[28/Jan/2023:01:08:25 +0100] 192.53.170.243 TLSv1.2 AES256-SHA "GET /owa/ HTTP/1.1" 304
[28/Jan/2023:01:08:28 +0100] 192.53.170.243 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell HTTP/1.1" 378
[28/Jan/2023:02:14:52 +0100] 167.248.133.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[28/Jan/2023:02:14:52 +0100] 167.248.133.61 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:02:14:53 +0100] 167.248.133.61 TLSv1.2 AES256-SHA "PRI * HTTP/2.0" 379
[28/Jan/2023:02:37:30 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /secret.env HTTP/1.1" 396
[28/Jan/2023:03:14:09 +0100] 185.180.143.7 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:04:11:59 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.env HTTP/1.1" 383
[28/Jan/2023:05:51:11 +0100] 205.210.31.154 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[28/Jan/2023:05:57:59 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /prod.env HTTP/1.1" 385
[28/Jan/2023:06:09:59 +0100] 205.210.31.51 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[28/Jan/2023:06:40:24 +0100] 205.210.31.164 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 394
[28/Jan/2023:07:17:41 +0100] 205.210.31.53 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 380
[28/Jan/2023:07:19:09 +0100] 192.241.213.67 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:08:05:08 +0100] 51.158.66.83 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[28/Jan/2023:08:58:13 +0100] 185.180.143.8 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:09:16:02 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dev.env HTTP/1.1" 393
[28/Jan/2023:09:16:51 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dev.env HTTP/1.1" 401
[28/Jan/2023:10:25:04 +0100] 4.184.57.28 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[28/Jan/2023:11:06:52 +0100] 194.110.203.38 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /common.yml HTTP/1.1" 404
[28/Jan/2023:11:12:22 +0100] 193.201.9.139 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com HTTP/1.1" 349
[28/Jan/2023:11:16:57 +0100] 74.82.47.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:11:26:13 +0100] 194.110.203.44 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /common.yml HTTP/1.1" 387
[28/Jan/2023:11:29:50 +0100] 74.82.47.5 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:11:47:20 +0100] 60.217.75.70 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:13:01:20 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /common.yaml HTTP/1.1" 405
[28/Jan/2023:13:04:27 +0100] 178.128.170.109 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[28/Jan/2023:14:12:37 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hosts.env HTTP/1.1" 386
[28/Jan/2023:14:15:24 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hosts.env HTTP/1.1" 403
[28/Jan/2023:14:24:50 +0100] 159.203.224.7 TLSv1.2 AES256-SHA "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 328
[28/Jan/2023:15:13:54 +0100] 40.118.212.119 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383
[28/Jan/2023:15:44:02 +0100] 194.110.203.42 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hosts.yml HTTP/1.1" 386
[28/Jan/2023:15:52:36 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hosts.yml HTTP/1.1" 395
[28/Jan/2023:15:54:35 +0100] 194.110.203.41 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hosts.yml HTTP/1.1" 403
[28/Jan/2023:16:12:01 +0100] 87.236.176.240 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[28/Jan/2023:17:51:20 +0100] 194.110.203.45 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /hosts.yaml HTTP/1.1" 396
[28/Jan/2023:19:04:48 +0100] 205.210.31.12 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 393
[28/Jan/2023:19:18:16 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /dns-query HTTP/1.1" 392
[28/Jan/2023:19:18:18 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /dns-query?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 433
[28/Jan/2023:19:18:19 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST / HTTP/1.1" 383
[28/Jan/2023:19:18:20 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 424
[28/Jan/2023:19:18:21 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /resolve HTTP/1.1" 390
[28/Jan/2023:19:18:23 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /resolve?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 431
[28/Jan/2023:19:18:24 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /doh HTTP/1.1" 386
[28/Jan/2023:19:18:26 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /doh?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 427
[28/Jan/2023:19:18:27 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /doh/family-filter HTTP/1.1" 400
[28/Jan/2023:19:18:28 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /doh/family-filter?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 441
[28/Jan/2023:19:18:29 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /doh/secure-filter HTTP/1.1" 400
[28/Jan/2023:19:18:30 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /doh/secure-filter?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 441
[28/Jan/2023:19:18:32 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /query HTTP/1.1" 388
[28/Jan/2023:19:18:33 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /query?dns=DUIBAAABAAAAAAAABWJhaWR1A2NvbQAAAQAB HTTP/1.1" 429
[28/Jan/2023:19:18:34 +0100] 43.129.201.102 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "POST /ads HTTP/1.1" 386
[28/Jan/2023:19:27:08 +0100] 192.241.193.104 TLSv1.2 AES256-SHA "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 335
[28/Jan/2023:19:35:51 +0100] 194.110.203.46 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web.yml HTTP/1.1" 393
[28/Jan/2023:19:47:06 +0100] 205.210.31.177 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 383
[28/Jan/2023:21:05:52 +0100] 194.110.203.47 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /web.yaml HTTP/1.1" 394
[28/Jan/2023:21:13:42 +0100] 192.241.222.31 TLSv1.2 AES256-SHA "GET /actuator/health HTTP/1.1" 310
[28/Jan/2023:21:25:37 +0100] 146.88.240.11 TLSv1.2 AES256-SHA "-" -
[28/Jan/2023:22:43:49 +0100] 35.91.102.182 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 307
[28/Jan/2023:23:11:33 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.env HTTP/1.1" 383
[28/Jan/2023:23:21:23 +0100] 194.110.203.40 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET /db.env HTTP/1.1" 400
[28/Jan/2023:23:21:48 +0100] 163.172.148.199 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 385
[28/Jan/2023:23:28:46 +0100] 207.154.194.102 TLSv1.2 AES256-SHA "GET /ab2g HTTP/1.1" 304
[28/Jan/2023:23:28:47 +0100] 207.154.194.102 TLSv1.2 AES256-SHA "GET /ab2h HTTP/1.1" 304
[28/Jan/2023:23:28:48 +0100] 207.154.194.102 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 301
[29/Jan/2023:00:37:10 +0100] 34.76.96.55 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 "GET / HTTP/1.1" 301
[29/Jan/2023:00:49:12 +0100] 103.203.59.1 TLSv1.2 AES256-SHA "GET / HTTP/1.1" 383