[02/Feb/2023:01:19:22 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:01:31:40 +0100] 35.87.185.38 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[02/Feb/2023:01:32:04 +0100] 51.158.118.231 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 386
[02/Feb/2023:01:53:40 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[02/Feb/2023:02:14:50 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /wp-config.php~ HTTP/1.1" 400
[02/Feb/2023:02:33:09 +0100] 165.22.40.131 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[02/Feb/2023:02:33:10 +0100] 165.22.40.131 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[02/Feb/2023:02:33:14 +0100] 165.22.40.131 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:03:19:07 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[02/Feb/2023:03:39:35 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[02/Feb/2023:04:00:56 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[02/Feb/2023:04:31:53 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[02/Feb/2023:05:34:08 +0100] 24.142.190.18 TLSv1.2 AES256-SHA "GET /cgi-bin/login?LD_DEBUG=files HTTP/1.1" 325
[02/Feb/2023:05:36:28 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[02/Feb/2023:05:55:47 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /*.rar HTTP/1.1" 382
[02/Feb/2023:06:04:32 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:06:18:03 +0100] 193.35.18.108 TLSv1.2 AES256-SHA "POST /ztp/cgi-bin/handler HTTP/1.1" 402
[02/Feb/2023:07:22:57 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[02/Feb/2023:07:26:43 +0100] 192.241.227.9 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:07:55:05 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:08:25:57 +0100] 64.62.197.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:08:32:32 +0100] 64.62.197.64 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[02/Feb/2023:08:36:10 +0100] 64.62.197.66 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:08:37:01 +0100] 64.62.197.76 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[02/Feb/2023:08:42:19 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[02/Feb/2023:09:20:18 +0100] 163.172.180.25 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[02/Feb/2023:10:00:58 +0100] 132.148.166.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /*.bzip HTTP/1.1" 383
[02/Feb/2023:10:06:06 +0100] 101.68.211.2 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[02/Feb/2023:10:25:27 +0100] 107.170.224.15 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[02/Feb/2023:10:41:58 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[02/Feb/2023:11:33:50 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[02/Feb/2023:11:53:15 +0100] 94.102.61.8 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[02/Feb/2023:12:13:17 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:12:38:48 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_092022.zip HTTP/1.1" 392
[02/Feb/2023:14:32:14 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[02/Feb/2023:14:32:47 +0100] 46.8.16.187 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[02/Feb/2023:14:44:51 +0100] 165.154.44.158 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[02/Feb/2023:14:58:59 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_072022.zip HTTP/1.1" 392
[02/Feb/2023:15:14:28 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[02/Feb/2023:15:32:16 +0100] 66.240.236.116 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:16:02:39 +0100] 107.170.227.34 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[02/Feb/2023:16:14:04 +0100] 51.15.247.214 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 398
[02/Feb/2023:16:49:45 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_062022.zip HTTP/1.1" 425
[02/Feb/2023:19:29:37 +0100] 192.241.218.16 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[02/Feb/2023:20:47:33 +0100] 51.15.247.214 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 391
[02/Feb/2023:21:45:56 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_022022.zip HTTP/1.1" 425
[02/Feb/2023:22:02:11 +0100] 23.90.160.114 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:22:27:37 +0100] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[02/Feb/2023:22:30:47 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_012022.zip HTTP/1.1" 401
[02/Feb/2023:23:09:31 +0100] 185.180.143.137 TLSv1.2 AES256-SHA "GET /cgi-bin/config.exp HTTP/1.1" 315
[02/Feb/2023:23:13:03 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[02/Feb/2023:23:22:01 +0100] 45.155.126.4 TLSv1.2 AES256-SHA "-" -
[02/Feb/2023:23:38:44 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[02/Feb/2023:23:48:36 +0100] 198.12.231.234 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_28092022.zip HTTP/1.1" 403
[03/Feb/2023:00:03:14 +0100] 185.180.143.138 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[03/Feb/2023:00:03:23 +0100] 185.180.143.138 TLSv1.2 AES256-SHA "HEAD /icons/sphere1.png HTTP/1.1" -
[03/Feb/2023:00:03:23 +0100] 185.180.143.138 TLSv1.2 AES256-SHA "HEAD /icons/.%%32%65/.%%32%65/apache2/icons/non-existant-image.png HTTP/1.1" -
[03/Feb/2023:00:37:12 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_28092022.zip HTTP/1.1" 427
[03/Feb/2023:00:45:25 +0100] 35.195.93.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[03/Feb/2023:00:49:03 +0100] 179.43.154.247 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[03/Feb/2023:00:56:43 +0100] 185.224.128.202 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301