Sorry, I did not find any explanation regarding raw access log entry format. Normally, I see all entries showing the ip the access is from. This seemed to change a couple of days ago, so I started seeing entries such as the IP with dashes rather than dots, combined with the host name, or things like "placeholder.sitelock.com" with no ip information, and some that are even more obscure. Sometimes I can get a dns ip from abuseipdb.com, sometimes I cannot. Is there are parameter somewhere that can be set so that every entry shows the ip? The change occurred with respect to my own access -- sometimes my ip is shown, sometimes with dashes and showing the company that provides my internet access.