[09/Mar/2023:01:08:11 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_11032022.zip HTTP/1.1" 405
[09/Mar/2023:02:44:04 +0100] 167.99.186.48 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[09/Mar/2023:02:44:05 +0100] 167.99.186.48 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[09/Mar/2023:02:44:09 +0100] 167.99.186.48 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:02:44:10 +0100] 167.99.186.48 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[09/Mar/2023:02:54:08 +0100] 31.220.85.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[09/Mar/2023:04:14:16 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_10032022.zip HTTP/1.1" 413
[09/Mar/2023:05:00:54 +0100] 193.235.141.145 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[09/Mar/2023:05:22:24 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_09032022.zip HTTP/1.1" 405
[09/Mar/2023:06:59:47 +0100] 194.110.203.39 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_08032022.zip HTTP/1.1" 405
[09/Mar/2023:07:21:14 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[09/Mar/2023:08:05:25 +0100] 198.199.109.53 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[09/Mar/2023:09:49:56 +0100] 64.62.197.88 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:09:50:21 +0100] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[09/Mar/2023:09:55:36 +0100] 192.241.223.31 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:09:56:04 +0100] 192.241.198.9 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[09/Mar/2023:09:56:24 +0100] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[09/Mar/2023:09:56:34 +0100] 64.62.197.79 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[09/Mar/2023:09:59:47 +0100] 64.62.197.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:10:00:19 +0100] 159.203.44.105 TLSv1.2 AES256-SHA "GET /aaa9 HTTP/1.1" 304
[09/Mar/2023:10:00:20 +0100] 159.203.44.105 TLSv1.2 AES256-SHA "GET /aab8 HTTP/1.1" 304
[09/Mar/2023:10:00:57 +0100] 64.62.197.83 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[09/Mar/2023:10:57:44 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[09/Mar/2023:10:57:45 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[09/Mar/2023:10:57:45 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[09/Mar/2023:10:57:46 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[09/Mar/2023:10:57:47 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[09/Mar/2023:10:57:48 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[09/Mar/2023:10:57:49 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[09/Mar/2023:10:57:49 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[09/Mar/2023:10:57:50 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[09/Mar/2023:10:57:51 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[09/Mar/2023:10:57:52 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[09/Mar/2023:10:57:53 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[09/Mar/2023:10:57:53 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[09/Mar/2023:10:57:55 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[09/Mar/2023:10:57:55 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[09/Mar/2023:10:57:56 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[09/Mar/2023:10:57:57 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[09/Mar/2023:10:57:58 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[09/Mar/2023:10:57:59 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[09/Mar/2023:10:58:00 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[09/Mar/2023:10:58:00 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[09/Mar/2023:10:58:01 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /admin/.env HTTP/1.1" 308
[09/Mar/2023:10:58:02 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[09/Mar/2023:10:58:02 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /backend/.env HTTP/1.1" 310
[09/Mar/2023:10:58:03 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[09/Mar/2023:10:58:03 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /app/.env HTTP/1.1" 307
[09/Mar/2023:11:03:05 +0100] 194.37.96.187 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[09/Mar/2023:12:08:13 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:12:21:33 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[09/Mar/2023:12:29:37 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[09/Mar/2023:12:42:58 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[09/Mar/2023:12:57:30 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[09/Mar/2023:12:58:02 +0100] 87.236.176.252 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:13:00:39 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_04032022.zip HTTP/1.1" 413
[09/Mar/2023:13:22:36 +0100] 152.89.196.211 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[09/Mar/2023:13:45:37 +0100] 167.248.133.52 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:13:45:38 +0100] 167.248.133.52 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[09/Mar/2023:14:20:38 +0100] 92.118.39.108 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[09/Mar/2023:14:35:16 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_03032022.zip HTTP/1.1" 405
[09/Mar/2023:15:23:40 +0100] 193.235.141.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[09/Mar/2023:15:59:01 +0100] 162.243.141.22 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[09/Mar/2023:16:06:55 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_02032022.zip HTTP/1.1" 396
[09/Mar/2023:16:11:29 +0100] 167.94.146.59 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[09/Mar/2023:16:11:29 +0100] 167.94.146.59 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:16:11:29 +0100] 167.94.146.59 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[09/Mar/2023:16:19:30 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_02032022.zip HTTP/1.1" 405
[09/Mar/2023:16:30:43 +0100] 54.39.49.180 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 387
[09/Mar/2023:17:44:29 +0100] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:18:22:22 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_01032022.zip HTTP/1.1" 396
[09/Mar/2023:19:48:37 +0100] 35.180.31.234 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[09/Mar/2023:20:34:34 +0100] 193.118.53.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:20:44:36 +0100] 45.155.126.4 TLSv1.2 AES256-SHA "-" -
[09/Mar/2023:20:56:35 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[09/Mar/2023:20:58:52 +0100] 205.210.31.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[09/Mar/2023:20:59:52 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:21:05:35 +0100] 162.243.133.12 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[09/Mar/2023:21:07:41 +0100] 192.241.200.29 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[09/Mar/2023:21:12:16 +0100] 192.241.211.44 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[09/Mar/2023:21:24:18 +0100] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:21:36:09 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[09/Mar/2023:21:43:29 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:21:59:23 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[09/Mar/2023:22:08:06 +0100] 192.241.207.93 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[09/Mar/2023:22:11:20 +0100] 185.180.143.11 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[09/Mar/2023:22:31:06 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:22:47:11 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:23:10:15 +0100] 199.195.249.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /ztp/cgi-bin/handler HTTP/1.1" 315
[09/Mar/2023:23:24:29 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Mar/2023:23:32:58 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[09/Mar/2023:23:54:02 +0100] 144.91.67.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_26022022.zip HTTP/1.1" 405
[10/Mar/2023:00:14:10 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /geoserver HTTP/1.1" 305
[10/Mar/2023:00:16:02 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backup_26022022.zip HTTP/1.1" 396
[10/Mar/2023:00:18:00 +0100] 52.27.227.160 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[10/Mar/2023:00:44:55 +0100] 34.76.96.55 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[10/Mar/2023:00:54:52 +0100] 152.32.132.248 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383