[12/May/2023:02:17:00 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[12/May/2023:02:17:00 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.env HTTP/1.1" 304
[12/May/2023:02:17:01 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[12/May/2023:02:17:02 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/credentials HTTP/1.1" 311
[12/May/2023:02:17:02 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/config HTTP/1.1" 310
[12/May/2023:02:17:03 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /.aws/config HTTP/1.1" 310
[12/May/2023:02:17:04 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /aws/credentials HTTP/1.1" 310
[12/May/2023:02:17:04 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /aws/credentials HTTP/1.1" 310
[12/May/2023:02:17:04 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /credentials HTTP/1.1" 308
[12/May/2023:02:17:05 +0200] 109.237.97.180 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /credentials HTTP/1.1" 308
[12/May/2023:02:51:08 +0200] 92.118.39.108 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.git/config HTTP/1.1" 310
[12/May/2023:03:39:54 +0200] 193.235.141.153 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 307
[12/May/2023:04:00:44 +0200] 167.94.138.49 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[12/May/2023:04:00:45 +0200] 167.94.138.49 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:04:00:45 +0200] 167.94.138.49 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[12/May/2023:07:08:28 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[12/May/2023:07:22:39 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 331
[12/May/2023:07:27:37 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /index.php?s=/Index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 390
[12/May/2023:07:32:14 +0200] 193.106.29.122 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[12/May/2023:07:35:16 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 327
[12/May/2023:08:49:13 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /_ignition/execute-solution HTTP/1.1" 319
[12/May/2023:08:53:10 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:09:04:17 +0200] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[12/May/2023:09:07:43 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:09:26:24 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:09:45:07 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 404
[12/May/2023:09:46:56 +0200] 103.149.192.59 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:10:01:29 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[12/May/2023:10:08:48 +0200] 152.89.196.144 TLSv1.2 AES256-SHA "GET /geoserver HTTP/1.1" 305
[12/May/2023:10:52:00 +0200] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 394
[12/May/2023:10:52:01 +0200] 81.209.177.16 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 384
[12/May/2023:10:59:59 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:11:06:59 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[12/May/2023:11:10:55 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:11:13:14 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET /geoserver/web/ HTTP/1.1" 309
[12/May/2023:11:13:44 +0200] 65.49.20.69 TLSv1.2 AES256-SHA "GET /.git/config HTTP/1.1" 310
[12/May/2023:11:20:04 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[12/May/2023:11:46:12 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[12/May/2023:11:46:13 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /core/.env HTTP/1.1" 307
[12/May/2023:11:46:14 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web/.env HTTP/1.1" 307
[12/May/2023:11:46:16 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /app/.env HTTP/1.1" 307
[12/May/2023:11:46:17 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /laravel/.env HTTP/1.1" 309
[12/May/2023:11:46:18 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /crm/.env HTTP/1.1" 306
[12/May/2023:11:46:19 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /backend/.env HTTP/1.1" 310
[12/May/2023:11:46:20 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /local/.env HTTP/1.1" 308
[12/May/2023:11:46:21 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /application/.env HTTP/1.1" 312
[12/May/2023:11:46:22 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /admin/.env HTTP/1.1" 308
[12/May/2023:11:46:23 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /prod/.env HTTP/1.1" 307
[12/May/2023:11:46:24 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /api/.env HTTP/1.1" 307
[12/May/2023:11:46:25 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.aws/credentials HTTP/1.1" 311
[12/May/2023:11:46:26 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo HTTP/1.1" 307
[12/May/2023:11:46:27 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /_profiler/phpinfo HTTP/1.1" 313
[12/May/2023:11:46:28 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /phpinfo.php HTTP/1.1" 309
[12/May/2023:11:46:29 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /info.php HTTP/1.1" 307
[12/May/2023:11:46:30 +0200] 182.92.135.136 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[12/May/2023:13:00:00 +0200] 193.235.141.135 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[12/May/2023:13:02:36 +0200] 178.79.143.191 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[12/May/2023:13:22:38 +0200] 198.199.118.163 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[12/May/2023:14:15:29 +0200] 18.236.103.229 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 306
[12/May/2023:15:21:38 +0200] 198.199.103.192 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[12/May/2023:15:37:34 +0200] 198.199.113.7 TLSv1.2 AES256-SHA "GET /version HTTP/1.1" 305
[12/May/2023:15:43:57 +0200] 192.241.210.29 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:16:14:34 +0200] 198.199.117.207 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[12/May/2023:16:15:51 +0200] 162.243.136.18 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[12/May/2023:16:17:56 +0200] 107.170.242.13 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[12/May/2023:16:50:19 +0200] 193.118.53.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:16:59:12 +0200] 172.104.11.46 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:19:27:57 +0200] 104.131.179.93 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[12/May/2023:19:27:59 +0200] 104.131.179.93 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[12/May/2023:19:28:05 +0200] 104.131.179.93 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:19:28:06 +0200] 104.131.179.93 TLSv1.2 AES256-SHA "GET /t4 HTTP/1.1" 302
[12/May/2023:19:28:07 +0200] 104.131.179.93 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[12/May/2023:19:36:54 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[12/May/2023:20:19:18 +0200] 128.1.248.42 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:20:52:15 +0200] 205.210.31.240 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[12/May/2023:20:55:54 +0200] 185.180.143.190 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[12/May/2023:20:56:17 +0200] 185.180.143.190 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[12/May/2023:22:01:25 +0200] 15.235.33.21 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.0" 388
[12/May/2023:22:02:36 +0200] 217.146.87.251 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[12/May/2023:23:44:26 +0200] 104.168.236.227 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.ftpconfig HTTP/1.1" 404
[13/May/2023:00:14:09 +0200] 128.1.248.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[13/May/2023:00:50:17 +0200] 104.233.151.61 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.vscode/sftp.json HTTP/1.1" 411
[13/May/2023:01:12:50 +0200] 193.235.141.158 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[13/May/2023:01:38:34 +0200] 34.76.158.233 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301