[19/Mar/2023:01:03:36 +0100] 34.140.248.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[19/Mar/2023:01:47:43 +0100] 198.199.117.213 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:02:03:04 +0100] 193.118.53.194 TLSv1.2 AES256-SHA "GET /cgi-bin/config.exp HTTP/1.1" 315
[19/Mar/2023:02:13:57 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:02:31:35 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[19/Mar/2023:02:46:01 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[19/Mar/2023:02:53:52 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[19/Mar/2023:03:12:48 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[19/Mar/2023:03:53:07 +0100] 208.100.26.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 298
[19/Mar/2023:04:18:22 +0100] 142.93.188.230 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[19/Mar/2023:04:18:24 +0100] 142.93.188.230 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[19/Mar/2023:04:18:30 +0100] 142.93.188.230 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:04:18:31 +0100] 142.93.188.230 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[19/Mar/2023:05:32:17 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[19/Mar/2023:05:58:45 +0100] 45.43.33.218 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Mar/2023:06:22:55 +0100] 159.89.49.188 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[19/Mar/2023:06:46:51 +0100] 192.241.218.42 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[19/Mar/2023:06:49:25 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[19/Mar/2023:06:56:14 +0100] 51.254.49.104 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Mar/2023:07:37:41 +0100] 205.210.31.181 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 377
[19/Mar/2023:08:01:28 +0100] 143.244.41.219 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[19/Mar/2023:08:10:35 +0100] 193.235.141.60 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[19/Mar/2023:08:52:47 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:09:03:01 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[19/Mar/2023:09:08:49 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:09:11:11 +0100] 65.49.20.69 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[19/Mar/2023:09:14:52 +0100] 159.89.49.188 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[19/Mar/2023:09:14:53 +0100] 159.89.49.188 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[19/Mar/2023:09:14:57 +0100] 159.89.49.188 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:09:14:58 +0100] 159.89.49.188 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[19/Mar/2023:10:54:20 +0100] 107.170.242.13 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[19/Mar/2023:10:55:24 +0100] 198.199.92.121 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[19/Mar/2023:10:57:01 +0100] 162.243.140.44 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[19/Mar/2023:13:20:27 +0100] 46.101.187.206 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:14:22:05 +0100] 195.154.56.158 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Mar/2023:14:22:06 +0100] 195.154.56.158 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[19/Mar/2023:14:42:40 +0100] 45.79.181.179 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:15:03:51 +0100] 64.226.71.123 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[19/Mar/2023:15:03:52 +0100] 64.226.71.123 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[19/Mar/2023:15:03:53 +0100] 64.226.71.123 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:15:03:53 +0100] 64.226.71.123 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[19/Mar/2023:16:34:15 +0100] 34.78.208.17 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[19/Mar/2023:16:34:37 +0100] 34.140.56.211 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 308
[19/Mar/2023:16:52:39 +0100] 45.134.144.119 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1" 325
[19/Mar/2023:17:25:45 +0100] 193.235.141.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[19/Mar/2023:17:27:27 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[19/Mar/2023:17:28:57 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1679243336 HTTP/1.1" 407
[19/Mar/2023:17:28:57 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[19/Mar/2023:17:28:58 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[19/Mar/2023:17:28:58 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /evox/about HTTP/1.1" 393
[19/Mar/2023:17:28:59 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[19/Mar/2023:17:28:59 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Mar/2023:17:29:01 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[19/Mar/2023:17:29:02 +0100] 50.31.21.11 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[19/Mar/2023:18:52:56 +0100] 107.170.230.19 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[19/Mar/2023:20:14:56 +0100] 195.37.190.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:20:55:30 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[19/Mar/2023:20:55:31 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[19/Mar/2023:20:55:31 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[19/Mar/2023:20:55:32 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[19/Mar/2023:20:55:33 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[19/Mar/2023:20:55:33 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[19/Mar/2023:20:55:34 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[19/Mar/2023:20:55:34 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[19/Mar/2023:20:55:34 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[19/Mar/2023:20:55:35 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[19/Mar/2023:20:55:36 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[19/Mar/2023:20:55:36 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[19/Mar/2023:20:55:37 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[19/Mar/2023:20:55:37 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[19/Mar/2023:20:55:38 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[19/Mar/2023:20:55:39 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[19/Mar/2023:20:55:39 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[19/Mar/2023:20:55:40 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[19/Mar/2023:20:55:41 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[19/Mar/2023:20:55:41 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[19/Mar/2023:20:55:42 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[19/Mar/2023:20:55:43 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /admin/.env HTTP/1.1" 308
[19/Mar/2023:20:55:44 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[19/Mar/2023:20:55:44 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /backend/.env HTTP/1.1" 310
[19/Mar/2023:20:55:45 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[19/Mar/2023:20:55:45 +0100] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /app/.env HTTP/1.1" 307
[19/Mar/2023:22:39:56 +0100] 192.241.217.22 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[19/Mar/2023:22:41:36 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[19/Mar/2023:22:51:54 +0100] 35.88.219.255 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Mar/2023:22:52:33 +0100] 35.91.60.114 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[19/Mar/2023:22:52:36 +0100] 35.91.60.114 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Mar/2023:22:59:05 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[19/Mar/2023:23:00:12 +0100] 34.216.0.120 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Mar/2023:23:01:27 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[19/Mar/2023:23:05:10 +0100] 54.212.139.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[19/Mar/2023:23:13:11 +0100] 152.89.196.54 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[20/Mar/2023:00:55:21 +0100] 34.79.42.172 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[20/Mar/2023:00:56:17 +0100] 186.211.1.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Electron/download/windows/\\Windows\\win.ini HTTP/1.0" 423