[01/May/2023:03:26:32 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[01/May/2023:03:26:32 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[01/May/2023:03:26:33 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[01/May/2023:03:26:33 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[01/May/2023:03:26:34 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[01/May/2023:03:26:34 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[01/May/2023:03:26:35 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[01/May/2023:03:26:35 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[01/May/2023:03:26:35 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[01/May/2023:03:26:36 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[01/May/2023:04:18:29 +0200] 13.57.17.62 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/May/2023:04:50:09 +0200] 192.241.226.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:05:19:37 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[01/May/2023:05:27:41 +0200] 13.52.81.32 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD /epa/scripts/win/nsepa_setup.exe HTTP/1.1" -
[01/May/2023:05:31:41 +0200] 23.251.102.74 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:05:37:57 +0200] 3.231.219.126 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:05:38:43 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /mifs/.;/services/LogService HTTP/1.1" 318
[01/May/2023:05:47:39 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /console/ HTTP/1.1" 307
[01/May/2023:06:12:37 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 315
[01/May/2023:06:19:57 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[01/May/2023:06:27:39 +0200] 71.6.232.25 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:06:43:08 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:06:48:24 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[01/May/2023:07:20:03 +0200] 52.53.202.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /owa/auth/logon.aspx HTTP/1.1" 402
[01/May/2023:07:33:51 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:07:57:55 +0200] 193.235.141.156 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[01/May/2023:08:25:17 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[01/May/2023:08:30:11 +0200] 198.199.111.75 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[01/May/2023:08:33:47 +0200] 162.243.145.13 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[01/May/2023:08:38:02 +0200] 192.241.211.44 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[01/May/2023:08:42:17 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /geoserver HTTP/1.1" 305
[01/May/2023:08:45:21 +0200] 185.233.19.107 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/May/2023:10:32:31 +0200] 45.56.122.153 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:10:57:37 +0200] 64.62.197.207 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:11:04:05 +0200] 64.62.197.210 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/May/2023:11:06:34 +0200] 64.62.197.205 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:11:07:46 +0200] 64.62.197.200 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[01/May/2023:11:08:10 +0200] 64.62.197.211 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[01/May/2023:11:18:10 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/May/2023:11:28:55 +0200] 161.35.233.14 TLSv1.2 AES256-SHA "GET /explore HTTP/1.1" 306
[01/May/2023:11:57:24 +0200] 167.71.26.195 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[01/May/2023:11:57:25 +0200] 167.71.26.195 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[01/May/2023:11:57:29 +0200] 167.71.26.195 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:11:57:30 +0200] 167.71.26.195 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[01/May/2023:11:57:30 +0200] 167.71.26.195 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[01/May/2023:12:09:19 +0200] 18.191.55.204 TLSv1.2 AES256-SHA "GET /.env HTTP/1.1" 304
[01/May/2023:12:23:46 +0200] 3.231.219.126 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[01/May/2023:13:08:39 +0200] 20.100.168.244 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/May/2023:15:18:52 +0200] 159.203.208.12 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[01/May/2023:16:19:02 +0200] 167.99.141.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[01/May/2023:16:38:05 +0200] 172.104.11.51 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:16:39:54 +0200] 40.68.5.205 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[01/May/2023:16:39:54 +0200] 40.68.5.205 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[01/May/2023:17:35:16 +0200] 193.235.141.127 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[01/May/2023:17:37:31 +0200] 154.209.125.66 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/May/2023:17:59:25 +0200] 138.197.223.247 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/v1 HTTP/1.1" 389
[01/May/2023:17:59:37 +0200] 134.209.0.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.1" -
[01/May/2023:17:59:42 +0200] 18.191.55.204 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[01/May/2023:17:59:53 +0200] 134.209.0.143 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:18:04:55 +0200] 134.209.0.143 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[01/May/2023:18:13:19 +0200] 64.226.113.168 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[01/May/2023:20:21:28 +0200] 162.243.144.22 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[01/May/2023:20:35:51 +0200] 87.251.64.153 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[01/May/2023:20:59:59 +0200] 43.156.50.85 - - "-" -
[01/May/2023:22:28:35 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:22:29:04 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /admin/ HTTP/1.1" 305
[01/May/2023:22:29:05 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:22:29:08 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "HEAD /icons/sphere1.png HTTP/1.1" -
[01/May/2023:22:29:09 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[01/May/2023:22:29:11 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[01/May/2023:22:29:47 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /webfig/ HTTP/1.1" 307
[01/May/2023:22:30:29 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /remote/login HTTP/1.1" 309
[01/May/2023:22:30:32 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET /solr/ HTTP/1.1" 304
[01/May/2023:22:30:55 +0200] 185.180.143.80 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:22:58:09 +0200] 87.236.176.222 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[01/May/2023:23:59:29 +0200] 3.231.219.126 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[02/May/2023:00:10:24 +0200] 192.241.238.12 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[02/May/2023:00:50:02 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[02/May/2023:00:50:02 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[02/May/2023:00:50:03 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[02/May/2023:00:50:03 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[02/May/2023:00:50:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[02/May/2023:00:50:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[02/May/2023:00:50:04 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[02/May/2023:00:50:05 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[02/May/2023:00:50:05 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[02/May/2023:00:50:06 +0200] 109.237.98.226 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[02/May/2023:01:34:07 +0200] 130.211.54.158 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[02/May/2023:01:35:51 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[02/May/2023:01:46:11 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[02/May/2023:01:49:18 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[02/May/2023:01:56:40 +0200] 128.1.248.42 TLSv1.2 AES256-SHA "GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1" 330