[10/Feb/2023:01:01:13 +0100] 34.140.248.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[10/Feb/2023:01:17:01 +0100] 212.71.251.85 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[10/Feb/2023:02:05:06 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:02:45:36 +0100] 205.210.31.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[10/Feb/2023:02:56:27 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[10/Feb/2023:03:02:18 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:03:02:35 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[10/Feb/2023:03:02:57 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[10/Feb/2023:03:10:01 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_17052022.zip HTTP/1.1" 427
[10/Feb/2023:03:23:00 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_16052022.zip HTTP/1.1" 403
[10/Feb/2023:03:32:38 +0100] 87.236.176.184 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:03:41:37 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_16052022.zip HTTP/1.1" 394
[10/Feb/2023:03:53:46 +0100] 185.180.143.6 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:04:05:02 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[10/Feb/2023:04:12:41 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_16052022.zip HTTP/1.1" 427
[10/Feb/2023:05:51:09 +0100] 128.14.209.162 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:06:25:22 +0100] 183.136.225.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[10/Feb/2023:06:29:01 +0100] 183.136.225.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[10/Feb/2023:06:29:10 +0100] 183.136.225.46 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[10/Feb/2023:06:29:18 +0100] 183.136.225.46 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 302
[10/Feb/2023:06:30:16 +0100] 3.253.121.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 101
[10/Feb/2023:06:30:17 +0100] 3.253.121.253 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 754
[10/Feb/2023:06:55:03 +0100] 184.105.247.196 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:07:02:38 +0100] 162.221.192.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:07:02:46 +0100] 162.221.192.26 TLSv1.2 AES256-SHA "GET /showLogin.cc HTTP/1.1" 311
[10/Feb/2023:07:06:40 +0100] 184.105.247.196 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:07:08:19 +0100] 184.105.247.196 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[10/Feb/2023:07:36:43 +0100] 198.199.104.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:08:08:14 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[10/Feb/2023:08:45:34 +0100] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[10/Feb/2023:08:52:25 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_12052022.zip HTTP/1.1" 427
[10/Feb/2023:08:56:44 +0100] 192.155.90.118 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:09:28:04 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_12052022.zip HTTP/1.1" 394
[10/Feb/2023:09:45:47 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 310
[10/Feb/2023:09:45:48 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 310
[10/Feb/2023:09:45:49 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 317
[10/Feb/2023:09:45:50 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 317
[10/Feb/2023:09:45:51 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 315
[10/Feb/2023:09:45:51 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 315
[10/Feb/2023:09:45:52 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 316
[10/Feb/2023:09:45:53 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 316
[10/Feb/2023:09:45:54 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 314
[10/Feb/2023:09:45:54 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 314
[10/Feb/2023:09:45:55 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 312
[10/Feb/2023:09:45:56 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 312
[10/Feb/2023:09:45:56 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 315
[10/Feb/2023:09:45:57 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 315
[10/Feb/2023:09:45:57 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 313
[10/Feb/2023:09:45:58 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 313
[10/Feb/2023:09:45:59 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 312
[10/Feb/2023:09:45:59 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 312
[10/Feb/2023:09:46:00 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 312
[10/Feb/2023:09:46:01 +0100] 109.237.98.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 312
[10/Feb/2023:10:51:13 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:11:03:08 +0100] 192.241.209.4 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[10/Feb/2023:11:28:00 +0100] 183.136.225.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[10/Feb/2023:11:33:54 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:11:34:15 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[10/Feb/2023:11:34:42 +0100] 183.136.225.32 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[10/Feb/2023:12:07:52 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[10/Feb/2023:12:07:56 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:12:08:07 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:12:08:20 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[10/Feb/2023:12:08:31 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET /favicon.ico/ HTTP/1.1" 309
[10/Feb/2023:12:08:42 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 308
[10/Feb/2023:12:08:53 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET /robots.txt/ HTTP/1.1" 309
[10/Feb/2023:12:08:58 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 319
[10/Feb/2023:12:09:09 +0100] 36.156.28.130 TLSv1.2 AES256-SHA "GET /.well-known/security.txt/ HTTP/1.1" 319
[10/Feb/2023:12:59:18 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:13:18:09 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:15:16:00 +0100] 134.122.0.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[10/Feb/2023:15:16:01 +0100] 134.122.0.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 754
[10/Feb/2023:15:16:03 +0100] 134.122.0.91 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 1150
[10/Feb/2023:15:29:44 +0100] 139.144.144.131 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[10/Feb/2023:15:57:53 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:15:58:23 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[10/Feb/2023:15:58:26 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[10/Feb/2023:15:59:01 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET /admin/ HTTP/1.1" 305
[10/Feb/2023:15:59:01 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET /webfig/ HTTP/1.1" 307
[10/Feb/2023:15:59:34 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:15:59:42 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:15:59:45 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:15:59:46 +0100] 185.180.143.18 TLSv1.2 AES256-SHA "GET /solr/ HTTP/1.1" 304
[10/Feb/2023:16:07:35 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[10/Feb/2023:16:15:22 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[10/Feb/2023:16:53:23 +0100] 107.170.247.16 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[10/Feb/2023:17:08:58 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:17:24:52 +0100] 139.162.233.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[10/Feb/2023:18:24:08 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:19:15:41 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:19:34:25 +0100] 192.241.203.14 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[10/Feb/2023:20:00:12 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_03052022.zip HTTP/1.1" 427
[10/Feb/2023:20:22:02 +0100] 107.170.226.14 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[10/Feb/2023:20:46:13 +0100] 208.100.26.235 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[10/Feb/2023:20:50:37 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[10/Feb/2023:21:11:07 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /easyzumfuehrerschein_02052022.zip HTTP/1.1" 427
[10/Feb/2023:22:13:56 +0100] 52.26.126.166 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[10/Feb/2023:22:14:24 +0100] 35.88.64.230 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[10/Feb/2023:22:14:29 +0100] 35.88.64.230 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[10/Feb/2023:22:35:29 +0100] 167.94.138.63 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:22:35:29 +0100] 167.94.138.63 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:22:35:30 +0100] 167.94.138.63 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[10/Feb/2023:22:48:25 +0100] 128.14.134.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[10/Feb/2023:22:50:48 +0100] 141.98.10.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[10/Feb/2023:23:02:59 +0100] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 391
[10/Feb/2023:23:02:59 +0100] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 381
[10/Feb/2023:23:51:36 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[11/Feb/2023:00:03:47 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /harm_30042022.zip HTTP/1.1" 394
[11/Feb/2023:00:13:29 +0100] 35.92.35.235 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[11/Feb/2023:00:13:48 +0100] 18.237.131.49 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 313
[11/Feb/2023:00:27:51 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /klub_30042022.zip HTTP/1.1" 403
[11/Feb/2023:00:37:30 +0100] 205.210.31.159 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 386