[06/Apr/2023:02:13:56 +0200] 35.91.22.255 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[06/Apr/2023:02:14:29 +0200] 35.91.182.219 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[06/Apr/2023:02:14:30 +0200] 52.25.101.59 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 302
[06/Apr/2023:02:14:35 +0200] 52.25.101.59 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[06/Apr/2023:02:36:35 +0200] 35.206.253.134 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[06/Apr/2023:03:08:46 +0200] 137.226.113.44 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:03:08:46 +0200] 3.75.242.177 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:03:08:48 +0200] 18.183.43.173 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:03:08:50 +0200] 3.106.135.198 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:03:17:59 +0200] 54.176.177.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:03:20:50 +0200] 185.180.143.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:03:33:22 +0200] 177.71.160.191 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:04:45:46 +0200] 192.241.231.10 TLSv1.2 AES256-SHA "GET /ReportServer HTTP/1.1" 307
[06/Apr/2023:05:35:51 +0200] 192.241.229.22 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[06/Apr/2023:05:48:52 +0200] 171.67.71.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[06/Apr/2023:05:48:52 +0200] 171.67.71.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[06/Apr/2023:05:48:58 +0200] 43.248.130.55 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[06/Apr/2023:05:48:58 +0200] 43.248.130.55 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[06/Apr/2023:05:50:01 +0200] 38.110.46.2 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[06/Apr/2023:05:50:01 +0200] 38.110.46.2 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[06/Apr/2023:06:02:48 +0200] 64.62.197.236 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:06:02:52 +0200] 198.199.108.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:06:10:10 +0200] 64.62.197.238 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[06/Apr/2023:06:12:17 +0200] 64.62.197.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:06:13:44 +0200] 64.62.197.235 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[06/Apr/2023:06:13:59 +0200] 64.62.197.239 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[06/Apr/2023:06:23:21 +0200] 149.18.73.140 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1" 325
[06/Apr/2023:06:37:13 +0200] 170.64.185.137 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[06/Apr/2023:06:37:16 +0200] 170.64.185.137 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[06/Apr/2023:06:37:26 +0200] 170.64.185.137 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:06:37:28 +0200] 170.64.185.137 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[06/Apr/2023:06:37:30 +0200] 170.64.185.137 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[06/Apr/2023:07:05:17 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[06/Apr/2023:07:12:25 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[06/Apr/2023:07:13:49 +0200] 172.105.215.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[06/Apr/2023:07:19:43 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[06/Apr/2023:07:54:33 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[06/Apr/2023:08:05:27 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[06/Apr/2023:08:16:42 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[06/Apr/2023:08:25:19 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[06/Apr/2023:08:35:16 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:08:36:52 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:08:58:53 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:09:05:54 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[06/Apr/2023:09:25:09 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[06/Apr/2023:09:38:07 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /geoserver HTTP/1.1" 305
[06/Apr/2023:10:05:24 +0200] 95.179.241.62 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:10:12:25 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[06/Apr/2023:10:24:58 +0200] 13.245.17.221 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:10:32:03 +0200] 134.122.78.116 TLSv1.2 AES256-SHA "GET /info.php HTTP/1.1" 307
[06/Apr/2023:10:40:11 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:10:40:14 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:10:40:37 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "HEAD /icons/sphere1.png HTTP/1.1" -
[06/Apr/2023:10:40:38 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[06/Apr/2023:10:40:42 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[06/Apr/2023:10:41:13 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET /solr/ HTTP/1.1" 304
[06/Apr/2023:10:41:50 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET /webfig/ HTTP/1.1" 307
[06/Apr/2023:10:42:32 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET /admin/ HTTP/1.1" 305
[06/Apr/2023:10:42:34 +0200] 185.180.143.81 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:12:05:04 +0200] 149.28.118.137 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:12:55:20 +0200] 192.241.206.21 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[06/Apr/2023:12:59:29 +0200] 185.180.143.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:13:22:17 +0200] 208.83.234.224 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:13:33:00 +0200] 197.248.10.44 TLSv1.2 AES256-SHA "GET /Electron/download/windows/%5CProgram%20Files%5C3CX%20Phone%20System%5CData%5CDB%5Cbase%5C16384%5C16393 HTTP/1.1" 356
[06/Apr/2023:14:00:51 +0200] 162.243.135.14 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[06/Apr/2023:14:00:58 +0200] 23.90.160.146 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:14:08:59 +0200] 65.20.70.24 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:15:13:02 +0200] 207.148.119.21 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:15:25:33 +0200] 193.118.53.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:15:42:04 +0200] 64.176.7.63 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:15:43:42 +0200] 35.89.143.178 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[06/Apr/2023:15:44:09 +0200] 35.91.28.0 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[06/Apr/2023:16:06:16 +0200] 92.118.39.109 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[06/Apr/2023:16:34:35 +0200] 176.113.115.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v1" 394
[06/Apr/2023:16:52:06 +0200] 139.84.232.165 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:16:58:30 +0200] 202.182.111.56 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:17:42:08 +0200] 139.180.170.247 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 308
[06/Apr/2023:18:25:52 +0200] 3.90.33.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[06/Apr/2023:19:01:39 +0200] 45.79.181.179 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:19:03:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[06/Apr/2023:19:03:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[06/Apr/2023:19:03:05 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[06/Apr/2023:19:03:06 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[06/Apr/2023:19:03:06 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[06/Apr/2023:19:03:07 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[06/Apr/2023:19:03:07 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[06/Apr/2023:19:03:08 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[06/Apr/2023:19:03:08 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[06/Apr/2023:19:03:09 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[06/Apr/2023:19:03:10 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /test.php HTTP/1.1" 306
[06/Apr/2023:19:03:10 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /test.php HTTP/1.1" 306
[06/Apr/2023:19:03:11 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[06/Apr/2023:19:03:11 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /laravel/.env HTTP/1.1" 309
[06/Apr/2023:19:03:12 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /demo/.env HTTP/1.1" 307
[06/Apr/2023:19:03:12 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /demo/.env HTTP/1.1" 307
[06/Apr/2023:19:03:13 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[06/Apr/2023:19:03:13 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /web/.env HTTP/1.1" 307
[06/Apr/2023:19:03:14 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[06/Apr/2023:19:03:15 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /phpinfo HTTP/1.1" 307
[06/Apr/2023:19:03:15 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[06/Apr/2023:19:03:16 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /admin/.env HTTP/1.1" 308
[06/Apr/2023:19:03:17 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[06/Apr/2023:19:03:17 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /backend/.env HTTP/1.1" 310
[06/Apr/2023:19:03:18 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[06/Apr/2023:19:03:19 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /app/.env HTTP/1.1" 307
[06/Apr/2023:20:37:13 +0200] 162.243.138.9 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[06/Apr/2023:21:06:03 +0200] 94.102.61.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:21:20:30 +0200] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:22:04:06 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[06/Apr/2023:22:04:16 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[06/Apr/2023:22:04:17 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[06/Apr/2023:22:04:18 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[06/Apr/2023:22:04:23 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "quit" 379
[06/Apr/2023:22:04:34 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[06/Apr/2023:22:04:37 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[06/Apr/2023:22:04:38 +0200] 185.142.236.43 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[06/Apr/2023:22:04:45 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[06/Apr/2023:22:04:48 +0200] 185.142.236.43 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[06/Apr/2023:23:22:52 +0200] 193.118.53.210 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[06/Apr/2023:23:30:00 +0200] 54.184.43.160 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[06/Apr/2023:23:56:41 +0200] 107.170.237.12 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[07/Apr/2023:00:44:11 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[07/Apr/2023:01:14:41 +0200] 207.246.113.16 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[07/Apr/2023:01:42:01 +0200] 34.78.249.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301