smoke@DESKTOP-AQPLHUF:/mnt/c/Windows/System32$ openssl s_client -connect simple.example.com.:443
CONNECTED(00000003)
140558784415040:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 303 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
smoke@DESKTOP-AQPLHUF:/mnt/c/Windows/System32$ openssl s_client -connect [simple.example.com](http://simple.example.com):443 -tls1_2
CONNECTED(00000003)
140684665804096:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 208 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1693061954
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
server {
listen 80;
server_name simple.example.com/;
# location /.well-known/acme-challenge/ {
# root /var/www/certbot;
# }
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name simple.example.com;
ssl_certificate /etc/letsencrypt/live/simple.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/simple.example.com/privkey.pem;
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/access.log;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location / {
proxy_pass http://web:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /static/ {
alias /var/www/static/;
error_log /var/log/nginx/static_errors.log;
}
}
docker-compose.yml :
version: '3.10'
services:
web:
build: .
env_file:
- qrc/.env
volumes:
- static_data:/app/static
ports:
- "8000:8000"
nginx:
image: nginx:latest
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf
- static_data:/var/www/static
- ./data/certbot/www:/var/www/certbot
- ./data/certbot/conf:/etc/letsencrypt
depends_on:
- web
certbot:
image: certbot/certbot:v1.17.0
depends_on:
- nginx
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
command: certbot renew --quiet --no-self-upgrade
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
volumes:
static_data:
nginx_config:
letsencrypt_data:
qrc-django-nginx-1 | - - [26/Aug/2023:15:14:18 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x80\xA0-\x1B\xB9=\xEF\xCC\xDE\x18\xDF\x8E~2\xAC,\x5CO\xE3\xE7`\x9B\x99me\xFB\xF5:fg\xCDD C.\xAB\xBC\xDE?\x05\xF0\x84@u\xF3\xB8\xF2\xA0\xD3J\x1B\xD0\x8F<R\x9E\xE1J\xA8\xA9%S\x1A\x11s\x00 \x8A\x8A\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93\xAA\xAA\x00\x00\x00\x12\x00\x00\x00\x0B\x00\x02\x01\x00\x00\x05\x00\x05\x01\x00\x00\x00\x00\xFF\x01\x00\x01\x00\x00" 400 157 "-" "-" "-"
qrc-django-nginx-1 | - - [26/Aug/2023:15:14:18 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x031G\x8D\x12\xCA\xB0\x0FV\x8Ej6X\xD4\x03q\xF6,\xEF\xF8\xA800\xA6D\xF7)\xF2\xE3\xAC\xCBDc R\xBA\x06\xC9\x9F>\xFE\x06\x86\xC2\x10\xA7\xE09\x06\x1E\xA0\x87m\x9D W-\x8D\xD1\x7F\xC7\x9E:?\xB7\xD0\x00 \xDA\xDA\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93\xDA\xDA\x00\x00\x00" 400 157 "-" "-" "-"
qrc-django-nginx-1 | - - [26/Aug/2023:15:14:18 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xCC\xF0\x1D|.\xF0\x0E_\xB8ht\x14\xAD\xBC\xDD\xCC%?-\xEAE\x9C\x03\xB7/\xD9\x81\x8By\x0BX\xED \x95mtaA\xEA\xD9Y\xEFnY\xDC\x09v\xF5 \x90\xE2\xE7c\xBD\xAF\xADt[\xCC\x9F\x05)S\xCD\x8E\x00 \xCA\xCA\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93zz\x00\x00\x00\x00\x00\x10\x00\x0E\x00\x00\x0Bqrcp.lvi.kz\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00+\x00\x07\x06\xCA\xCA\x03\x04\x03\x03\x00\x10\x00\x0E\x00\x0C\x02h2\x08http/1.1\x003\x00+\x00)JJ\x00\x01\x00\x00\x1D\x00 \xD0as\x0C,V\x95\xA4\x9AD\xE4*g\x0EC\xE0\x8F\x9C\x91\x5C\x8C\xA2\xCCE\xA6O\xE4\xE3'\x07\x14k\x00-\x00\x02\x01\x01\x00\x12\x00\x00\x00#\x00\x00\x00\x17\x00\x00\x00" 400 157 "-" "-" "-"
qrc-django-nginx-1 | - - [26/Aug/2023:15:14:18 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x09\xA9\xD2:~&\xFA\x06\xEA\x98\xEB\xA4\x1Fj7\xF9\xC6T#(\x9Bi\x10\x99\xD5\x90q\x96e]\xA4\xD6 R\x8D\xD3\xBE\xCD\x80\xC2\x9CR\x87\x96\xBE\xB1\xBB\x0C\xC4\xD8D\xD6dZ\xD1\x9A\xB4\x87\xADE\xCE\x93\xFC\xF5\x08\x00 \x9A\x9A\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93JJ\x00\x00\x00\x0B\x00\x02\x01\x00\x00+\x00\x07\x06\x8A\x8A\x03\x04\x03\x03\x00\x10\x00\x0E\x00\x0C\x02h2\x08http/1.1\x00" 400 157 "-" "-" "-"
9peppe
August 26, 2023, 3:25pm
2
This is a mess.
Please use this button in the post editing toolbar accordingly:
3 Likes
Sorry..
9peppe
August 26, 2023, 3:39pm
4
I know these are letters. I have some idea where they come from. I don't recognize the language.
remove /
SmokeDev:
ports:
- "8000:8000"
This isn't a problem but nginx doesn't need it.
I recognize this, I don't particularly like it. If it works, don't touch it.
have you tried removing the dot . before the colon : ?
This usually happens when you expect https but get http unencrypted.
4 Likes
Sorry..smoke@DESKTOP-AQPLHUF:/mnt/c/Windows/System32$ openssl s_client -connect simple.example.com:443
CONNECTED(00000003)
140251370038592:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 303 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
9peppe
August 26, 2023, 3:52pm
6
Ok, I did miss this.
Where does it come from?
Have a look here and replace those lines: https://ssl-config.mozilla.org/
4 Likes
rg305
August 26, 2023, 4:27pm
7
I'm leaning that way too.
2 Likes
rg305
August 26, 2023, 4:33pm
8
Those letters come to us from Matushka Rossiya .
3 Likes
9peppe
August 26, 2023, 4:40pm
9
Port mappings look fine. I'm suspecting not enough ciphers.
(It's a pretty widely used script. That I don't know)
3 Likes
rg305
August 26, 2023, 4:49pm
11
Does "nginx -t" complain about anything?nginx -T
Also, what show?:curl -Ii http://simple.example.com:80/curl -Ii http://simple.example.com:443/
3 Likes
root@SRV-I:/home/smokedev/python_project/qrc-django# docker exec -it qrc-django-nginx-1 nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/nginx/conf.d/default.conf:
server {
listen 80;
server_name qrcp.lvi.kz www.qrcp.lvi.kz;
location ~ /.well-known/acme-challenge/ {
allow all; # Добавляем эту строку
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name qrcp.lvi.kz www.qrcp.lvi.kz;
ssl_certificate /etc/letsencrypt/live/qrcp.lvi.kz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/qrcp.lvi.kz/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://web:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /static/ {
alias /var/www/static/;
error_log /var/log/nginx/static_errors.log;
}
location ~ /.well-known/acme-challenge/ {
allow all; # Добавляем эту строку
root /var/www/certbot;
}
}
# configuration file /etc/letsencrypt/options-ssl-nginx.conf:
# This file contains important security parameters. If you modify this file
# manually, Certbot will be unable to automatically provide future security
# updates. Instead, Certbot will print and log an error message with a path to
# the up-to-date file that you will need to refer to when manually updating
# this file. Contents are based on https://ssl-config.mozilla.org
ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
rg305
August 31, 2023, 12:38pm
14
I think the ~ is not doing what you expect:
curl -Ii www.qrcp.lvi.kz/.well-known/acem-challenge/Test_File-1234
HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.2
Date: Thu, 31 Aug 2023 12:35:11 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.qrcp.lvi.kz/.well-known/acem-challenge/Test_File-1234
I'd try using:location /.well-known/acme-challenge {location ^~ /.well-known/acme-challenge/ {
4 Likes
There seems to be no problem with obtaining a certificate, but as soon as I try to go to Войти | Административный сайт Django , I get in response:
Attaching to qrc-django-certbot-1, qrc-django-nginx-1, qrc-django-web-1http://0.0.0.0:8000 (1)\x83\x9D\x006@\xF5\x90\x1F \xD1)yTf\xA0RMkx\xBA{q\x22\xF86j\xA4vB\x96&\xFE\xE9\x0F\xF5\xA2\xF9\xA4\xB0sF\x00&\xCC\xA9\xCC\xA8\xC0+\xC0/\xC0,\xC00\xC0\x09\xC0\x13\xC0" 400 157 "-" "-" "-" qrc-django-nginx-1 | 91.213.50.8 - - [31/Aug/2023:13:06:41 +0000] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2; rv:10.0.1) Gecko/20100101 Firefox/10.0.1" "-" qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:07:53 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xB4\x9Ad\xE4\xA4\xFB\x80PS\xD6\x82Q\x80\xEEl;\x8A\x12\x00\x97^\x95A\xF6\x83IE\x88\x0Ft&\x90 \xFF\x14\xF5n?>\xE3" 400 157 "-" "-" "-" qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:07:53 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xC8Y\xC1\x85Gi$" 400 157 "-" "-" "-" qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:07:53 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x1A5IS\xD2\x9E\xD5fc^+\xB3\x04\x9B\xE0\xDCu\x13\xF7\x96\x17\x1A\xBC2+\x9Fa<!\x1D9( C\x5C\xB9\xD8*\xB6\xD0\xECf\x9B\x9Duw\xDD\xA0,\x0B\xB8V\xF3#!\x14\x22'Y\xA7\xD6\xB7\xA5\xB7\xB6\x00 \x9A\x9A\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93**\x00\x00\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00+\x00\x07\x06\x1A\x1A\x03\x04\x03\x03\x00\x10\x00\x0E\x00\x0C\x02h2\x08http/1.1\x00\x17\x00\x00\x00\x0B\x00\x02\x01\x00Di\x00\x05\x00\x03\x02h2\xFF\x01\x00\x01\x00\x00\x00\x00\x10\x00\x0E\x00\x00\x0Bqrcp.lvi.kz\x003\x00+\x00)\xCA\xCA\x00\x01\x00\x00\x1D\x00 \x0E\xB5\xA7\xBD\xCE\x93\xEC\x91=\x13q\x9A\xBF\xE4\xFD\x8E\x05H|\x8F\x22\xD3\xFC\xF5+\x08\xC2H\x1A\xDE\x92v\x00\x1B\x00\x03\x02\x00\x02\x00" 400 157 "-" "-" "-" qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:07:53 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03j&\xE3R\xAEm\xF3\xAA\x8A\x8B(RD\x995\x93}\xA4\x8D%\xD8\x16s\xD7O~!\xD8\x19\xCB\xDF G\xAE\xCDi9\xED\x16]j\x07O\x12l\x15T\x83/\xA9\x19&B\x1CG\xD5:Q)\xFB\xB1\xBCX>\x00 \xDA\xDA\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93\x1A\x1A\x00\x00\x00\x10\x00\x0E\x00\x0C\x02h2\x08http/1.1\x00+\x00\x07\x06ZZ\x03\x04\x03\x03\x00-\x00\x02\x01\x01\x00" 400 157 "-" "-" "-"
rg305
August 31, 2023, 1:14pm
16
Whatever is at /admin may have been compromised.
2 Likes
I don’t quite understand, to be honest, I have something with django?
rg305
August 31, 2023, 1:33pm
18
I wouldn't know anything about your system more than you have shown - which looks very weird to me.
3 Likes
rg305
August 31, 2023, 1:35pm
19
It looks like port 443 is plain text:
curl -Ii https://qrcp.lvi.kz/admin
curl: (35) error:0A00010B:SSL routines::wrong version number
curl -Ii http://qrcp.lvi.kz:443/admin
HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.2
Date: Thu, 31 Aug 2023 13:34:28 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://qrcp.lvi.kz/admin
2 Likes
On the local network everything works:
qrc-django-nginx-1 | 17.58.58.7 - - [31/Aug/2023:13:26:16 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03\xF4\xC9k\x17\xBE\xF6'\x00\xB9z\xF9\xD4\xDA\xCD\xCE\x89\xC0\xC7w8G\xEB\xD7\x8E\x89\xF2\xE4\x06\xBB\xF3$\x84\x00\x00\x5C\xC0,\xC0+\xCC\xA9\xC00\xCC\xA8\xC0/\x00\x9F\xCC\xAA\x00\xA3\x00\x9E\x00\xA2\xC0$\xC0(\xC0#\xC0'\x00k\x00j\x00g\x00@\xC0.\xC02\xC0-\xC01\xC0&\xC0*\xC0%\xC0)\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 17.58.58.20 - - [31/Aug/2023:13:26:17 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03\x01\x9Cl\x0Bze\xFDYy\x88\x7F\x17\xE0\x19\x11`.\xFE\xD4\x93\x16\xB9o\x11\x05\xC0/\x14E\xD6-\xCE\x00\x00\x5C\xC0,\xC0+\xCC\xA9\xC00\xCC\xA8\xC0/\x00\x9F\xCC\xAA\x00\xA3\x00\x9E\x00\xA2\xC0$\xC0(\xC0#\xC0'\x00k\x00j\x00g\x00@\xC0.\xC02\xC0-\xC01\xC0&\xC0*\xC0%\xC0)\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 71.6.134.233 - - [31/Aug/2023:13:28:22 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:54 +0000] "GET /api/v1/work_time/date/2023-07-18/ HTTP/1.1" 200 6894 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:55 +0000] "GET /static/rest_framework/css/bootstrap.min.css HTTP/1.1" 200 121457 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:55 +0000] "GET /static/rest_framework/css/prettify.css HTTP/1.1" 200 817 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/css/bootstrap-tweaks.css HTTP/1.1" 200 3385 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/css/default.css HTTP/1.1" 200 1152 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/js/default.js HTTP/1.1" 200 1268 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/js/ajax-form.js HTTP/1.1" 200 3597 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/js/prettify-min.js HTTP/1.1" 200 13632 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/js/jquery-3.5.1.min.js HTTP/1.1" 200 89476 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/js/csrf.js HTTP/1.1" 200 1719 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/js/bootstrap.min.js HTTP/1.1" 200 39680 "https://srv-i/api/v1/work_time/date/2023-07-18/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/img/grid.png HTTP/1.1" 200 1458 "https://srv-i/static/rest_framework/css/bootstrap-tweaks.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:31:56 +0000] "GET /static/rest_framework/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1" 200 18028 "https://srv-i/static/rest_framework/css/bootstrap.min.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:32:08 +0000] "GET /admin/api/worktime/ HTTP/1.1" 200 17325 "https://srv-i/admin/api/entryemployee/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:32:09 +0000] "GET /static/admin/css/changelists.css HTTP/1.1" 200 6584 "https://srv-i/admin/api/worktime/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 10.5.91.201 - - [31/Aug/2023:13:32:09 +0000] "GET /admin/jsi18n/ HTTP/1.1" 200 16066 "https://srv-i/admin/api/worktime/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-"
qrc-django-nginx-1 | 107.178.239.213 - - [31/Aug/2023:13:33:51 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xA4k'\x0FJ\xBD\x90\xA2\xD6Pb\xE8]4\x0F\xE5\x86t\x14\x9Dj\x9F\xA2\xEC2$\x84I\xCE2\xC6: \xA2uh\x85\xE97\x8Ay\xD1\xD1fv\xF4\x09y\xDC\x0C\xFE\xB6f\xB9s\x91\x86\xD0\x0C\x1B\xE9\x0C\xAB^\x87\x00V\x13\x02\x13\x03\x13\x01\xC0,\xC00\xC0+\xC0/\xCC\xA9\xCC\xA8\x00\x9F\x00\x9E\xCC\xAA\xC0\xAF\xC0\xAD\xC0\xAE\xC0\xAC\xC0$\xC0(\xC0#\xC0'\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 18.217.35.150 - - [31/Aug/2023:13:33:52 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x11~\x84D\xF4\x8D\xFA>\xC4\xB7pL1\xDD\xB5\xF6lHT\xA4\x06Bs\xD8" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 35.89.218.234 - - [31/Aug/2023:13:33:52 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xE6\xF1t\xFD\x8C\x0E\x1E\x9B\xE9\xED\x0E\xEA\xBD]\x83X\xB0`\x12\xF5\xEA\x92\xE4+}\x16u\x9E\xA8Ox\xB8 \x859Zv\x93Ty\x05\xC0:\xD3\xB2[m\xF3\x9F3\x9E\xF0B\xF3+\xED\x9D\xF5\xDD4\xE7\x99\xCB\x16\xAB\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 54.188.178.177 - - [31/Aug/2023:13:33:52 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xF1%vs\xBD\xB5\x0FMe1\x94H!\xC0^i\xED\xEE\xF85\x82\x87\x94\x99l9\xDF%o\x934\x83 \x96K\xB8\xD9\x94\xCB{\xB8\xCFd\xD7Q\xA2\xD8K\x09r\xF4\xBB<\xE1\x17f\xC9t\xAC\xC6F\xF6v\x0E\xDC\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 179.43.182.232 - - [31/Aug/2023:13:33:52 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03O\xC6gU\x8D@\x08\xFEG\xB5\xE5+\xD1\x01e\x19P\xEF\xDD\x0C_C\x22`\x90\xA5\x82\xE9\x8FE\x96\xBA \x14x\x09\x8E\xA87a\x1DH\x19v\xBB\xE3?\x0F\x95\xCA\x14\x00]" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 75.51.0.154 - - [31/Aug/2023:13:34:10 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03^1\xD3\xDD\xD89\xB4\xB6W\x1B\x05/6C \x80\xD2\x9E\x0B\x121i\x9BJ\xFB\xC0\x13\xC32\x15\x10\x9B h\xF3\x9C\x92\x02\xF5.\xE0\x82\xB8h\x1F\x9E\xEE\xC3\x0F\xF3w\x18?\xB3\xB4_6\xBC\x8A8B*\x04w7\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 75.51.0.154 - - [31/Aug/2023:13:34:28 +0000] "HEAD /admin HTTP/1.1" 301 0 "-" "curl/7.81.0" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:34 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xB1n\xDD\xC2\xD1\x87\xA9\xA7\x84\xDC!\xCE;w\xFB\x83D\x83\x124\xD5\xB9%\xBC\xAD\xAB\x8E\x01\xE3\xA3\x80. *Y\xDE5\xF5\xCE\xC1\x1A\xDC\x90*\x14\xE6\xC8" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:35 +0000] "\x16\x03\x03\x01\xA4\x01\x00\x01\xA0\x03\x03\x04+\xC5\xA5\xE2\x1C\x98{\x02\x1B=y\xD6\x06^A\xBEH\xB3n\xC6js\xA2\xEC\x1A\x22B\x22\xA8c( \x13\x83Kwj\xA1-K\x14\xC0\x18\x8C\x83\x02K\xC3\x84\xB6RC\xFCK\xDB\xF4*q\xDF\x8B\xC2z\xCF#\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:35 +0000] "\x16\x03\x03\x01\xA4\x01\x00\x01\xA0\x03\x03\xBE\xF5\x9C\xB09\xF4{\xF9G\x97\x7FH\xBA\x98%3\xBD\xFCL\xF2\xA5~\xFDd\x84\xFA\xABG\xC4\x97>3 \xD0\x7FS\x8A\xC3\xEF\x03\x17\xE1%fo\x96N\xA3\xFE\xEF\x0B\xE7\xFC1A\xDE\x16\x01\x08\xCD\x90\xEDN\x10\x8E\x00\x8A\x00\x05\x00\x04\x00\x07\x00\xC0\x00\x84\x00\xBA\x00A\x00\x9D\xC0\xA1\xC0\x9D\x00=\x005\x00\x9C\xC0\xA0\xC0\x9C\x00<\x00/\x00" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:35 +0000] "\x16\x03\x03\x01U\x01\x00\x01Q\x03\x03\xB3J\x88\xAD\xE5\xEE\x8B]\xA5\x1F\xCE\x82\xCC'/\xAA\xAB0\xB2ng\xFE\xBF\x9C\xB3\xCCph\x85z\xB8\x9E \xD8G\xB0k\xB4\xA1\xD6\x99W9\x0E\x07ih\x00\xE7E\x94\xCC\x1B\xE8#\x99^\xA6Sx\xDC\xC2\xE1~a\x00F\xC0\x12\xC0\x07\xCC\x14\x13\x01\x13\x02\xCC\xA9\xC0s\xC0r\xC0,\xC0\xAF\xC0\xAD\xC0$\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:36 +0000] "\x16\x03\x03\x01G\x01\x00\x01C\x03\x03\xBF<\xEA\x02\xDC#\x0Fn{)" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:36 +0000] "\x16\x03\x03\x01\x98\x01\x00\x01\x94\x03\x03`\x0C\xA6\xF4\x01t\xDC\xD1\xBC\x11\xC7\xCA\xE3\xCC\xF1\xB6\xC7\xBD~\xAE\x0B}\x9D\xE8\x93\xF9gJ\xCB\xE7\xFC@ \xF9g\x0EJK\xBC\xFEZ_z,\x82~\xC6\x80\x84{\x0C\xDB\x87\xE1\xB7\x18\xFD\x19?e7\x90f!\xCE\x00\x8C" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:36 +0000] "\x16\x03\x02\x01\x99\x01\x00\x01\x95\x03\x02\x9D\xE8\xC7\xB1.\xE3\xE4\xE1y\x07\xA2\x95$\x85\x03\x8BO\xA9h\x92\x9A\x9Aj\x80j\x8D\x81\x96\xE5\x93\xAF\x1B \xCC\x841 \x1A" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:37 +0000] "\x16\x03\x01\x01\xA6\x01\x00\x01\xA2\x03\x03\xD6\x98x\xD3\xBE5m\x9D\x85o\xCF\xAF\xF9i\x90\xE5\xE3\xCAx\xDB+\xC2\xAF\x1E@F6\x9E\xDA\x9B\xD3\x15 \x99\xDB#\x22\xA1\xAC\xE3\x1A\xD7\x05\x16B6\xD9\xFE\xD0\xAD\xD2\xA8b\x95\xEE*\xF4\xA2\xAD\xA6\x97@+*\x90\x00\x8A\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:37 +0000] "\x16\x03\x01\x01\xA6\x01\x00\x01\xA2\x03\x03\xFF\xB1\xBF\xAF\xD5X~\xE8\x8C_\xEF5\x12\xE1\xE4\xB2]V~\xD1\xB5Pj\xB8\xA2\xAC\xF6#N\x7F\xEEX yi\xAAd\x0F\x09\x18\x14\xBF\xC4\x12Q%\xA4Y\xDB\x91\x96\x8C3\xE7\x16}!(\x88b\x1A\xB8%\x97\xF0\x00\x8A\x00\x05\x00\x04\x00\x07\x00\xC0\x00\x84\x00\xBA\x00A\x00\x9D\xC0\xA1\xC0\x9D\x00=\x005\x00\x9C\xC0\xA0\xC0\x9C\x00<\x00/\x00" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:38 +0000] "\x16\x03\x01\x01\x9C\x01\x00\x01\x98\x03\x03\x81\x16\x914\x07\xEA\x1A9\xD0\xCB\xFA\xD7\x0F~\xCE\x7F\x062\xEC\xC0\xF3\x0F7%G\x1E\xBC]v<\x8D\xAF \xD7Y\xD5\xA2\xAD\x0B\x934\xE6nZ\x90\xE6xzUP\xBA\xC5\xF9\x7F\xE3(\x1B\xA9\x99\x9D\x986_\xF7\xEC\x00\x80\x00\x16\x003\x00g\xC0\x9E\xC0\xA2\x00\x9E\x009\x00k\xC0\x9F\xC0\xA3\x00\x9F\x00E\x00\xBE\x00\x88\x00\xC4\x00\x9A\xC0\x08\xC0\x09\xC0#\xC0\xAC\xC0\xAE\xC0+\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 107.178.200.231 - - [31/Aug/2023:13:34:38 +0000] "\x16\x03\x01\x01\xB3\x01\x00\x01\xAF\x03\x03\x10\xB0\xAB\xA4\x83\x93eWf\xD5\x1A\xB4\x02\xD4\xDE>:?B\xAA\xF5\x22\xBA\x8B\xC3\x1A\xDD\xB2\xFCT\xCDv \xCBm\xAC\x87" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 75.51.0.154 - - [31/Aug/2023:13:35:32 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03aJ\xF8\x5CTQ\xEA\xDE\x0C|\xFB\x03\xC0@\x08\xD6\xA4z\xEC\x0CX\xECK\xE5\x02\x11:\x85\x83\xD5\x17' \xCF\x00\x8A\xB5\x8F\xF4\x90A_\xB3\xEA*G\xB6\xB9#\xC1\xE9\x99gv\x02\xF5\xE4:\xE1s\xBCh\x1C(\xB7\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 75.51.0.154 - - [31/Aug/2023:13:35:41 +0000] "GET /admin HTTP/1.1" 301 169 "-" "curl/7.81.0" "-"
qrc-django-nginx-1 | 17.58.58.22 - - [31/Aug/2023:13:35:58 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03\x05\xE6\xC9\xC8R\xF2\x8D3\xCB\xB9\x123\x17\x97\xE5\x8C\x93\xEE" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 17.58.58.24 - - [31/Aug/2023:13:36:13 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03\xC9\x01?\x85'\xCCZ\x8CT|\x8C\x99\x14\x07\xF9\x0F\x10\x0B\xD0\x95\xF9\x88\x1D6\x97\xF5\x8BB\xA2\xFA4B\x00\x00\x5C\xC0,\xC0+\xCC\xA9\xC00\xCC\xA8\xC0/\x00\x9F\xCC\xAA\x00\xA3\x00\x9E\x00\xA2\xC0$\xC0(\xC0#\xC0'\x00k\x00j\x00g\x00@\xC0.\xC02\xC0-\xC01\xC0&\xC0*\xC0%\xC0)\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 17.58.58.22 - - [31/Aug/2023:13:36:30 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03\xA5\xF6\xDCmd\xFC\xDAhJ\xE2(\xB4\xD3\xD4X\x95\x96" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 3.235.183.20 - - [31/Aug/2023:13:36:37 +0000] "GET /admin HTTP/1.1" 301 169 "-" "Slackbot-LinkExpanding 1.0 (+https://api.slack.com/robots)" "-"
qrc-django-nginx-1 | 44.204.204.189 - - [31/Aug/2023:13:36:38 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xEB\x92@|\xAF\x87\xAF\x8Co\xA7\xA0B\x1C\xE4\x09\xC7\xF9X}\xFE\x1B\xAA\x96''^B\xB8\xE6-\x1Ce 6{\x97\x00\xA9\xB7$r" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 3.236.51.12 - - [31/Aug/2023:13:36:38 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x14-v\x9B\xCB\xE7\xB17\x8B\xB3\xF70f\xC7\xA8\x8DF?|\xE6~|\x91\xFD\xE8E\x86e\xD0\xB3\x95\xAB =@D\xF9B<\x1E/\x09\xAE\x95\x87\x7Fqo\x91\x83],\xCE\x84" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 3.239.98.57 - - [31/Aug/2023:13:36:38 +0000] "GET /admin HTTP/1.1" 301 169 "-" "Slackbot-LinkExpanding 1.0 (+https://api.slack.com/robots)" "-"
qrc-django-nginx-1 | 3.85.224.145 - - [31/Aug/2023:13:36:39 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03`\xB5\xAC\x9A\xE2\xF6^%\xF0\x98\xED\x88\xBD\x86\x11B\x1A\xE4\x98\xDF\xE4J\x96\xF3\x09\x8FOA\xED\x97\xA9\x1D ?&\x1D\xFD\xB2\x95\x05\x1E\x94K\x8F\xF0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 5.190.146.13 - - [31/Aug/2023:13:37:27 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7" "-"
qrc-django-nginx-1 | 17.58.58.7 - - [31/Aug/2023:13:38:10 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03j\xA6\xFA\x13pO \xD1\xC1)\xAD\x07\x90\x90\xAE\xD05\xE3Hr8\xED\xA5\xA9\x87S\x15\x22x\xEC8\x89\x00\x00\x5C\xC0,\xC0+\xCC\xA9\xC00\xCC\xA8\xC0/\x00\x9F\xCC\xAA\x00\xA3\x00\x9E\x00\xA2\xC0$\xC0(\xC0#\xC0'\x00k\x00j\x00g\x00@\xC0.\xC02\xC0-\xC01\xC0&\xC0*\xC0%\xC0)\xC0" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:38:54 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03(f\xB8)}\xCBcI1T\x99\xB6d|\xF4e\xFF\x18\xAC\xF4\xB7\xB6\xDCNWC\x02M3x\xFD\xBF w38p\xA7\xBD\xE3\xEAt\xE9\x18\xD3\x09H\xACL)D\xE8\xA1L\xF4\xBF\x1A\xF2\xCBY\xA0\xD9vI" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:38:54 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xFF}'\xA1\x18\xE1ods1\xA0}j\xF6\x87\xB8\x13^*!W\xACq\x08\x12<>\x964\x87bf V\x98\xA3s\x0FyO\xC0\xDEsTy\xC2\xED\xDF\xB9M\x16\xFC\xC1\xBE\xC3" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:38:54 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xFC\xCDu@\xBFSbG\xEEg\x05\x87xG3\x05v\xDB\xDCjBM\x09\xAA\x1BzSf~\xAA(\x91 \xBB\xCB\xAD-\x11S\xA0\xA0\xCC:\x89\xA6\xE6p\x9D\xEB\x01\xD0\x92\xF7\x1C[\xA8\xD6\xE5\xBE\x8AV\xD1\x1B\x1Cn\x00 \xEA\xEA\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93\xEA\xEA\x00\x00\x00\x10\x00\x0E\x00\x0C\x02h2\x08http/1.1\x00+\x00\x07\x06\xEA\xEA\x03\x04\x03\x03\x00\x17\x00\x00\x00#\x00\x00\x00" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:38:54 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03r\xC1" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:38:54 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x89\x9B|\x8Ej\x91t\x9DG\x18\x8E\xA6\xCBj\xE9&\xA6SH\xD3\x90\xFE\xCD\xF5\x07\x12\xD7\x80" 400 157 "-" "-" "-"
qrc-django-nginx-1 | 178.89.93.228 - - [31/Aug/2023:13:38:54 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xB0\xF8\x16b\xC85\xBF\xFCi\xC5jD\x11Y2\x9B\x0B\xA3\x14\x0E\x93\x85\x0B\xA4\xE5\xDF\xD2eTH\xE5\xCE q\x1E\xBC\x8B\x9AO\xD8\xC0\xEB\x80\xAD\x9F\xC0\xAC\x16-\xBEr\x09U-\x22\xFE\xFE\xBB\xB8\x07\x91\x88a\x1D\x9F\x00 \x1A\x1A\x13\x01\x13\x02\x13\x03\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x13\xC0\x14\x00\x9C\x00\x9D\x00/\x005\x01\x00\x01\x93\xBA\xBA\x00\x00\x00\x10\x00\x0E\x00\x0C\x02h2\x08http/1.1\x00\x0B\x00\x02\x01\x00\x003\x00+\x00)\x1A\x1A\x00\x01\x00\x00\x1D\x00 x^\xF0\xB0\xC5\xB3h!\x8C\xFCY\x90\xDE\x87\x90U=\xD7x\xA5\xB7\x1D\x99\x1Ef\x8C\xCA4\xE0:h\x14Di\x00\x05\x00\x03\x02h2\xFF\x01\x00\x01\x00\x00-\x00\x02\x01\x01\x00" 400 157 "-" "-" "-"
rg305
August 31, 2023, 1:46pm
21
SmokeDev:
qrc-django-nginx-1 | 17.58.58.7 - - [31/Aug/2023:13:26:16 +0000] "\x16\x03\x03\x016\x01\x00\x012\x03\x03\xF4\xC9k\x17\xBE\xF6'\x00\xB9z\xF9\xD4\xDA\xCD\xCE\x89\xC0\xC7w8G\xEB\xD7\x8E\x89\xF2\xE4\x06\xBB\xF3$\x84\x00\x00\x5C\xC0,\xC0+\xCC\xA9\xC00\xCC\xA8\xC0/\x00\x9F\xCC\xAA\x00\xA3\x00\x9E\x00\xA2\xC0$\xC0(\xC0#\xC0'\x00k\x00j\x00g\x00@\xC0.\xC02\xC0-\xC01\xC0&\xC0*\xC0%\xC0)\xC0" 400 157 "-" "-" "-"
That is not "working".
3 Likes
