[20/Jan/2023:14:43:42 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[20/Jan/2023:14:43:43 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[20/Jan/2023:14:43:44 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[20/Jan/2023:14:43:45 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[20/Jan/2023:14:43:46 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[20/Jan/2023:14:43:47 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[20/Jan/2023:14:43:48 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[20/Jan/2023:14:43:49 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[20/Jan/2023:14:43:50 +0100] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[20/Jan/2023:14:59:31 +0100] 199.16.157.181 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[20/Jan/2023:14:59:32 +0100] 199.16.157.181 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[20/Jan/2023:15:06:31 +0100] 167.94.138.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:15:06:32 +0100] 167.94.138.44 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[20/Jan/2023:15:32:16 +0100] 139.144.158.209 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[20/Jan/2023:15:49:45 +0100] 198.199.108.238 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[20/Jan/2023:16:10:01 +0100] 47.88.94.159 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:16:10:05 +0100] 47.254.85.182 TLSv1.2 AES256-SHA "GET /Public/home/js/check.js HTTP/1.1" 316
[20/Jan/2023:16:10:09 +0100] 47.254.74.59 TLSv1.2 AES256-SHA "GET /static/admin/javascript/hetong.js HTTP/1.1" 325
[20/Jan/2023:16:14:56 +0100] 198.235.24.29 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[20/Jan/2023:16:27:06 +0100] 185.180.143.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:16:27:14 +0100] 185.180.143.6 TLSv1.2 AES256-SHA "GET /api/jsonws/ HTTP/1.1" 309
[20/Jan/2023:16:50:59 +0100] 59.148.249.146 TLSv1.2 AES256-SHA "GET /01/license.txt HTTP/1.1" 305
[20/Jan/2023:17:27:30 +0100] 103.247.159.166 TLSv1.2 AES256-SHA "GET /01/license.txt HTTP/1.1" 317
[20/Jan/2023:17:49:46 +0100] 154.89.5.124 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[20/Jan/2023:18:19:19 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/klubdb.rar HTTP/1.1" 405
[20/Jan/2023:18:30:43 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/easyzumfuehrerscheindb.rar HTTP/1.1" 429
[20/Jan/2023:19:09:09 +0100] 45.227.253.74 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[20/Jan/2023:19:21:07 +0100] 107.170.224.9 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[20/Jan/2023:19:45:02 +0100] 193.118.53.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:20:25:36 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 298
[20/Jan/2023:20:25:37 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 298
[20/Jan/2023:20:25:38 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 304
[20/Jan/2023:20:25:38 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 304
[20/Jan/2023:20:25:39 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 303
[20/Jan/2023:20:25:39 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 303
[20/Jan/2023:20:25:40 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 304
[20/Jan/2023:20:25:40 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 304
[20/Jan/2023:20:25:41 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 302
[20/Jan/2023:20:25:41 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 302
[20/Jan/2023:20:25:42 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 300
[20/Jan/2023:20:25:42 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 300
[20/Jan/2023:20:25:43 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 303
[20/Jan/2023:20:25:43 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 303
[20/Jan/2023:20:25:43 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 301
[20/Jan/2023:20:25:44 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 301
[20/Jan/2023:20:25:45 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 300
[20/Jan/2023:20:25:45 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 300
[20/Jan/2023:20:25:46 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 300
[20/Jan/2023:20:25:46 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 300
[20/Jan/2023:20:26:56 +0100] 112.168.18.227 TLSv1.2 AES256-SHA "GET /02/license.txt HTTP/1.1" 305
[20/Jan/2023:20:34:00 +0100] 128.1.248.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:20:44:31 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/harm_db.rar HTTP/1.1" 397
[20/Jan/2023:21:03:21 +0100] 175.194.104.214 TLSv1.2 AES256-SHA "GET /02/license.txt HTTP/1.1" 317
[20/Jan/2023:21:45:21 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[20/Jan/2023:22:28:24 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/klub-db.rar HTTP/1.1" 406
[20/Jan/2023:22:34:43 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:22:39:13 +0100] 103.149.192.124 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:22:42:21 +0100] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:23:04:29 +0100] 185.180.143.79 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[20/Jan/2023:23:06:48 +0100] 139.162.215.70 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[20/Jan/2023:23:07:08 +0100] 139.162.215.70 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[20/Jan/2023:23:18:23 +0100] 64.227.188.167 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 374
[20/Jan/2023:23:57:25 +0100] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[21/Jan/2023:00:01:48 +0100] 54.36.149.10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 314
[21/Jan/2023:00:01:50 +0100] 54.36.148.242 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[21/Jan/2023:00:04:50 +0100] 195.254.246.108 TLSv1.2 AES256-SHA "GET /03/license.txt HTTP/1.1" 305
[21/Jan/2023:00:41:33 +0100] 115.22.101.54 TLSv1.2 AES256-SHA "GET /03/license.txt HTTP/1.1" 317
[21/Jan/2023:00:41:40 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /database/klub_database.rar HTTP/1.1" 412