[16/Apr/2023:02:21:04 +0200] 193.235.141.7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[16/Apr/2023:02:22:48 +0200] 128.14.134.170 TLSv1.2 AES256-SHA "GET /cgi-bin/config.exp HTTP/1.1" 315
[16/Apr/2023:02:40:01 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[16/Apr/2023:02:43:32 +0200] 45.79.172.21 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:03:14:46 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[16/Apr/2023:03:27:51 +0200] 162.142.125.226 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Apr/2023:03:27:52 +0200] 162.142.125.226 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:03:27:52 +0200] 162.142.125.226 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[16/Apr/2023:03:59:36 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[16/Apr/2023:04:42:42 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[16/Apr/2023:05:44:52 +0200] 167.94.138.52 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Apr/2023:05:44:52 +0200] 167.94.138.52 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:05:44:53 +0200] 167.94.138.52 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[16/Apr/2023:05:51:36 +0200] 70.34.195.199 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[16/Apr/2023:05:56:03 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[16/Apr/2023:05:56:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[16/Apr/2023:05:56:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[16/Apr/2023:05:56:05 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[16/Apr/2023:05:56:05 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[16/Apr/2023:05:56:06 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[16/Apr/2023:05:56:06 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[16/Apr/2023:05:56:06 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[16/Apr/2023:05:56:07 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[16/Apr/2023:05:56:08 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[16/Apr/2023:06:08:32 +0200] 192.241.220.13 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:07:54:40 +0200] 165.232.177.38 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[16/Apr/2023:08:00:36 +0200] 162.243.133.21 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[16/Apr/2023:08:07:49 +0200] 205.210.31.171 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 398
[16/Apr/2023:08:08:08 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[16/Apr/2023:08:08:08 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[16/Apr/2023:08:08:09 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[16/Apr/2023:08:08:09 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[16/Apr/2023:08:08:10 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[16/Apr/2023:08:08:10 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[16/Apr/2023:08:08:10 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[16/Apr/2023:08:08:11 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[16/Apr/2023:08:08:11 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[16/Apr/2023:08:08:12 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[16/Apr/2023:08:22:33 +0200] 20.100.168.244 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[16/Apr/2023:08:36:07 +0200] 64.62.197.103 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:08:41:46 +0200] 64.62.197.105 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[16/Apr/2023:08:43:29 +0200] 64.62.197.105 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:08:44:37 +0200] 64.62.197.97 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[16/Apr/2023:08:44:48 +0200] 64.62.197.100 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[16/Apr/2023:08:55:03 +0200] 152.89.196.54 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[16/Apr/2023:11:05:18 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[16/Apr/2023:11:23:08 +0200] 176.113.115.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v1" 394
[16/Apr/2023:13:04:24 +0200] 34.78.120.99 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[16/Apr/2023:13:04:42 +0200] 4.206.209.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[16/Apr/2023:13:04:42 +0200] 4.206.209.78 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[16/Apr/2023:15:59:46 +0200] 51.15.195.246 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 391
[16/Apr/2023:16:30:26 +0200] 117.62.218.192 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:16:42:37 +0200] 209.141.37.166 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET // HTTP/1.1" 307
[16/Apr/2023:17:51:19 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:17:51:37 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "HEAD /icons/sphere1.png HTTP/1.1" -
[16/Apr/2023:17:51:39 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /solr/ HTTP/1.1" 304
[16/Apr/2023:17:52:04 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[16/Apr/2023:17:52:08 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[16/Apr/2023:17:52:38 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:17:52:41 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /admin/ HTTP/1.1" 305
[16/Apr/2023:17:52:42 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:17:52:45 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /webfig/ HTTP/1.1" 307
[16/Apr/2023:18:29:04 +0200] 185.180.143.15 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[16/Apr/2023:19:11:23 +0200] 34.227.159.98 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[16/Apr/2023:19:24:11 +0200] 192.241.232.14 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[16/Apr/2023:20:20:36 +0200] 171.22.30.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[16/Apr/2023:20:20:37 +0200] 171.22.30.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[16/Apr/2023:21:15:55 +0200] 5.100.255.107 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[16/Apr/2023:23:03:37 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[16/Apr/2023:23:05:30 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /nmaplowercheck1681679128 HTTP/1.1" 407
[16/Apr/2023:23:05:30 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /sdk HTTP/1.1" 386
[16/Apr/2023:23:05:30 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /evox/about HTTP/1.1" 393
[16/Apr/2023:23:05:31 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /HNAP1 HTTP/1.1" 388
[16/Apr/2023:23:05:31 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[16/Apr/2023:23:05:31 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[16/Apr/2023:23:05:32 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[16/Apr/2023:23:05:33 +0200] 50.31.21.5 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[17/Apr/2023:01:17:03 +0200] 81.0.218.29 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[17/Apr/2023:01:24:02 +0200] 130.211.82.238 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301