[27/Apr/2023:02:38:50 +0200] 199.45.154.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:38:50 +0200] 199.45.154.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:38:59 +0200] 199.45.155.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:38:59 +0200] 199.45.155.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:40:30 +0200] 43.248.128.82 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:40:30 +0200] 43.248.128.82 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:41:42 +0200] 38.110.46.2 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:41:42 +0200] 38.110.46.2 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:42:53 +0200] 171.67.71.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:02:42:53 +0200] 171.67.71.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 293
[27/Apr/2023:03:01:53 +0200] 95.217.218.12 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[27/Apr/2023:03:48:29 +0200] 43.226.34.233 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:04:45:36 +0200] 192.241.200.47 TLSv1.2 AES256-SHA "GET /ReportServer HTTP/1.1" 307
[27/Apr/2023:05:49:03 +0200] 162.243.143.25 TLSv1.2 AES256-SHA "GET /login HTTP/1.1" 305
[27/Apr/2023:05:58:11 +0200] 185.224.128.219 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /_asterisk/ HTTP/1.1" 308
[27/Apr/2023:06:19:21 +0200] 192.241.233.4 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:07:22:31 +0200] 5.75.225.204 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[27/Apr/2023:07:24:34 +0200] 94.130.72.237 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[27/Apr/2023:08:41:09 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[27/Apr/2023:09:30:56 +0200] 167.94.146.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Apr/2023:09:30:56 +0200] 167.94.146.60 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:09:30:56 +0200] 167.94.146.60 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Apr/2023:09:59:32 +0200] 71.6.199.23 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Apr/2023:09:59:40 +0200] 71.6.199.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[27/Apr/2023:09:59:42 +0200] 71.6.199.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[27/Apr/2023:09:59:42 +0200] 71.6.199.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[27/Apr/2023:09:59:46 +0200] 71.6.199.23 TLSv1.2 AES256-SHA "quit" 379
[27/Apr/2023:09:59:47 +0200] 71.6.199.23 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 393
[27/Apr/2023:09:59:48 +0200] 71.6.199.23 TLSv1.2 AES256-SHA "GET /sitemap.xml HTTP/1.1" 394
[27/Apr/2023:09:59:49 +0200] 71.6.199.23 TLSv1.2 AES256-SHA "GET /.well-known/security.txt HTTP/1.1" 407
[27/Apr/2023:09:59:50 +0200] 71.6.199.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[27/Apr/2023:09:59:53 +0200] 71.6.199.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[27/Apr/2023:10:09:21 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[27/Apr/2023:10:14:31 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[27/Apr/2023:10:14:31 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[27/Apr/2023:10:14:32 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[27/Apr/2023:10:14:32 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[27/Apr/2023:10:14:32 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[27/Apr/2023:10:14:33 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[27/Apr/2023:10:14:34 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[27/Apr/2023:10:14:34 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[27/Apr/2023:10:14:34 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[27/Apr/2023:10:14:35 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[27/Apr/2023:10:27:38 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[27/Apr/2023:10:45:40 +0200] 167.94.138.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Apr/2023:10:45:41 +0200] 167.94.138.35 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:10:45:42 +0200] 167.94.138.35 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Apr/2023:11:40:01 +0200] 94.102.61.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:11:59:17 +0200] 20.100.168.244 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[27/Apr/2023:12:33:35 +0200] 198.199.92.229 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[27/Apr/2023:12:39:13 +0200] 51.158.118.231 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 381
[27/Apr/2023:13:21:16 +0200] 5.182.5.161 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /login?redir=%2F" 405
[27/Apr/2023:13:22:50 +0200] 167.248.133.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Apr/2023:13:22:51 +0200] 167.248.133.125 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:13:22:51 +0200] 167.248.133.125 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Apr/2023:13:34:19 +0200] 64.62.197.230 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:13:42:16 +0200] 64.62.197.239 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[27/Apr/2023:13:45:00 +0200] 64.62.197.230 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:13:48:53 +0200] 64.62.197.227 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[27/Apr/2023:13:49:51 +0200] 64.62.197.236 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[27/Apr/2023:14:18:14 +0200] 199.16.157.181 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[27/Apr/2023:14:18:15 +0200] 199.16.157.181 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[27/Apr/2023:15:22:29 +0200] 185.180.143.79 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:16:31:04 +0200] 23.229.31.14 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[27/Apr/2023:16:31:05 +0200] 23.229.31.14 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[27/Apr/2023:16:40:53 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[27/Apr/2023:17:27:46 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[27/Apr/2023:17:27:47 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[27/Apr/2023:17:27:47 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[27/Apr/2023:17:27:48 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[27/Apr/2023:17:27:48 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[27/Apr/2023:17:27:49 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[27/Apr/2023:17:27:49 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[27/Apr/2023:17:27:50 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[27/Apr/2023:17:27:50 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[27/Apr/2023:17:27:51 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[27/Apr/2023:17:42:15 +0200] 47.74.90.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dns-query?dns=gQcBAAABAAAAAAAABmdvb2dsZQNjb20AAAEAAQ HTTP/1.1" 340
[27/Apr/2023:18:14:12 +0200] 138.197.169.204 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[27/Apr/2023:18:14:14 +0200] 138.197.169.204 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[27/Apr/2023:18:14:24 +0200] 138.197.169.204 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:18:14:27 +0200] 138.197.169.204 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[27/Apr/2023:18:14:29 +0200] 138.197.169.204 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[27/Apr/2023:18:41:51 +0200] 54.245.29.221 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 295
[27/Apr/2023:19:03:19 +0200] 47.74.90.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /dns-query HTTP/1.1" 308
[27/Apr/2023:19:41:43 +0200] 162.142.125.223 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[27/Apr/2023:19:41:44 +0200] 162.142.125.223 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:19:41:44 +0200] 162.142.125.223 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[27/Apr/2023:20:38:54 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[27/Apr/2023:20:44:07 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[27/Apr/2023:20:57:09 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[27/Apr/2023:21:08:55 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[27/Apr/2023:21:17:58 +0200] 205.210.31.164 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[27/Apr/2023:21:22:13 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:22:32:51 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[27/Apr/2023:22:52:05 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 293
[27/Apr/2023:23:22:57 +0200] 107.170.224.21 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[28/Apr/2023:00:05:27 +0200] 107.170.227.29 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[28/Apr/2023:01:06:23 +0200] 35.240.121.17 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[28/Apr/2023:01:31:53 +0200] 152.89.196.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Apr/2023:01:36:56 +0200] 185.189.182.234 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 379