Linux server218.web-hosting.com 4.18.0-513.18.1.lve.el8.x86_64 #1 SMP Thu Feb 22 12:55:50 UTC 2024 x86_64
LiteSpeed
Server IP : 198.54.116.163 & Your IP : 216.73.216.49
Domains :
Cant Read [ /etc/named.conf ]
User : juloluaq
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
local /
apache /
domlogs /
juloluaq /
Delete
Unzip
Name
Size
Permission
Date
Action
aishanews.zimelnews.com
0
B
-rw-r-----
2025-11-17 12:08
aishanews.zimelnews.com-ssl_log
0
B
-rw-r-----
2025-11-16 12:06
whatcricketcom.zimelnews.com
165.64
KB
-rw-r-----
2025-11-25 08:23
whatcricketcom.zimelnews.com-ssl_log
359.38
KB
-rw-r-----
2025-11-25 08:23
zimelnews.com
141.86
KB
-rw-r-----
2025-11-25 08:23
zimelnews.com-ssl_log
10.89
MB
-rw-r-----
2025-11-25 08:38
Save
Rename
23.234.84.67 - - [24/Nov/2025:07:40:20 -0500] "GET /?s=/index/%5Cthink%5CContainer/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.1229.135 Safari/537.36" 23.234.84.67 - - [24/Nov/2025:07:40:19 -0500] "GET /?s=../%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.1754.62 Safari/537.36" 23.234.84.67 - - [24/Nov/2025:07:40:19 -0500] "GET /?s=../%5Cthink%5CContainer/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2817.96 Safari/537.36" 23.234.84.67 - - [24/Nov/2025:07:40:19 -0500] "GET /?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.84.63 Safari/537.36" 23.234.84.67 - - [24/Nov/2025:07:40:20 -0500] "GET /?s=/Home/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.3137.114 Safari/537.36" 43.157.188.74 - - [24/Nov/2025:08:47:00 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 66.249.66.7 - - [24/Nov/2025:09:08:25 -0500] "GET /robots.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 51.159.4.207 - - [24/Nov/2025:09:12:07 -0500] "GET /xmlrpc.php HTTP/1.1" 301 795 "http://zimelnews.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" 51.159.4.207 - - [24/Nov/2025:09:12:07 -0500] "GET /xmlrpc.php HTTP/1.1" 301 795 "https://zimelnews.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" 66.249.66.7 - - [24/Nov/2025:09:10:51 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 51.159.4.207 - - [24/Nov/2025:09:12:07 -0500] "GET /xmlrpc.php HTTP/1.1" 301 795 "https://zimelnews.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" 51.159.4.207 - - [24/Nov/2025:09:12:07 -0500] "GET /xmlrpc.php HTTP/1.1" 301 795 "https://zimelnews.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" 3.208.154.201 - - [24/Nov/2025:09:46:32 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 3.208.154.201 - - [24/Nov/2025:09:46:33 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 107.22.126.48 - - [24/Nov/2025:10:04:29 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51" 3.15.202.119 - - [24/Nov/2025:10:04:29 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51" 34.98.143.163 - - [24/Nov/2025:10:04:40 -0500] "HEAD /_autoindex/assets/js/tablesort.number.js HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 162.62.213.187 - - [24/Nov/2025:09:53:55 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 34.98.143.161 - - [24/Nov/2025:10:04:29 -0500] "HEAD / HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 18.188.59.190 - - [24/Nov/2025:10:04:30 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51" 34.98.143.163 - - [24/Nov/2025:10:04:39 -0500] "HEAD / HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 34.98.143.163 - - [24/Nov/2025:10:04:40 -0500] "HEAD /_autoindex/assets/js/tablesort.js HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 176.100.243.133 - - [24/Nov/2025:10:19:12 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" 115.96.179.69 - - [24/Nov/2025:10:38:55 -0500] "GET /wp-json/wp/v2/posts HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 154.5.48.102 - - [24/Nov/2025:10:51:51 -0500] "GET /wp-json/wp/v2/posts HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 52.191.198.92 - - [24/Nov/2025:11:07:02 -0500] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:11:07:02 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:11:07:02 -0500] "GET /skclbrxj.php?Fox=d3wL7 HTTP/1.1" 301 795 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:11:07:02 -0500] "POST /alfacgiapi/perl.alfa HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 191.96.103.32 - - [24/Nov/2025:11:10:11 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36" 193.36.118.250 - - [24/Nov/2025:11:13:07 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Safari/605.1.15" 185.137.164.3 - - [24/Nov/2025:11:14:54 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" 23.234.84.67 - - [24/Nov/2025:11:15:12 -0500] "POST /?s=captcha&test=-1 HTTP/1.1" 301 795 "-" "Mozilla/5.0" 34.123.170.104 - - [24/Nov/2025:11:04:52 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 52.191.198.92 - - [24/Nov/2025:11:07:02 -0500] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 205.169.39.54 - - [24/Nov/2025:11:07:03 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36" 174.138.112.39 - - [24/Nov/2025:11:09:03 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Mobile Safari/537.36" 79.142.76.211 - - [24/Nov/2025:11:13:08 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone SE (2nd generation); CPU iPhone OS 18_0_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.66 Mobile/18G1393 Safari/604.1.38" 185.137.164.3 - - [24/Nov/2025:11:13:08 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 74.179.70.65 - - [24/Nov/2025:11:13:20 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 23.234.84.67 - - [24/Nov/2025:11:15:11 -0500] "POST /?s=captcha&test=-1 HTTP/1.1" 301 795 "-" "Mozilla/5.0" 58.251.94.154 - - [24/Nov/2025:11:16:18 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/68.0.3440.106 Chrome/68.0.3440.106 Safari/537.36" 185.137.164.3 - - [24/Nov/2025:11:17:32 -0500] "GET /favicon.ico HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1" 193.36.118.250 - - [24/Nov/2025:11:21:07 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:08 -0500] "GET /9anTD9qOsCyZYOAud HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:08 -0500] "GET /NTLxJqkka9A0AoM5uog HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:09 -0500] "GET /error_log HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:09 -0500] "GET /home HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:09 -0500] "GET /shsspnwyl HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:10 -0500] "GET /CE507Rm1zhJkht7He.0.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:10 -0500] "GET /QcMvkOlfYLp4wmU89s.0.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:10 -0500] "GET /jSVCAZbk2Mp_T5djqfA.0.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:11 -0500] "GET /alexusMailer_v2.0.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:12 -0500] "GET /Z_wtM9ionA7UakNkqwF.8.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:13 -0500] "GET /7rhGhB9vLKqZFdLf9t.LuFix-983426.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:13 -0500] "GET /2kXEjIyxL1WlOiRe_wS.LuFix-983426.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:14 -0500] "GET /QPbh6YxdgPfmVwHEt.PHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:15 -0500] "GET /LS4h2_KugtMUF8vWPW.PHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:15 -0500] "GET /ECsRi96QFSvA8bDXngz.PHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:16 -0500] "GET /g6iXNaYGDn2XqSYFu2J.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:17 -0500] "GET /alfa-rex.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:17 -0500] "GET /gawean.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:17 -0500] "GET /ioxi22.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:18 -0500] "GET /8KJU6kO8H9ffwxDTL.Php7.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:08 -0500] "GET /oYgiq8vr2V9YLnCoBI HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:11 -0500] "GET /uCUWxhmC_DZHQqBor.8.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:11 -0500] "GET /NzW7YcmDV2bGNUFbA3.8.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:12 -0500] "GET /leafmailer2.8.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:13 -0500] "GET /ucw6U__nY997QLOj_.LuFix-983426.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:14 -0500] "GET /.LuFix-983426.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:15 -0500] "GET /alfa-rex.PHP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:16 -0500] "GET /e5wCwASdGMu8WR23L.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:16 -0500] "GET /gi5032M1_ShUMPQ7dc.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:18 -0500] "GET /randkeyword.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:20 -0500] "GET /wp-mail.Php7.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:20 -0500] "GET /sfL16JjKttDTuDJnL.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:22 -0500] "GET /BPW12Lz8AKWTrOQR6r2.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:22 -0500] "GET /EQw15x_XUZNLUlQ6F.ashx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:23 -0500] "GET /SWmNuaIB0x0DhMnlyAw.ashx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:24 -0500] "GET /eGO4vMe4N1cbofwL8.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:25 -0500] "GET /spinstall0.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:25 -0500] "GET /msok.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:26 -0500] "GET /Caterpillar.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:26 -0500] "GET /iisstart.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:27 -0500] "GET /tyeau0Mu8dIN7nX_8E.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:27 -0500] "GET /3_CMxth8q7eOjPL_TPS.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:19 -0500] "GET /KZg9FsSgWxcFiWKvkz.Php7.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:19 -0500] "GET /9YKTwQlfVxePY7nfKMF.Php7.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:21 -0500] "GET /XXEPcXUNaWQOWq1pZw.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:22 -0500] "GET /class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:23 -0500] "GET /N9yxuSCNIU2CSNp6i9.ashx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:23 -0500] "GET /tunnel.ashx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:24 -0500] "GET /K72KY5QNkq84DIQTug.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:25 -0500] "GET /oAIaoPVnwZMdPozkxoD.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:26 -0500] "GET /tunnel.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:27 -0500] "GET /YGpHDXGj_YQLLEAkA.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:29 -0500] "GET /n5KQ6AeUpBSPCv_DS.htaccess HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:30 -0500] "GET /N7e7CwBGAS2ihjWH50.htaccess HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:31 -0500] "GET /tRtp3thtIXpEu7LFW.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:31 -0500] "GET /DtK_GipPLP15ZEfiqE.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:32 -0500] "GET /index.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:32 -0500] "GET /footer.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:33 -0500] "GET /home.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:34 -0500] "GET /6ePi3xryKiLeKFfwOMN.html.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:36 -0500] "GET /iYNghOsTS6Cl9M9oUbO.ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:37 -0500] "GET /uhyLF_c8Tpblh8mN22.js HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:37 -0500] "GET /EIE8d7RqdipigGCO34A.js HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:38 -0500] "GET /J9Ik7IZiPQt5csIk5VU.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:28 -0500] "GET /news_parser.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:28 -0500] "GET /Fpc6j1aWaFDlu8LRR.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:28 -0500] "GET /BhZKFLhNC0yhmpMkn9.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:29 -0500] "GET /MflmsIijvTa53P09Zpe.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:29 -0500] "GET /.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:30 -0500] "GET /TR02CCXQtxfmZpQWp27.htaccess HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:30 -0500] "GET /.htaccess HTTP/1.1" 403 1242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:31 -0500] "GET /_60IfPwYZiRUViudQvL.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:32 -0500] "GET /readme.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:33 -0500] "GET /page-login.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:34 -0500] "GET /AuBOC8jr7gDRbZ09y.html.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:34 -0500] "GET /ecRzZep6qwqwRGpjYj.html.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:35 -0500] "GET /view.html.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:35 -0500] "GET /PmhAJ6X1emrFWqf5w.ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:35 -0500] "GET /TTsBwFoVM9EQfqaMnr.ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:36 -0500] "GET /user.ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:36 -0500] "GET /smyEkUtO6Ey5HdCs_.js HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:37 -0500] "GET /tunnel.js HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:38 -0500] "GET /fxXf77QQNWE8r5zn5.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:38 -0500] "GET /U0fGLh2ixyFULWldjx.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:39 -0500] "GET /tunnel.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:40 -0500] "GET /logos.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:41 -0500] "GET /cmd-pro.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:41 -0500] "GET /greeting.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:42 -0500] "GET /_example.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:42 -0500] "GET /cmd-prow.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:43 -0500] "GET /dn.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:43 -0500] "GET /id_win.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:43 -0500] "GET /shell.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:44 -0500] "GET /id.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:45 -0500] "GET /sw3.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:45 -0500] "GET /manager10.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:46 -0500] "GET /l0g.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:46 -0500] "GET /Heed.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:47 -0500] "GET /HitCount.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:47 -0500] "GET /style.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:48 -0500] "GET /preaproveWelcome.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:49 -0500] "GET /upload.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:50 -0500] "GET /favic0n.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:51 -0500] "GET /.login-n.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:52 -0500] "GET /f5AoHadVWvYi0tOgp.login-w.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:53 -0500] "GET /IiKi5oHWc3ItevqxR.max6.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:53 -0500] "GET /GGSiuzczUQ9DCI2pWW.max6.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:54 -0500] "GET /Eij3cmu5xKD1eXl1URd.max6.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:54 -0500] "GET /font-awesome.max6.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:39 -0500] "GET /spacer.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:39 -0500] "GET /Thumbs.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:40 -0500] "GET /wm_cfshared.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:41 -0500] "GET /one-lin.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:42 -0500] "GET /xbin10x.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:44 -0500] "GET /idpost.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:44 -0500] "GET /20170219.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:45 -0500] "GET /proxy-jsp.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:46 -0500] "GET /HelloHTML.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:48 -0500] "GET /HelpSessions.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:48 -0500] "GET /sql.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:49 -0500] "GET /welcome.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:49 -0500] "GET /favicon.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:50 -0500] "GET /SBXxMAeLmNOEO_IU4.login-n.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:51 -0500] "GET /4o_FdsF66Fxp5klvuJ.login-n.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:51 -0500] "GET /mtUQGVZ4JZzPau7_Dfb.login-n.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:52 -0500] "GET /KA2bzXBi0S4zVC3egW.login-w.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:52 -0500] "GET /2IidZglfDiA9aGj9Dji.login-w.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:53 -0500] "GET /.login-w.jsp HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:55 -0500] "GET /4LgTzjMogWd4fZ4ZBQ.nosocket.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:55 -0500] "GET /z6syx7KxGWcrkHyoL1l.nosocket.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:56 -0500] "GET /tunnel.nosocket.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:56 -0500] "GET /3PLHKthAKqBd0BvdT.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:56 -0500] "GET /doVIJvIis0Jl6Z6wbR.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:58 -0500] "GET /wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:59 -0500] "GET /click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:59 -0500] "GET /about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:00 -0500] "GET /test.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:00 -0500] "GET /item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:00 -0500] "GET /mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:01 -0500] "GET /product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:16 -0500] "GET /wc/ark/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:21 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/2SZawbxBZSwUGOPQ1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:21 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/3rJIIn4JqWV6gaQSnQ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:22 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/GqfDzcUyBAt7r0FwS6v.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:23 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:23 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/xEo7cQ9YIfUtMskX_.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:40 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:40 -0500] "GET /.lu/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:41 -0500] "GET /.lu/u1oNNDvnDikjV5R400.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:42 -0500] "GET /.lu/rRZkEE5fKYtvRQDRQlF.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:42 -0500] "GET /.lu/lufix.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:54 -0500] "GET /rLMUAh1aylxFMVe9E.nosocket.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:57 -0500] "GET /uZistz03Rs58w9xUTbm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:57 -0500] "GET /cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:57 -0500] "GET /index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:58 -0500] "GET /admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:58 -0500] "GET /options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:21:59 -0500] "GET /plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:18 -0500] "GET /wc/ark/u7Uu3lvIBWmuA5m4O.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:18 -0500] "GET /wc/ark/XbXzaSc0dcR_jd0chv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:19 -0500] "GET /wc/ark/wuTNYNDZSoCx2rzwBNm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:19 -0500] "GET /wc/ark/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:20 -0500] "GET /wc/ark/logout.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:20 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:22 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:24 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/Cio0bDqG9lZPB8GgKP.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:41 -0500] "GET /.lu/FFLbKFlVfw3pWXqAC.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:42 -0500] "GET /.lu/test.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:43 -0500] "GET /_layouts/16/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:46 -0500] "GET /_layouts/16/ceYWDgBdOL9zcF82N.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:48 -0500] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:50 -0500] "GET /wp-admin/AONKDcR1Sq1WzYa17v.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:47 -0500] "GET /_layouts/16/kJS8T5U5LAOfhyyW7G.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:47 -0500] "GET /_layouts/16/e7S2eWQJ3zdmgIOBiSm.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:47 -0500] "GET /_layouts/16/spinstall0.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:49 -0500] "GET /wp-admin/uI6o9pcMngr8FQz7U.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:50 -0500] "GET /wp-admin/l3qEfIXy1n4xx3tJ0gv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:51 -0500] "GET /wp-admin/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:52 -0500] "GET /wp-admin/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:52 -0500] "GET /wp-admin/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:53 -0500] "GET /wp-admin/wp-log1n.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:55 -0500] "GET /wp-admin/userfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:55 -0500] "GET /images/images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:55 -0500] "GET /images/images/images/images/images/images/images/images/9qIo0TJPXRFFCf54Z.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:56 -0500] "GET /images/images/images/images/images/images/images/images/6KEEfAU5kEOnvgqmazQ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:57 -0500] "GET /admin/assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:58 -0500] "GET /admin/assets/6oSqfba95TR6DldnFD.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:58 -0500] "GET /admin/assets/GPp8F8aGmy_xr1I5y0S.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:58 -0500] "GET /admin/assets/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:59 -0500] "GET /wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:59 -0500] "GET /wp-includes/Cv9q1XTV8wqBNk0wX.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:00 -0500] "GET /wp-includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:01 -0500] "GET /wp-includes/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:50 -0500] "GET /wp-admin/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:51 -0500] "GET /wp-admin/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:52 -0500] "GET /wp-admin/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:53 -0500] "GET /wp-admin/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:53 -0500] "GET /wp-admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:54 -0500] "GET /wp-admin/networks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:54 -0500] "GET /wp-admin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:56 -0500] "GET /images/images/images/images/images/images/images/images/5kUMCkqyGVbbEiLmoF.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:56 -0500] "GET /images/images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:22:57 -0500] "GET /admin/assets/wS4e15XSZiAPpovEX.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:00 -0500] "GET /wp-includes/5OOAIy25UzBpnNo_rZ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:00 -0500] "GET /wp-includes/tKBdOVJoYgs2Q7fcxIt.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:01 -0500] "GET /wp-includes/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:02 -0500] "GET /wp-includes/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:03 -0500] "GET /wp-includes/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:04 -0500] "GET /wp-includes/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:04 -0500] "GET /wp-includes/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:06 -0500] "GET /wp-includes/networks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:08 -0500] "GET /wp-includes/js/a2eg1yRI9gclq5D8Fps.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:08 -0500] "GET /wp-includes/js/db_model.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:10 -0500] "GET /assets/css/vqKXLvgfjbDb9CoOJ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:01 -0500] "GET /wp-includes/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:02 -0500] "GET /wp-includes/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:03 -0500] "GET /wp-includes/wp-configs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:03 -0500] "GET /wp-includes/wp-log1n.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:05 -0500] "GET /wp-includes/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:06 -0500] "GET /wp-includes/orvxmailer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:07 -0500] "GET /wp-includes/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:07 -0500] "GET /wp-includes/js/RoOzMsvjKloF6_f8T.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:07 -0500] "GET /wp-includes/js/jeq5Xz8IzsnrSDCFIY.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:09 -0500] "GET /assets/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:11 -0500] "GET /assets/css/zc14LAdwwuwxdWV1d5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:12 -0500] "GET /wp-content/plugins/css-ready-classes-gravity-forms/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:15 -0500] "GET /assets/images/KsoMGaPleBUIHtXhW.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:16 -0500] "GET /assets/images/php8.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:17 -0500] "GET /assets/images/3913a737be.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:18 -0500] "GET /admin/connection/UT0JbdVYTx24iSEK3I.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:18 -0500] "GET /admin/connection/GYK7w8EJsvMzncVjG68.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:35 -0500] "GET /images/images/images/HVUbn6ErvcN39dtydt.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:35 -0500] "GET /images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:36 -0500] "GET /.wp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:36 -0500] "GET /.wp/i4l1DhbTrPcKuVHwb.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:11 -0500] "GET /assets/css/jFkK0_ijZyqkBPuCz_N.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:12 -0500] "GET /assets/css/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:13 -0500] "GET /wp-content/plugins/css-ready-classes-gravity-forms/kMqOz5BY2zVu2xbAl.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:13 -0500] "GET /wp-content/plugins/css-ready-classes-gravity-forms/gSbBaJZd2X3qd8qll7.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:13 -0500] "GET /wp-content/plugins/css-ready-classes-gravity-forms/1jYLci8UVzzE51p9O3D.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:14 -0500] "GET /wp-content/plugins/css-ready-classes-gravity-forms/mmm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:14 -0500] "GET /assets/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:15 -0500] "GET /assets/images/XNxnD04s6Tssrkglqo.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:15 -0500] "GET /assets/images/C_nE0oqyYf61bHe4vA1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:16 -0500] "GET /assets/images/accesson.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:16 -0500] "GET /assets/images/04236bcd81.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:17 -0500] "GET /admin/connection/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:18 -0500] "GET /admin/connection/VmIOXD8wGiF10AZCO.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:19 -0500] "GET /admin/connection/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:19 -0500] "GET /images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:35 -0500] "GET /images/images/images/pKSzlTRI1JN0PEfH1vQ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:38 -0500] "GET /.wp/6TnwgF5SuGlKrhHQa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:38 -0500] "GET /.wp/OTsyM9r2kHIKl1ksPA.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:39 -0500] "GET /.wp/vrPrGsgyIvwrnZjOSjj.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:39 -0500] "GET /.wp/lufix.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:40 -0500] "GET /.wp/alfanewditz.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:37 -0500] "GET /.wp/yN242VDiKD3tWO1WJL.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:37 -0500] "GET /.wp/qYDUviPITh3KyQdcawh.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:37 -0500] "GET /.wp/.f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:39 -0500] "GET /.wp/index1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:40 -0500] "GET /.wp/alfditz.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:41 -0500] "GET /.wp/wsoditz1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:41 -0500] "GET /.wp/wpautoedit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:42 -0500] "GET /.wp/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:42 -0500] "GET /.wp/wsoditz.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:43 -0500] "GET /.wp/test.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:43 -0500] "GET /.wp/wpo.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:44 -0500] "GET /images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:44 -0500] "GET /images/images/images/images/images/drtABuCQQI1BE3HrC.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:45 -0500] "GET /images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:46 -0500] "GET /wp-admin/.wp-languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:47 -0500] "GET /wp-admin/.wp-languages/zlkV7W0ESeNFVTaEu8V.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:02 -0500] "GET /images/images/images/images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:03 -0500] "GET /images/images/images/images/images/images/images/images/images/images/9fQSQBT3jHWC2EGFXy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:03 -0500] "GET /images/images/images/images/images/images/images/images/images/images/98wz1xSHUkWiAGix6EF.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:04 -0500] "GET /images/images/images/images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:04 -0500] "GET /i/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:42 -0500] "GET /.wp/sym403bp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:43 -0500] "GET /.wp/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:45 -0500] "GET /images/images/images/images/images/xNuoEgmU2h0w_j9lap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:45 -0500] "GET /images/images/images/images/images/cpX8H_8lErKuAy1IAUg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:46 -0500] "GET /wp-admin/.wp-languages/kq38r51253lqvI94H.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:23:47 -0500] "GET /wp-admin/.wp-languages/qSpIcRKjPGiWFCY1qG.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:03 -0500] "GET /images/images/images/images/images/images/images/images/images/images/wb5ov9nR64c499nQL.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:05 -0500] "GET /i/aqTjClAhuBVlzBcYvZ.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:06 -0500] "GET /i/home.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:06 -0500] "GET /wp-includes/random_compat/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:07 -0500] "GET /wp-includes/random_compat/R9CAWlgqCL7LCXUmwbu.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:08 -0500] "GET /wp-includes/random_compat/news_parser.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:08 -0500] "GET /wp-includes/random_compat/CxuiNw32DsO_NJHA3.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:10 -0500] "GET /wp-includes/random_compat/xgN0tZemEjjEl0Sfp9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:10 -0500] "GET /wp-includes/random_compat/eOqXdcP5IB2mhHNLgaF.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:10 -0500] "GET /wp-includes/random_compat/db-update.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:12 -0500] "GET /admin/ckeditor/adapters/B5gvyNyJ67w9H1dmaF.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:13 -0500] "GET /admin/ckeditor/adapters/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:13 -0500] "GET /admin/ckeditor/lang/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:14 -0500] "GET /admin/ckeditor/lang/FjZrYst06G6xwwaXf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:05 -0500] "GET /i/oegVIpL4l4KxFLP1E.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:05 -0500] "GET /i/5CRDiJ7ujQbwN34oV1R.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:07 -0500] "GET /wp-includes/random_compat/f2BP9Txn0z98wQwud.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:07 -0500] "GET /wp-includes/random_compat/dwrLPHhxtUvmpntCXV.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:11 -0500] "GET /wp-includes/random_compat/ini_db-update.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:11 -0500] "GET /admin/ckeditor/adapters/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:11 -0500] "GET /admin/ckeditor/adapters/ddOK1BjUmwoPt0JYy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:12 -0500] "GET /admin/ckeditor/adapters/Lb8dnDqHv3RliW9anp0.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:14 -0500] "GET /admin/ckeditor/lang/BW2LgATMU_TMPvdcwr.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:15 -0500] "GET /admin/ckeditor/lang/qo4F5c93KYIBjQoEj0s.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:15 -0500] "GET /admin/ckeditor/lang/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:15 -0500] "GET /wp-content/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:16 -0500] "GET /wp-content/R6ft4LBQaFEefmDqS.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:16 -0500] "GET /wp-content/BYSpKGYnkrRpJHdxm_.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:17 -0500] "GET /wp-content/wp-log1n.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:18 -0500] "GET /wp-content/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:18 -0500] "GET /wp-content/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:19 -0500] "GET /wp-content/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:19 -0500] "GET /wp-content/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:20 -0500] "GET /wp-content/options-reading.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:20 -0500] "GET /wp-content/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:17 -0500] "GET /wp-content/PdaIstl_3uSOxlfmfZM.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:17 -0500] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:19 -0500] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:20 -0500] "GET /wp-content/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:21 -0500] "GET /wp-content/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:21 -0500] "GET /wp-content/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:22 -0500] "GET /wp-content/wp-configs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:22 -0500] "GET /wp-content/networks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:23 -0500] "GET /wp-content/t.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:23 -0500] "GET /wp-content/userfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:24 -0500] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:24 -0500] "GET /wp-includes/Text/KMnBOwxx4XB0mAAU_.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:33 -0500] "GET /wp-includes/Text/db_model.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:33 -0500] "GET /wp-includes/Text/Q7sQeb7ACuzy0gYTW.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:34 -0500] "GET /wp-includes/Text/AE5mTXzoV059SEyk5n.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:35 -0500] "GET /wp-includes/Text/about.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:35 -0500] "GET /images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:36 -0500] "GET /images/images/images/images/KRlRFPGKf1Oxct1L8A.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:38 -0500] "GET /670302/jQ4gmq5ZQAWvnPJI7U3.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:38 -0500] "GET /670302/gdftps.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:40 -0500] "GET /wp-admin/css/FXtCuDn2yAwbGA3Sl.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:22 -0500] "GET /wp-content/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:32 -0500] "GET /wp-includes/Text/ZALIvR6mk741HWHEWrc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:34 -0500] "GET /wp-includes/Text/y7S66hovrmDS3dNYsTv.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:35 -0500] "GET /images/images/images/images/ZpBwacGDYFKKnDRJD.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:36 -0500] "GET /images/images/images/images/UXh7S61ZgEaeY7KiGzN.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:36 -0500] "GET /images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:37 -0500] "GET /670302/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:37 -0500] "GET /670302/JI9Rqkhb1BtL9XI8m.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:38 -0500] "GET /670302/SYBttjR7GMrbumPct_.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:39 -0500] "GET /670302/memberfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:39 -0500] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:40 -0500] "GET /wp-admin/css/2beuazVm88H45828Pi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:41 -0500] "GET /wp-admin/css/5JmQ3XFahOelEBK4rpv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:42 -0500] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:43 -0500] "GET /wp-includes/certificates/nKudmV59ON_jmA4lp.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:43 -0500] "GET /wp-includes/certificates/YC4A_eFagWPIjadh7h.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:43 -0500] "GET /wp-includes/certificates/MvPck9UzOYn_1z0jWIg.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:46 -0500] "GET /wp-includes/certificates/db_model.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:46 -0500] "GET /wp-includes/certificates/db-update.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:47 -0500] "GET /images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:41 -0500] "GET /wp-admin/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:41 -0500] "GET /wp-admin/css/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:42 -0500] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:44 -0500] "GET /wp-includes/certificates/news_parser.class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:44 -0500] "GET /wp-includes/certificates/KJQ1IAaQR7YeKneKD.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:45 -0500] "GET /wp-includes/certificates/O9SplxxCmmzwiYmcTN.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:45 -0500] "GET /wp-includes/certificates/S_1rkbk5UvbIbFImQtO.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:49 -0500] "GET /images/images/images/images/images/images/OWYZyI4i87WogvxqT5I.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:49 -0500] "GET /images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:49 -0500] "GET /admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:50 -0500] "GET /admin/css/qykTXj51vkO0Yusul9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:50 -0500] "GET /admin/css/aJGlK7GwB8Q8o2s1KWN.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:51 -0500] "GET /admin/css/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:51 -0500] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:53 -0500] "GET /wp-includes/pomo/db-update.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:55 -0500] "GET /images/images/images/images/images/images/images/pqWPKUK0j4SsYYgZCX.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:55 -0500] "GET /images/images/images/images/images/images/images/_jQ0N3bdCfEL7Su2oLO.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:57 -0500] "GET /_layouts/15/hd3sZW7Hny5zELu1s.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:57 -0500] "GET /_layouts/15/GxLnw7CR8XfMe4xxOz.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:57 -0500] "GET /_layouts/15/icvZrSO14wGZghKri78.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:47 -0500] "GET /images/images/images/images/images/images/mv1DFHOTWqYdR98D9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:47 -0500] "GET /images/images/images/images/images/images/zWuM2NVU7TSBLH1Uxv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:50 -0500] "GET /admin/css/YGKFJJB4U5ywTzTaW.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:52 -0500] "GET /wp-includes/pomo/MRiC5k4QnUU7ZI0bv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:52 -0500] "GET /wp-includes/pomo/DwfyvvlLxW4mIt_BF_.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:52 -0500] "GET /wp-includes/pomo/insoa5PgrJpms3mxN0V.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:53 -0500] "GET /wp-includes/pomo/user-info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:53 -0500] "GET /wp-includes/pomo/db_model.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:54 -0500] "GET /wp-includes/pomo/ini_db-update.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:54 -0500] "GET /images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:55 -0500] "GET /images/images/images/images/images/images/images/0L8vi38s79BPsF89g.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:56 -0500] "GET /images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:56 -0500] "GET /_layouts/15/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:58 -0500] "GET /_layouts/15/spinstall0.aspx HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:58 -0500] "GET /admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:59 -0500] "GET /admin/9qgDzzK3hFvciNx6fr.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:59 -0500] "GET /admin/MzDa52rz7T2_y8rHdTn.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:00 -0500] "GET /admin/Q7NcRS4KX48TwtrD2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:00 -0500] "GET /admin/9aTkBS9OYZ4IYqKhSE.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:01 -0500] "GET /admin/Paphh6FiFSAsHT9BUA6.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:01 -0500] "GET /admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:02 -0500] "GET /admin/urun.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:02 -0500] "GET /admin/logout.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:02 -0500] "GET /admin/logs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:03 -0500] "GET /admin/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:04 -0500] "GET /admin/pending.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:06 -0500] "GET /plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:06 -0500] "GET /plugins/86ZoNzIZyeEvDZa0FB.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:08 -0500] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:08 -0500] "GET /wp-includes/rest-api/gWGMiDSdHeHfA18RQ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:10 -0500] "GET /wp-includes/rest-api/rcaEEUG5P3I00yDMZd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:25 -0500] "GET /wp-includes/rest-api/user-info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:26 -0500] "GET /wp-content/plugins/fix/sNteAypfnxNkFJWKs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:26 -0500] "GET /wp-content/plugins/fix/Eb4lTE_Z0Vaylb1rtj.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:27 -0500] "GET /wp-content/plugins/fix/1DuVYjmCUyGL5BpyLhk.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:27 -0500] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:30 -0500] "GET /admin/ckeditor/FNvEoQScoDeYPflp4.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:30 -0500] "GET /admin/ckeditor/mfJssWo6ciGlduPfaM.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:30 -0500] "GET /admin/ckeditor/BVrEQS5NkNjYVeBYwX6.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:31 -0500] "GET /backup/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:31 -0500] "GET /backup/OagYZ7RrAWAL0fg4Z.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:24:59 -0500] "GET /admin/xMvJOeOczeoEiWHG6.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:00 -0500] "GET /admin/page-login.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:03 -0500] "GET /admin/dashboard.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:04 -0500] "GET /admin/yeniurun.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:05 -0500] "GET /admin/completed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:05 -0500] "GET /admin/deleted.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:05 -0500] "GET /admin/clear.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:06 -0500] "GET /plugins/hpVXN4Y74LROhxfct.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:07 -0500] "GET /plugins/tqwlBkkrXAybvEJRQ2n.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:07 -0500] "GET /plugins/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:25 -0500] "GET /wp-content/plugins/fix/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:27 -0500] "GET /admin/ckeditor/skins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:28 -0500] "GET /admin/ckeditor/skins/IjCZLAVdglWfWflOE.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:28 -0500] "GET /admin/ckeditor/skins/Je6njpMgrQNmkuJHy9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:28 -0500] "GET /admin/ckeditor/skins/2xArEddeM0_SWEx692M.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:29 -0500] "GET /admin/ckeditor/skins/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:29 -0500] "GET /admin/ckeditor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:31 -0500] "GET /admin/ckeditor/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:33 -0500] "GET /backup/Z0kyBXMZGt7P8jq2Eb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 205.169.39.179 - - [24/Nov/2025:11:25:35 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 193.36.118.250 - - [24/Nov/2025:11:25:42 -0500] "GET /web/uadmin/tjhlt9tkB3f1ZkuQZ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:33 -0500] "GET /backup/fwQBtoDNc9fIBQKVPgg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:34 -0500] "GET /backup/Jennie007Greene.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 205.169.39.179 - - [24/Nov/2025:11:25:41 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 193.36.118.250 - - [24/Nov/2025:11:25:42 -0500] "GET /web/uadmin/fcNVzYjMGwxxq57fmM.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:43 -0500] "GET /web/uadmin/fBNb7tSDab8PWLSTfrp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:43 -0500] "GET /web/uadmin/adm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:44 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/images/bVw0ugc_jqnJOOkiw.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:44 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/images/QsDcn77rNz6_UC2n0r.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:00 -0500] "GET /admin/ckeditor/samples/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:01 -0500] "GET /admin/ckeditor/samples/TbpTO8AnSE1_6EqoJ.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:02 -0500] "GET /admin/ckeditor/samples/bJDOA4dOY65h11tYXXW.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:03 -0500] "GET /admin/ckeditor/samples/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:04 -0500] "GET /uadmin/RCxLK6JOFw6A1CSbKb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:05 -0500] "GET /uadmin/adm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:05 -0500] "GET /admin/ckeditor/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:06 -0500] "GET /admin/ckeditor/plugins/ATvxEevNmqSzrlSEX.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:06 -0500] "GET /admin/ckeditor/plugins/Mr3hJ4BaujzC4I7yUUX.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:07 -0500] "GET /admin/ckeditor/plugins/103.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:07 -0500] "GET /images/images/images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:08 -0500] "GET /images/images/images/images/images/images/images/images/images/DE8pQF9BXmG29kQSdz6.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:11 -0500] "GET /fmboiweft73/zAbKVSc4zAQ3LgeW4T.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:11 -0500] "GET /fmboiweft73/HN2Fs4EDiO51w02GiB2.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:11 -0500] "GET /fmboiweft73/footer.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:25:43 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:00 -0500] "GET /images/images/images/images/images/images/images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:01 -0500] "GET /admin/ckeditor/samples/VISVh91dCJGaOQsv0o.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:03 -0500] "GET /uadmin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:04 -0500] "GET /uadmin/3dFTMYEmWdIOjvbTi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:04 -0500] "GET /uadmin/SB4q0uk0BXNepb3pP8j.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:06 -0500] "GET /admin/ckeditor/plugins/4TCt6XYUbOxnUNKUyK.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:08 -0500] "GET /images/images/images/images/images/images/images/images/images/CB_rGuOYPJXz9KS2u.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:08 -0500] "GET /images/images/images/images/images/images/images/images/images/r43vorTxcxh8JIV5r6.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:09 -0500] "GET /images/images/images/images/images/images/images/images/images/cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:09 -0500] "GET /fmboiweft73/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 193.36.118.250 - - [24/Nov/2025:11:26:10 -0500] "GET /fmboiweft73/UPKZ347QPssUDvrut.html HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:144.0) Gecko/20100101 Firefox/144.0" 207.102.138.19 - - [24/Nov/2025:11:36:06 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 51.68.111.213 - - [24/Nov/2025:11:46:56 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MJ12bot/v2.0.4; http://mj12bot.com/)" 51.68.111.213 - - [24/Nov/2025:11:46:55 -0500] "GET /robots.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MJ12bot/v2.0.4; http://mj12bot.com/)" 205.169.39.28 - - [24/Nov/2025:11:46:59 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36" 139.59.150.158 - - [24/Nov/2025:11:59:57 -0500] "GET //vendor/phpunit/phpunit/phpunit.xsd HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 90.187.238.157 - - [24/Nov/2025:12:10:42 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 90.187.238.157 - - [24/Nov/2025:12:10:26 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 18.191.143.117 - - [24/Nov/2025:12:16:20 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51" 18.222.182.28 - - [24/Nov/2025:12:16:25 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51" 34.98.143.162 - - [24/Nov/2025:12:16:28 -0500] "HEAD /_autoindex/assets/js/tablesort.js HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 34.98.143.161 - - [24/Nov/2025:12:16:18 -0500] "HEAD / HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 3.92.4.194 - - [24/Nov/2025:12:16:20 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.51" 66.249.66.69 - - [24/Nov/2025:12:16:22 -0500] "GET / HTTP/1.1" 301 795 "-" "GoogleOther" 34.98.143.161 - - [24/Nov/2025:12:16:28 -0500] "HEAD / HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 34.98.143.162 - - [24/Nov/2025:12:16:28 -0500] "HEAD /_autoindex/assets/js/tablesort.number.js HTTP/1.1" 301 0 "http://zimelnews.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~virustotalcloud)" 34.77.34.163 - - [24/Nov/2025:12:23:12 -0500] "GET / HTTP/1.1" 301 795 "-" "python-requests/2.32.5" 81.161.59.17 - - [24/Nov/2025:12:36:42 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 104.210.140.138 - - [24/Nov/2025:12:33:30 -0500] "GET /robots.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36; compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" 81.161.59.17 - - [24/Nov/2025:12:36:42 -0500] "HEAD / HTTP/1.1" 301 0 "-" "node-fetch" 161.77.39.185 - - [24/Nov/2025:12:45:28 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 54.218.117.174 - - [24/Nov/2025:12:48:01 -0500] "HEAD /favicon.ico HTTP/1.1" 301 0 "-" "axios/1.8.4" 172.105.82.111 - - [24/Nov/2025:13:03:31 -0500] "GET / HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 58.251.94.154 - - [24/Nov/2025:13:17:21 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36" 154.16.81.147 - - [24/Nov/2025:13:21:51 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36" 58.251.94.154 - - [24/Nov/2025:13:17:20 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36" 54.69.203.4 - - [24/Nov/2025:13:47:53 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 44.255.182.208 - - [24/Nov/2025:13:47:55 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 216.145.84.219 - - [24/Nov/2025:13:47:54 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" 34.228.9.55 - - [24/Nov/2025:13:33:18 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090825 SeaMonkey/1.1.18" 209.38.207.28 - - [24/Nov/2025:14:07:54 -0500] "GET //vendor/phpunit/phpunit/phpunit.xsd HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" 34.77.34.163 - - [24/Nov/2025:14:33:03 -0500] "GET / HTTP/1.1" 301 795 "-" "python-requests/2.32.5" 110.249.201.3 - - [24/Nov/2025:14:44:07 -0500] "GET /robots.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/)" 43.157.95.131 - - [24/Nov/2025:14:44:18 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 3.208.154.201 - - [24/Nov/2025:14:56:08 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 3.208.154.201 - - [24/Nov/2025:14:56:11 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 144.172.112.41 - - [24/Nov/2025:15:33:30 -0500] "GET /installer.php HTTP/1.1" 301 795 "-" "Python-urllib/2.7" 52.191.198.92 - - [24/Nov/2025:15:44:55 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:44:55 -0500] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:44:55 -0500] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:44:55 -0500] "GET /scrnhexf.php?Fox=d3wL7 HTTP/1.1" 301 795 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:44:57 -0500] "POST /alfacgiapi/perl.alfa HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:51:15 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:51:15 -0500] "POST /alfacgiapi/perl.alfa HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:51:15 -0500] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:51:15 -0500] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.191.198.92 - - [24/Nov/2025:15:51:15 -0500] "GET /znvpinjg.php?Fox=d3wL7 HTTP/1.1" 301 795 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 43.135.182.95 - - [24/Nov/2025:15:57:46 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 172.105.82.111 - - [24/Nov/2025:17:00:55 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:01 -0500] "GET /wp-admin__6369b9e/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:01 -0500] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/user/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/IXR/network/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/php/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/certificates/fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/ID3/languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/random/php/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/user/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/certificates/fonts/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/user/Text/SimplePie/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/php/plugins/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/css/colors/midnight/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/css/colors/modern/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:01 -0500] "GET /urdu__6369b9e/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:01 -0500] "GET /en/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:01 -0500] "GET /nc_assets__6369b9e/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/random/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/php/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:01:25 -0500] "GET /wp-admin/blockt/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:02:44 -0500] "GET /wp-admin/user/wp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/random/php/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/IXR/network/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:17:05:12 -0500] "GET /wp-admin/ID3/languages/met/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 147.135.10.231 - - [24/Nov/2025:19:19:12 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "ForemediaBot" 147.135.10.231 - - [24/Nov/2025:19:19:11 -0500] "GET / HTTP/1.1" 301 795 "-" "ForemediaBot" 3.208.154.201 - - [24/Nov/2025:20:12:36 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 3.208.154.201 - - [24/Nov/2025:20:12:35 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 84.54.44.19 - - [24/Nov/2025:20:31:55 -0500] "GET /contact-us/ HTTP/1.0" 301 795 "http://zimelnews.com/contact-us/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 43.157.175.122 - - [24/Nov/2025:20:43:49 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 172.105.82.111 - - [24/Nov/2025:21:00:41 -0500] "GET /en/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:41 -0500] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:41 -0500] "GET /nc_assets__6369b9e/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/blockt/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/php/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/user/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/ID3/languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/IXR/network/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/user/wp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 13.126.34.59 - - [24/Nov/2025:21:03:21 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "axios/1.7.4" 211.75.77.158 - - [24/Nov/2025:21:03:29 -0500] "GET / HTTP/1.1" 301 795 "-" "curl/7.81.0" 152.32.216.55 - - [24/Nov/2025:21:03:56 -0500] "GET / HTTP/1.1" 301 795 "http://zimelnews.com/" "Mozilla/5.0 (Linux; Android 12; SM-G950U; Build/SD1A.210117.121) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.3065.87 Mobile Safari/537.36 EdgA/133.0.3065.87" 13.126.34.59 - - [24/Nov/2025:21:03:56 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/css/colors/modern/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/user/Text/SimplePie/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/php/plugins/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:36 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:41 -0500] "GET /urdu__6369b9e/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:41 -0500] "GET /wp-admin__6369b9e/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:00:58 -0500] "GET /wp-admin/random/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/user/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/certificates/fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/php/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:02:00 -0500] "GET /wp-admin/random/php/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/random/php/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/certificates/fonts/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/ID3/languages/met/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/IXR/network/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 172.105.82.111 - - [24/Nov/2025:21:06:37 -0500] "GET /wp-admin/css/colors/midnight/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" 49.217.196.128 - - [24/Nov/2025:21:19:03 -0500] "GET / HTTP/1.1" 301 795 "-" "curl/7.81.0" 49.217.196.128 - - [24/Nov/2025:21:26:00 -0500] "GET / HTTP/1.1" 301 795 "-" "curl/7.81.0" 103.186.30.186 - - [24/Nov/2025:21:38:51 -0500] "GET /wp-admin/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:52 -0500] "GET /chosen.php?p= HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:52 -0500] "GET /file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:53 -0500] "GET /flower.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:54 -0500] "GET /class-t.api.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:56 -0500] "GET /abcd.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:56 -0500] "GET /shelp.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:58 -0500] "GET /wp-admin/admin-ajax.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:59 -0500] "GET /wp-admin/zwso.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:00 -0500] "GET /bolt.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:01 -0500] "GET /shlo.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:02 -0500] "GET /ahax.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:02 -0500] "GET /php8.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:03 -0500] "GET /lufix1.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:04 -0500] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:04 -0500] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:05 -0500] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:49 -0500] "GET /style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:50 -0500] "GET /wp-content/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:50 -0500] "GET /wp-content/themes/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:51 -0500] "GET /wp-includes/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:53 -0500] "GET /gifclass.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:53 -0500] "GET /bless.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:55 -0500] "GET /blurbs.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:55 -0500] "GET /akcc.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:57 -0500] "GET /cord.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:57 -0500] "GET /dex.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:58 -0500] "GET /file2.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:38:59 -0500] "GET //zwso.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:00 -0500] "GET /wp-content/plugins/hellopress/wp_mna.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:01 -0500] "GET /133.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:03 -0500] "GET /witmm.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:05 -0500] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:06 -0500] "GET /222.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:06 -0500] "GET /files.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.186.30.186 - - [24/Nov/2025:21:39:07 -0500] "GET /wp-editor.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 49.217.196.128 - - [24/Nov/2025:21:45:30 -0500] "GET / HTTP/1.1" 301 795 "-" "curl/7.81.0" 49.217.196.128 - - [24/Nov/2025:21:46:32 -0500] "GET / HTTP/1.1" 301 795 "-" "curl/7.81.0" 50.31.235.131 - - [24/Nov/2025:21:52:22 -0500] "HEAD / HTTP/1.1" 301 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36" 43.131.39.179 - - [24/Nov/2025:22:05:34 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 205.210.31.219 - - [24/Nov/2025:22:05:02 -0500] "GET / HTTP/1.1" 301 795 "-" "Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity" 34.96.47.31 - - [24/Nov/2025:22:21:28 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "IAB-Tech-Lab" 220.76.206.106 - - [24/Nov/2025:22:36:15 -0500] "GET /wp-json/wp/v2/posts HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 49.214.255.23 - - [24/Nov/2025:23:29:32 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 20.242.70.185 - - [24/Nov/2025:23:59:44 -0500] "GET /wp-includes/ID3/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:44 -0500] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:45 -0500] "GET /wp-admin/autoload_classmap.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:45 -0500] "GET /wp-admin/wp-conflg.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:45 -0500] "GET /info.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:46 -0500] "GET /images/admin.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:46 -0500] "GET /wp-includes/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:47 -0500] "GET /wp-admin/network/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:47 -0500] "GET /wp-includes/assets/admin.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:48 -0500] "GET /alfa.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:48 -0500] "GET /wp-includes/theme-compat/wp-conflg.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:48 -0500] "GET /wp-content/plugins/google-seo-rank/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:40 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:43 -0500] "GET /wp-includes/certificates/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:44 -0500] "GET /wp-includes/html-api/wp-conflg.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:44 -0500] "GET /wp-includes/assets/index.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:44 -0500] "GET /wp-admin/admin.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:45 -0500] "GET /wp-admin/network/wp-conflg.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:46 -0500] "GET /wp-content/uploads/wp-conflg.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:46 -0500] "GET /wp-admin/user/admin.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:46 -0500] "GET /wp-admin/js/wp-conflg.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:47 -0500] "GET /wp-admin/about.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:47 -0500] "GET /wp-admin/includes/plugins.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:47 -0500] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "-" 20.242.70.185 - - [24/Nov/2025:23:59:48 -0500] "GET /wp-includes/theme-compat/wp-conflg.php/wp-content/plugins/google-seo-rank/index.php HTTP/1.1" 301 795 "-" "-" 103.163.161.30 - - [25/Nov/2025:00:11:51 -0500] "GET /style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:11:56 -0500] "GET /wp-content/themes/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:11:57 -0500] "GET /wp-admin/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:11:59 -0500] "GET /wp-includes/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:00 -0500] "GET /chosen.php?p= HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:04 -0500] "GET /flower.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:06 -0500] "GET /gifclass.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:07 -0500] "GET /bless.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:09 -0500] "GET /class-t.api.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:11 -0500] "GET /akcc.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:14 -0500] "GET /cord.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:15 -0500] "GET /dex.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:17 -0500] "GET /wp-admin/admin-ajax.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:22 -0500] "GET /wp-admin/zwso.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:26 -0500] "GET /bolt.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:28 -0500] "GET /133.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:31 -0500] "GET /lufix1.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:34 -0500] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:38 -0500] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:40 -0500] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:42 -0500] "GET /222.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:11:54 -0500] "GET /wp-content/style.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:03 -0500] "GET /file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:10 -0500] "GET /blurbs.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:12 -0500] "GET /abcd.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:14 -0500] "GET /shelp.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:18 -0500] "GET /file2.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:20 -0500] "GET //zwso.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:24 -0500] "GET /wp-content/plugins/hellopress/wp_mna.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:27 -0500] "GET /shlo.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:29 -0500] "GET /ahax.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:30 -0500] "GET /php8.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:32 -0500] "GET /witmm.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:36 -0500] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:44 -0500] "GET /files.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 103.163.161.30 - - [25/Nov/2025:00:12:46 -0500] "GET /wp-editor.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 118.194.228.7 - - [25/Nov/2025:00:21:32 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36" 172.105.82.111 - - [25/Nov/2025:01:07:44 -0500] "GET / HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 172.105.82.111 - - [25/Nov/2025:01:07:44 -0500] "GET / HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 3.208.154.201 - - [25/Nov/2025:01:20:33 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 3.208.154.201 - - [25/Nov/2025:01:20:34 -0500] "GET /ads.txt HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 52.138.205.19 - - [25/Nov/2025:01:40:30 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:31 -0500] "GET /akc.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:31 -0500] "GET /clss.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:31 -0500] "GET /1.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:32 -0500] "GET /asasx.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:32 -0500] "GET /num.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:33 -0500] "GET /jga.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:33 -0500] "GET /byp8.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:34 -0500] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:34 -0500] "GET /zwso.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:35 -0500] "GET /dropdown.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:35 -0500] "GET /atomlib.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:35 -0500] "GET /a.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:36 -0500] "GET /v.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:37 -0500] "GET /gmo.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:37 -0500] "GET /20.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:38 -0500] "GET /c.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:39 -0500] "GET /build.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:39 -0500] "GET /bless.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:39 -0500] "GET /lock360.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:40 -0500] "GET /4.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:40 -0500] "GET /r.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:41 -0500] "GET /wp-22.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:42 -0500] "GET /NewFile.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:42 -0500] "GET /t.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:43 -0500] "GET /2.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:43 -0500] "GET //gmo.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:44 -0500] "GET /12.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:44 -0500] "GET /wp-admin/css/wp-conflg.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:45 -0500] "GET /wp-includes/js/codemirror/index.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:45 -0500] "GET /02.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:45 -0500] "GET /go.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:46 -0500] "GET /jp.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:46 -0500] "GET /ff.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:47 -0500] "GET /an.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:48 -0500] "GET /wp.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:50 -0500] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:51 -0500] "GET /wp-includes/ID3/rk2.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:51 -0500] "GET /radio.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:52 -0500] "GET /info.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:31 -0500] "GET /neshe HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:32 -0500] "GET /pn.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:33 -0500] "GET /x.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:34 -0500] "GET /wander.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:36 -0500] "GET /d2.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:36 -0500] "GET /xc.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:36 -0500] "GET /g.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:37 -0500] "GET /11.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:38 -0500] "GET /f35.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:38 -0500] "GET /1.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:39 -0500] "GET /admin/upload/css.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:40 -0500] "GET /about.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:41 -0500] "GET /v4.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:41 -0500] "GET /makeasmtp.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:42 -0500] "GET /system_log.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:42 -0500] "GET /ee.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:43 -0500] "GET /6.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:44 -0500] "GET /0.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:45 -0500] "GET /w.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:46 -0500] "GET /kk.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:47 -0500] "GET /goods.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:47 -0500] "GET /ee.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:48 -0500] "GET /vv.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:48 -0500] "GET /ar.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:48 -0500] "GET /w.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:49 -0500] "GET /3.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:49 -0500] "GET /t.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:49 -0500] "GET /wp-content/plugins/TOPXOH/wDR.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:50 -0500] "GET /admin.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:50 -0500] "GET /admin.php?p= HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:50 -0500] "GET /index/function.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:51 -0500] "GET /license.php HTTP/1.1" 301 795 "-" "-" 52.138.205.19 - - [25/Nov/2025:01:40:52 -0500] "GET /alfanew.php HTTP/1.1" 301 795 "-" "-" 193.36.220.10 - - [25/Nov/2025:01:51:33 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" 185.189.167.115 - - [25/Nov/2025:02:00:46 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.7444.60 Safari/537.36" 138.197.109.82 - - [25/Nov/2025:02:23:50 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" 138.197.109.82 - - [25/Nov/2025:02:23:50 -0500] "GET /favicon.ico HTTP/1.1" 301 795 "http://zimelnews.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36" 43.166.246.180 - - [25/Nov/2025:02:38:25 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 185.242.177.56 - - [25/Nov/2025:03:07:56 -0500] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:133.0) Gecko/20100101 Firefox/133.0"