芝麻web文件管理V1.00

编辑当前文件:/home/freeclou/access-logs/freecloudservices.ir
196.251.86.13 - - [01/Nov/2025:15:42:34 +0330] "GET /index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1 HTTP/1.1" 301 795 "-" "ALittle Client" 149.34.242.98 - - [01/Nov/2025:16:26:50 +0330] "GET /manager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:26:50 +0330] "GET /bless.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:51 +0330] "GET /O-Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:26:51 +0330] "GET /lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:51 +0330] "GET /zwso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:26:51 +0330] "GET /chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:51 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:26:51 +0330] "GET /admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /.well-known/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /.wp/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /robots.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /inputs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:26:52 +0330] "GET /mini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /file5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /update/f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:26:53 +0330] "GET /wp-content/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /themes/zMousse/otuz1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /wp-content/edit-wolf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /images/upload.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:54 +0330] "GET /wp-content/plugins/seoplugins/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:55 +0330] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:26:55 +0330] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:55 +0330] "GET /admin/uploads/bn_1_1754420677.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:26:55 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:55 +0330] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:26:55 +0330] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/kill.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /wp-includes/style-engine/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /wp-content/plugins/envato-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:56 +0330] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /uploads/94056-upload.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /index/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /js/bas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /.well-known/pki-validation/moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:26:57 +0330] "GET /wp-includes/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:26:58 +0330] "GET /wp-content/upgrade/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:58 +0330] "GET /buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:58 +0330] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:58 +0330] "GET /wp-content/themes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:26:58 +0330] "GET /wp-content/plugins/elementor/wp-wjvngrh.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:26:58 +0330] "GET /wp-includes/IXR/fix.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /wp-includes/widgets/dyqvcfqv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /wp-includes/images/smilies/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /wp-includes/PHPMailer/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /wp-includes/PHPMailer/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:26:59 +0330] "GET /wp-includes/widgets/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /files/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /wp-includes/PHPMailer/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /inc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /filemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /cgi-bin/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:00 +0330] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /wp-includes/IXR/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /wp-admin/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /wp-includes/block-supports/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:01 +0330] "GET /wp-admin/network/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:02 +0330] "GET /admin/upload/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:02 +0330] "GET /wp-blog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:02 +0330] "GET /wp-admin/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:02 +0330] "GET /wp-content/plugins/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:02 +0330] "GET /wp-includes/blocks/table/int/tmpl/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:02 +0330] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /wp-includes/js/jquery/suggest.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /wp-content/plugins/pwnd-1/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /wp-includes/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /images/DJP9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /wp-includes/customize/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:03 +0330] "GET /wp-admin/shell20211028.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /natural.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /function/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /wp-admin/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /wp-includes/theme-compat/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:04 +0330] "GET /about/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /wp-includes/Requests/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /wp-includes/ID3/about.php/wp-content/x/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /wp-includes/ID3/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /wp-content/languages/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /update/403.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:05 +0330] "GET /wp-includes/assets/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:06 +0330] "GET /wp-includes/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:06 +0330] "GET /wp-includes/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:06 +0330] "GET /wp-admin/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:06 +0330] "GET /autoload_classmap/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:06 +0330] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:06 +0330] "GET /images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /.well-known/pki-validation/mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /mah/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /wp-content/plugins/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /wp-includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:07 +0330] "GET /wp-admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /templates/beez3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /wp-admin/js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /wp-admin/css/colors/blue/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /images/class-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /components/com_jea/views/form/tmpl/size.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:08 +0330] "GET /templates/beez/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:09 +0330] "GET /bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:09 +0330] "GET /class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:27:09 +0330] "GET /wp-admin/css/colors/light/profile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:09 +0330] "GET /wp-content/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:09 +0330] "GET /wp-content/uploads/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:09 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ask.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /wp-includes/rest-api/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /css/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /init.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /wp-admin/user/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /autoload_classmap/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /wp-includes/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:10 +0330] "GET /assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /.well-known/pki-validation/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /wp-content/uploads/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /css/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /adminfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /wp-admin/css/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /wp_wlx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:11 +0330] "GET /wp-admin/js/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /wp-includes/assets/husky301.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /wp-admin/css/colors/blue/wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /wp-content/themes/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /wp-header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /wp-content/themes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:12 +0330] "GET /Marvins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /wp-includes/images/smilies/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /xx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /wp-includes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:13 +0330] "GET /wp-content/blue.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:14 +0330] "GET /content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:14 +0330] "GET /wp-content/uploads/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:14 +0330] "GET /wp-admin/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:14 +0330] "GET /wp-includes/rest-api/endpoints/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:27:14 +0330] "GET /wp-content/languages/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:14 +0330] "GET /wp-content/plugins/wp-theme-editor/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /wp-content/plugins/up/main.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /fonts/fontawesome-webfont.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /wp-admin/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /wp-admin/includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /images/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:15 +0330] "GET /images/class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /wp-content/plugins/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /web.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /wp-admin/css/colors/ocean/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /wp-content/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /.well-known/gecko-litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:16 +0330] "GET /wp-admin/css/colors/midnight/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:17 +0330] "GET /wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:17 +0330] "GET /wp-includes/style-engine/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:17 +0330] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:17 +0330] "GET /wp-admin/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:17 +0330] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:17 +0330] "GET /wp-admin/css/colors/midnight/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /wp-setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /ms-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /wp-includes/assets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /wp-includes/infi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:18 +0330] "GET /wp-admin/maint/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /wp-includes/IXR/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /images/index22.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /wp-user.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /wp-includes/pomo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:19 +0330] "GET /wp-includes/pomo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:20 +0330] "GET /config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:20 +0330] "GET /special.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:20 +0330] "GET /assets/script.js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:20 +0330] "GET /wp-content/themes/twentytwentythree/patterns/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:20 +0330] "GET /wp-admin/css/colors/sunrise/colors_95.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:20 +0330] "GET /wp-includes/block-patterns/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /wp-content/uploads/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /wp-includes/certificates/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /cgi-bin/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /wp-content/cache/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /wp-admin/css/colors/blue/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /wp-includes/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:27:21 +0330] "GET /webdb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /assets/images/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /file2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /wp-includes/ID3/wp-work.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /wp-admin/css/colors/blue/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /wp-includes/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:22 +0330] "GET /.well-known/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /wp-admin/css/colors/blue/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /wp-admin/js/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /wp-includes/random_compat/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /wp-admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /wp-content/plugins/WordPressCore/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:23 +0330] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:24 +0330] "GET /wp-links-opml.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:24 +0330] "GET /wp-admin/user/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:24 +0330] "GET /atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:24 +0330] "GET /wp-includes/js/jquery/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:24 +0330] "GET /wp-includes/xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:24 +0330] "GET /wp-includes/certificates/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /wp-includes/images/media/dog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /xp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /wp-includes/SimplePie/applicationd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /wp-includes/assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /wp-links.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:25 +0330] "GET /wp-includes/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-includes/ID3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-includes/pomo/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-includes/IXR/security.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-content/plugins/phpadmin/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-includes/Requests/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-content/plugins/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:26 +0330] "GET /wp-content/plugins/seoo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /wp-includes/fonts/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /wp-admin/user/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /wp-admin/js/widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /webadmin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /wp-includes/PHPMailer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:27 +0330] "GET /wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:28 +0330] "GET /xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:28 +0330] "GET /go.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:28 +0330] "GET /wp-admin/xleet.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:28 +0330] "GET /templates/beez3/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:28 +0330] "GET /wp-admin/css/colors/blue/ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:28 +0330] "GET /.well-known/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /wp-includes/assets/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /cgi-bin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /wp-content/uploads/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /wp-content/plugins/view-more/ioxi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /wp-includes/customize/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /wp-includes/pomo/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:29 +0330] "GET /wp-admin/css/colors/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /warm.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /wp-admin/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /wp-includes/images/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /wp-content/plugins/ioxi/ioxiworm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /blog/wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:30 +0330] "GET /hehehehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:31 +0330] "GET /.well-known/acme-challenge/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:31 +0330] "GET /.well-known/acme-challenge/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:31 +0330] "GET /.well-known/acme-challenge/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:27:31 +0330] "GET /wp-content/themes/astra/inc/ki1k.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:31 +0330] "GET /wp-content/themes/astra/inc/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:31 +0330] "GET /wp-content/plugins/ccx/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-content/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-includes/Requests/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-includes/css/dist/edit-widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-includes/css/dist/edit-widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-includes/Requests/src/Exception/Http/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-includes/Text/Diff/Renderer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:32 +0330] "GET /wp-includes/Text/Diff/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-admin/css/colors/ocean/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-includes/images/media/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-admin/maint/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:33 +0330] "GET /wp-content/plugins/seoplugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /wp-includes/fonts/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /wp-content/themes/twentytwentytwo/assets/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /wp-includes/certificates/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /byp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /blog/wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /wp-includes/images/media/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:27:34 +0330] "GET /blog/wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:35 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:35 +0330] "GET /wp-includes/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:35 +0330] "GET /cgi-bin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:35 +0330] "GET /wp-content/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:35 +0330] "GET /class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:35 +0330] "GET /wp-includes/certificates/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /wp-content/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /system_log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /.alf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /wp-includes/blocks/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /flower.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:36 +0330] "GET /wp-includes/wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /wp-admin/js/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /wp-content/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /.bod/.ll/ss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:37 +0330] "GET /.well-known/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /wp-content/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /wp-admin/css/colors/ectoplasm/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /ab.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:38 +0330] "GET /wp-content/themes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:39 +0330] "GET /wp-content/themes/twentytwentytwo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:39 +0330] "GET /doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:39 +0330] "GET /wp-includes/html-api/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:39 +0330] "GET /wp-includes/style-engine/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:39 +0330] "GET /wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:39 +0330] "GET /mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /wp-includes/sitemaps/providers/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /wp-admin/css/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /wp-includes/Text/Diff/Engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /wp-includes/style-engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /js/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:40 +0330] "GET /wp-admin/images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /wp-content/uploads/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /wp-content/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /wp-admin/js/widgets/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /adminfuns.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:41 +0330] "GET /wp-admin/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /wp-admin/css/colors/coffee/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /wp-includes/blocks/calendar/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /.well-known/acme-challenge/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:42 +0330] "GET /wp-admin/js/instaall.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:43 +0330] "GET /wp-includes/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:43 +0330] "GET /wp-includes/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:43 +0330] "GET /wp-content/plugins/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:27:43 +0330] "GET /wp-content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:43 +0330] "GET /wp-includes/css/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:43 +0330] "GET /wp-includes/Text/Diff/Renderer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /wp-admin/network/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /wp-admin/css/colors/light/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /customize.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /wp-content/languages/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /lock.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:44 +0330] "GET /wp-admin/css/colors/blue/gold.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /wp-includes/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /wp-includes/rest-api/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /.well-known/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /.well-known/wincust.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /wp-admin/css/colors/light/alfa-rex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /wp-good.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:45 +0330] "GET /wp-includes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:46 +0330] "GET /wp-includes/style-engine/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:46 +0330] "GET /wp-includes/assets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:46 +0330] "GET /wp-content/themes/twentytwentyfour/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:27:46 +0330] "GET /randkeyword.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:46 +0330] "GET /wp-admin/js/widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:46 +0330] "GET /fonts/database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /ff2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /wp-includes/SimplePie/Exception-wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /wp-admin/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /wp-includes/rest-api/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /jp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /wp-atom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:47 +0330] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /wp-content/uploads/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /assets/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /simple/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:48 +0330] "GET /worm.PhP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /ext.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /delpaths.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /.well-known/pki-validation/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /wp-includes/bk/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /wp-content/plugins/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /.well-known/pki-validation/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:49 +0330] "GET /wp-admin/css/colors/sunrise/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:50 +0330] "GET /gifclass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:50 +0330] "GET /plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:50 +0330] "GET /wp-content/themes/twentytwentyfour/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:27:50 +0330] "GET /update-core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:50 +0330] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:50 +0330] "GET /wp-mail.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /wp-admin/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /.well-known/acme-challenge/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /wp-admin/maint/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /wp-admin/js/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:51 +0330] "GET /wp-content/uploads/2023/05/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /wp-admin/maint/maint.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /assets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /aa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /index2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /wp-content/themes/hello-element/footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /wp-admin/network/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:52 +0330] "GET /.well-known/pki-validation/2index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /wp-content/languages/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /.well-known/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /wp-includes/Text/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /wp-admin/network/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /.well-known/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:53 +0330] "GET /hehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:54 +0330] "GET /wp-includes/fonts/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:54 +0330] "GET /css/slider.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:54 +0330] "GET /dir.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:54 +0330] "GET /wp-includes/css/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:54 +0330] "GET /wp-content/style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:54 +0330] "GET /libraries/phpmailer/updates.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /nf_tracking.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /wp-admin/css/about.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /filefuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /.well-known/pki-validation/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /l.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /repeater.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:55 +0330] "GET /wp-admin/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /wp-includes/sitemaps/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /contacts.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /wsa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /wp-includes/SimplePie/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /wp-includes/sodium_compat/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:56 +0330] "GET /wp-content/uploads/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /lv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /images/js1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /wp-admin/maint/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /.well-known/acme-challenge/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /.well-known/acme-challenge/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /wp-includes/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:57 +0330] "GET /wp-includes/ID3/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:58 +0330] "GET /wp-admin/theme-editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:58 +0330] "GET /wp-admin/css/colors/blue/abc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:27:58 +0330] "GET /wp-admin/maint/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:58 +0330] "GET /wp-content/themes/twentytwentyfour/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:58 +0330] "GET /wp-content/plugins/fix/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:58 +0330] "GET /tox.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /wp-content/languages/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /wp-includes/js/dist/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /wp-admin/css/colors/tfileman.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /tiny.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /wp-admin/js/widgets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:27:59 +0330] "GET /wp-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /wp-includes/sodium_compat/src/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /wp-content/plugins/erinyani/asasx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /wp-admin/maint/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:00 +0330] "GET /wp-admin/css/glex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:01 +0330] "GET /wp-admin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:01 +0330] "GET /wp-includes/SimplePie/Parse/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:01 +0330] "GET /.well-known/acme-challenge/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:01 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:01 +0330] "GET /wp-content/themes/sky-pro/js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:01 +0330] "GET /wp-includes/Text/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /wp-content/themes/pridmag/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /theme.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /wp-content/themes/twentytwentytwo/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /wp-admin/css/colors/coffee/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /.well-known/acme-challenge/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:02 +0330] "GET /wp-admin/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /wp-admin/css/colors/ocean/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /wp-content/plugins/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /.well-known/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /css/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /images/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /wp-includes/SimplePie/Cache/upfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:03 +0330] "GET /small.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /NewFile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /wp-content/uploads/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /wp-content/plugins/pwnd/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /wp-includes/widgets/class-wp-widget-search-function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:04 +0330] "GET /wp-content/languages/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:05 +0330] "GET /wp-files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:05 +0330] "GET /functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:05 +0330] "GET /admin/controller/extension/extension/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:05 +0330] "GET /wp-includes/SimplePie/Canonical.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:05 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/uss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:05 +0330] "GET /wp-includes/certificates/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /aks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /wp-includes/class-feed-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /wpn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /wp-content/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:06 +0330] "GET /.well-known/acme-challenge/iR7SzrsOUEP.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-section-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-content/themes/twentytwentyfour/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-includes/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-includes/class-wp-dependency-float.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-includes/PHPMailer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-includes/PHPMailer/purna.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:07 +0330] "GET /wp-includes/interactivity-api/interactivity-api-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:08 +0330] "GET /wp-includes/l10n/class-wp-widddget-pages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:08 +0330] "GET /tinyfilemanager/tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:08 +0330] "GET /wp-admin/css/colors/light/colors.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:08 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-auto-add-control-repository.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:08 +0330] "GET /wp-includes/assets/script-loader-react-refresh-runtime.min-soap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:08 +0330] "GET /wp-includes/ID3/module.audio-video.riff-set.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /fog/management/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /wp-includes/js/tinymce/utils/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /components/com_newsfeeds/models/indexx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /images/wp-aespa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /wp-includes/Text/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /.well-known/acme-challenge/wp-load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:09 +0330] "GET /wp-content/upgrade/cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /wp-content/themes/aahana/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /anonse/lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /wp-admin/includes/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /plugins/content/apismtp/apismtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /wp-admin/includes/class-core-upgrader-first.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:10 +0330] "GET /wp-admin/css/wp-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /.well-known/save.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /wp-includes/feed-rsss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 45.131.155.101 - - [01/Nov/2025:16:28:11 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /wp-includes/IXR/goto.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /wp-admin/css/colors/blue/xboom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /uploads/af32.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /wp-content/themes/kadence/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:11 +0330] "GET /Sanskrit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:12 +0330] "GET /wp-fmfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.131.155.101 - - [01/Nov/2025:16:28:12 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:12 +0330] "GET /.trash7309/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:12 +0330] "GET /wp-content/plugins/revslider/includes/external/page/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:12 +0330] "GET /wp-content/plugins/ioxi/ioxi/dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:12 +0330] "GET /memberfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:12 +0330] "GET /infos.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /modules/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /wp-content/x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /wp-content/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /options-writing.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /options-reading.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /wsad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:13 +0330] "GET /nation.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /wp-includes/js/codemirror/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /wp-includes/wp_class_datlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /wp-includes/js/tinymce/langs/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /autoload_classmap/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /wp-atomx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:14 +0330] "GET /wp-admin/maint/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:15 +0330] "GET /wp-content/plugins/ubh/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:15 +0330] "GET /wp-includes/SimplePie/Registry-private.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:15 +0330] "GET /wp-includes/assets/script-modules-packages.min-meta.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:15 +0330] "GET /wp-includes/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:15 +0330] "GET /wp-content/themes/twentytwentyfour/content-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /admin/controller/extension/extension/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /wp-admin/css/colors/modern/colors.css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /wp-includes/style-engine/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /css/media-widget-vide02.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /wp-includes/blocks/group/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /images/buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:16 +0330] "GET /templates/beez3/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /manager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /wp-includes/widgets/class-wp-wolf-widget.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /bless.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /wp-admin/css/colors/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /O-Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /plugins/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /.well-known/header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /zwso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /wordpress/wp-content/uploads/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /.well-known/pki-validation/server.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:17 +0330] "GET /autoload_classmap/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /wp-content/plugins/pwnd/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /wp-content/plugins/ubh/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /.well-known/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /wp-content/uploads/anas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /wp-admin/css/colors/blue/shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /.wp/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /wp-content/plugins/erinyani/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /wp-includes/Text/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /robots.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /xex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /inputs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:18 +0330] "GET /ar/wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /mini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /wp-content/plugins/pwnd/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /file5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /upload/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /wp-head.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /wp-content/upgrade/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /makeasmtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /update/f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:19 +0330] "GET /wp-includes/wp-sup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-content/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wordpress/wp-includes/class-wp-http-ixr-client-view.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /images/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /themes/zMousse/otuz1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-includes/widgets/class-t.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-content/edit-wolf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-content/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /manager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /.well-known/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /bless.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-content/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /O-Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /wp-admin/css/colors/blue/navi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /images/upload.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-includes/css/dist/require-dynamic-blocks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/plugins/seoplugins/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /zwso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /xp.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/languages/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/bypass_1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /admin/uploads/bn_1_1754420677.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-admin/js/elementskit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /.well-known/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /admin/user_data.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-includes/widgets/class-wp-widget-rss-database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /.wp/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /.well-known/pki-validation/kur.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-includes/class-wp-customize-manager-client.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /robots.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/kill.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-includes/assets/script-modules-packages.min-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /inputs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-includes/style-engine/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-admin/css/colors/error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /manager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /bless.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /O-Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /zwso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:20 +0330] "GET /chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /.well-known/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /.wp/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:21 +0330] "GET /robots.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /inputs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /mini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /file5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /update/f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /mini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /ALFA_DATA/alfacgiapi/all.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-admin/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /file5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /wp-content/plugins/envato-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /.well-known/pki-validation/xmrlpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:22 +0330] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-admin/maint/repairs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /uploads/94056-upload.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-includes/images/smilies/simi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /index/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /update/f35.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-header.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-content/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /file.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /js/bas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /.tmb/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /themes/zMousse/otuz1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /.well-known/pki-validation/moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-content/edit-wolf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-includes/style-engine-session.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-includes/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /images/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/upgrade/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /images/upload.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/plugins/seoplugins/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /js/js1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/themes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-includes/assets/wp-includes/assets/script-loader-packages.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-includes/blocks/file/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/plugins/elementor/wp-wjvngrh.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /admin/uploads/bn_1_1754420677.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /images/habhan.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-includes/IXR/fix.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/mu-plugins/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/widgets/dyqvcfqv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/IXR/class-IXR-cilent.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/uploads/wp-cert.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/images/smilies/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /about/function.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/kill.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /routes/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/style-engine/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/PHPMailer/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/images/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/PHPMailer/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/PHPMailer/xleet.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/widgets/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-admin/js/widgets/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-content/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /themes/zMousse/otuz1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-content/edit-wolf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:23 +0330] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /images/upload.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/plugins/seoplugins/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /admin/uploads/bn_1_1754420677.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:24 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/kill.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-includes/style-engine/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:25 +0330] "GET /wp-content/plugins/envato-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /files/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /f35_SpaceTn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-admin/css/colors/sunrise/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-includes/PHPMailer/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /uploads/94056-upload.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/fixed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /inc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /index/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-admin/js/widgets/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-content/plugins/fix/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /js/bas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /filemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-includes/category-double.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /.well-known/pki-validation/moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /cgi-bin/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-admin/maint/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /blog/signatur.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-includes/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/IXR/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/assets/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/upgrade/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-admin/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/widgets/security.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /include/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /gm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/themes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/class-wp-language-pack.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/block-supports/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/plugins/elementor/wp-wjvngrh.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /js/content-type.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/IXR/fix.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/class-walker-comment-client.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/widgets/dyqvcfqv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-admin/network/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /about/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /admin/upload/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /file/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/images/smilies/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-blog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /function/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-admin/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/PHPMailer/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-content/plugins/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /wp-content/plugins/envato-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /uploads/94056-upload.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /index/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:26 +0330] "GET /js/bas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /.well-known/pki-validation/moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-includes/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/upgrade/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:27 +0330] "GET /wp-content/themes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-content/plugins/elementor/wp-wjvngrh.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/IXR/fix.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/widgets/dyqvcfqv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/images/smilies/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-content/upgrade/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/PHPMailer/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/class-wp-network-query-stat.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/blocks/table/int/tmpl/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/widgets/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-content/themes/pridmag/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /files/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /plugin-install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/js/jquery/suggest.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/PHPMailer/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/class-wp-session-tokens-https.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /inc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-admin/js/load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-content/plugins/pwnd-1/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /images/firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /filemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/images/crystal/lrs_dage.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /cgi-bin/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /images/DJP9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-content/upgrade/pdf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/customize/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/IXR/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-admin/shell20211028.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-content/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-admin/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/certificates/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /natural.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/customize/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /function/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/block-supports/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /css/fan.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-admin/css/colors/blue/colors.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-admin/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-admin/network/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /images/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/theme-compat/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /admin/upload/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-content/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-blog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /about/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-admin/css/colors/ectoplasm/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-admin/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/Requests/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-content/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/plugins/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:28 +0330] "GET /wp-includes/PHPMailer/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/PHPMailer/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/widgets/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /files/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-includes/PHPMailer/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /inc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:29 +0330] "GET /wp-content/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /filemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /cgi-bin/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/IXR/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-admin/js/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:30 +0330] "GET /function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/block-supports/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-admin/network/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /admin/upload/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-blog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/ID3/about.php/wp-content/x/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/js/thickbox/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/blocks/table/int/tmpl/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/ID3/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/themes/twentytwentyfour/icascreenshots.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/languages/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/js/jquery/suggest.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/upgrade/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /update/403.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/plugins/pwnd-1/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-admin/css/colors/ocean/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/assets/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-includes/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /images/DJP9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /b.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/customize/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/certificates/past.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-admin/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-admin/shell20211028.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-content/uploads/2021/faiyy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /natural.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /autoload_classmap/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /css/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-content/plugins/pwnd/sst.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /function/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/edit-tags.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wsax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-admin/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /bless.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /.well-known/pki-validation/mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/theme-compat/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/uploads/system_cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /mah/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /about/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /templates/beez3/dbcthbohhr.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/plugins/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/Requests/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/ID3/about.php/wp-content/x/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/themes/tflow/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/css/dist/footer-default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/ID3/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/plugins/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/languages/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/widgets/class-wp-widget-meta-request.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /update/403.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /templates/beez3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-content/plugins/pwnd/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-admin/js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/css/dist/edit-widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/assets/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-content/plugins/ubh/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-admin/css/colors/blue/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /.well-known/pki-validation/webdb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /images/class-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/l10n/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-admin/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-admin/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:31 +0330] "GET /wp-content/plugins/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/blocks/table/int/tmpl/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/js/jquery/suggest.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-content/plugins/pwnd-1/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /wp-includes/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:32 +0330] "GET /images/DJP9.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/customize/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-admin/shell20211028.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /natural.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /function/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:33 +0330] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-admin/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/theme-compat/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /about/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/Requests/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /components/com_jea/views/form/tmpl/size.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-admin/js/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /autoload_classmap/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /templates/beez/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-admin/js/widgets/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /uploads/xsec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /images/Marvins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/plugins/pwnd-1/kurd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-admin/css/colors/light/profile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /.well-known/pki-validation/mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/themes/tflow/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /mah/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/languages/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/plugins/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/uploads/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/uploads/fileman.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ask.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/widgets/wp-ss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/rest-api/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/IXR/xsec1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /css/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /admin.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /templates/beez3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /init.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-admin/css/colors/hong1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-admin/js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-admin/user/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-admin/maint/byps.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /autoload_classmap/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-includes/images/crystal/sad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-admin/css/colors/blue/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-includes/assets/script-loader-packages.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-includes/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /images/class-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-content/themes/twentytwentyfour/patterns/content-type.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /components/com_jea/views/form/tmpl/size.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-admin/network/class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /templates/beez/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /.well-known/pki-validation/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-includes/class-phpmailer-beta.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-content/uploads/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-includes/ms-file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /css/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /.well-known/acme-challenge/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-admin/css/colors/light/profile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /adminfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/ID3/about.php/wp-content/x/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-includes/ID3/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:34 +0330] "GET /wp-content/languages/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /update/403.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/assets/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-includes/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /wp-admin/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:35 +0330] "GET /autoload_classmap/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /.well-known/pki-validation/mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /mah/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-content/plugins/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:36 +0330] "GET /wp-includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-admin/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /templates/beez3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-includes/widgets/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-content/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-admin/css/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /images/news_event/1.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-content/uploads/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp_wlx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /chosen.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ask.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-admin/js/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /bs1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-includes/rest-api/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-includes/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-includes/assets/husky301.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /css/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-includes/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /init.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /page.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-admin/css/colors/blue/wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-admin/user/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-admin/includes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /autoload_classmap/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/themes/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/uploads/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-includes/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/plugins/WordPressCore/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/themes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /.well-known/pki-validation/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /Marvins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/uploads/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /assets/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /css/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-includes/SimplePie/XML/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /adminfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/pomo/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/images/smilies/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-admin/css/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-content/1.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /xx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp_wlx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-admin/css/colors/blue/wp-atom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-admin/js/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/pomo/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/assets/husky301.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/assets/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-content/blue.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /.well-known/acme-challenge/gecko-old.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-admin/js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:37 +0330] "GET /wp-admin/css/colors/blue/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /images/class-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /components/com_jea/views/form/tmpl/size.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /templates/beez/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-admin/css/colors/light/profile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:38 +0330] "GET /wp-content/product.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-content/uploads/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ask.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-includes/rest-api/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /css/css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /init.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-admin/user/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /autoload_classmap/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-includes/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-admin/css/colors/blue/wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-admin/css/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-content/themes/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:39 +0330] "GET /wp-content/uploads/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-admin/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-includes/widgets/class-wp-nav-widgets.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/themes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-includes/rest-api/endpoints/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /x/test.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /Marvins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/themes/wp-pridmag/init.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/languages/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-admin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/plugins/wp-theme-editor/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-admin/css/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/plugins/up/main.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-includes/images/smilies/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-includes/sitemaps/providers/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /fonts/fontawesome-webfont.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /xx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /ws.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-admin/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-includes/rest-api/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-includes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-includes/fonts/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-content/blue.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /shop.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /images/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-content/plugins/pwnd-1/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-content/uploads/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/js/widgets/setting.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /images/class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-includes/images/smilies/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-content/plugins/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-includes/rest-api/endpoints/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/css/colors/light/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /web.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-content/languages/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/user/header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/css/colors/ocean/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-content/plugins/wp-theme-editor/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-includes/IXR/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-content/plugins/up/main.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-content/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /fonts/fontawesome-webfont.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /.well-known/pki-validation/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-content/uploads/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /css/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /adminfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:40 +0330] "GET /wp-admin/css/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp_wlx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/js/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-includes/assets/husky301.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-admin/css/colors/blue/wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:41 +0330] "GET /wp-content/themes/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-content/themes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /Marvins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-includes/images/smilies/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /xx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /.well-known/gecko-litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-admin/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-admin/css/colors/midnight/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-admin/includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-includes/class-wp-customize-manager-interpreter.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /images/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-includes/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /wp-includes/style-engine/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /images/class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:42 +0330] "GET /images/fm.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-content/plugins/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-includes/count.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /web.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-error_log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/css/colors/ocean/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /assets/class_update_plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/css/colors/midnight/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/network/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-content/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /templates/beez5/error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /.well-known/gecko-litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/network/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /ms-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/css/colors/midnight/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /js/firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/assets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/certificates/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/style-engine/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /assets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-admin/js/file/incpb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/infi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /images/stories/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-admin/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-admin/maint/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/theme-compat/footer-embed-function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-admin/css/colors/midnight/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/IXR/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /home/O-Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-includes/l10n/class-wp-translation-file-mo-event.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /images/index22.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-includes/vars-soap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /ms-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-user.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-content/themes/twentytwentytwo/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-includes/assets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-includes/pomo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /style.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-includes/pomo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-includes/infi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-content/themes/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-admin/maint/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-admin/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /special.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-includes/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-content/blue.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-content/uploads/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-admin/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:43 +0330] "GET /wp-includes/rest-api/endpoints/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-content/languages/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-content/plugins/wp-theme-editor/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-content/plugins/up/main.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /fonts/fontawesome-webfont.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-admin/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:44 +0330] "GET /wp-admin/includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /images/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /images/class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-content/plugins/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /web.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-admin/css/colors/ocean/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /saka.phP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /wp-includes/IXR/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:45 +0330] "GET /assets/script.js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/id3/wp-work.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-content/themes/twentytwentythree/patterns/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-content/plugins/WordPressCore/gecko.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /images/index22.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-admin/css/colors/sunrise/colors_95.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /baxa1.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-user.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/block-patterns/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/class-wp-taxonomy.editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/pomo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-content/uploads/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-content/plugins/pwnd/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/pomo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/certificates/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/js/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /blog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /cgi-bin/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /special.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /about/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-content/cache/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /assets/script.js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-content/themes/pridmag/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-content/themes/twentytwentythree/patterns/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-admin/css/colors/blue/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-admin/network/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-admin/css/colors/sunrise/colors_95.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /images/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/block-patterns/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /webdb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/interactivity-api/interactivity-api-xml.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-content/uploads/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /assets/images/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /js/mrx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/certificates/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /file2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/colour.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /cgi-bin/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/ID3/wp-work.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /elp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-content/cache/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/customize/class-wp-customize-background-position-control-variable.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/css/colors/blue/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/images/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/css/colors/blue/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-content/themes/av.php.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /webdb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-content/plugins/pwnd-1/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /.well-known/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /assets/images/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-content/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /.well-known/gecko-litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-admin/css/colors/midnight/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-trackback.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-includes/style-engine/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:46 +0330] "GET /wp-admin/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-admin/css/colors/midnight/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /ms-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /wp-includes/assets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:47 +0330] "GET /style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/infi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/maint/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/IXR/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /images/index22.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/js/imgareaselect/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /file2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/css/colors/blue/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /upload/bilder/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/ID3/wp-work.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/js/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /fonts/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-includes/random_compat/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/css/colors/blue/pass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/css/colors/blue/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:48 +0330] "GET /wp-admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /entrepreneuse.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/l10n/class-wp-translations-interface.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /.well-known/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-content/plugins/WordPressCore/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/assets/about5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-admin/css/colors/blue/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-admin/maint/lint-branch.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-admin/js/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-content/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-links-opml.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/random_compat/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /js/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-admin/user/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /.well-known/buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /index/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/js/jquery/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-content/plugins/WordPressCore/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/ID3/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /function/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-links-opml.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/certificates/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-content/themes/tflow/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-admin/user/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/images/media/dog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/js/dist/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /xp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /testt.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/js/jquery/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-content/uploads/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/SimplePie/applicationd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-admin/js/sad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/certificates/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/sitemaps/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-links.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/images/media/dog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-user.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/pomo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-includes/pomo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /special.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /assets/script.js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:49 +0330] "GET /wp-content/themes/twentytwentythree/patterns/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-admin/css/colors/sunrise/colors_95.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/block-patterns/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-content/uploads/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-includes/certificates/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /cgi-bin/class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-content/cache/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:50 +0330] "GET /wp-admin/css/colors/blue/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /webdb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /assets/images/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /file2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/ID3/wp-work.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/assets/wp-includes/assets/script-loader-packages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /xp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /web/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/SimplePie/applicationd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/SimplePie/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/ID3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-links.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/pomo/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-admin/css/colors/blue/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/IXR/security.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/sitemaps/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-content/plugins/phpadmin/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wikindex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-includes/ID3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/Requests/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/plugins/seoo/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/pomo/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/SimplePie/Cache/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/plugins/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/IXR/security.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/css/dist/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/plugins/seoo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/plugins/phpadmin/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/fonts/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/Requests/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/customize/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/plugins/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/js/simi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/user/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-content/plugins/seoo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/images/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/js/widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/fonts/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/css/colors/gold.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /webadmin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/Requests/Text/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/user/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/PHPMailer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-content/mu-plugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/js/widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/sitemaps/abcd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /webadmin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/ID3/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/PHPMailer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/widgets/class-wp-widget-search-interpreter.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /go.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/css/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/xleet.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /bitrix/admin/htmleditor2/natural.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /templates/beez3/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /go.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-content/plugins/pwnd/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-admin/css/colors/blue/ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-admin/xleet.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/block-template-utils-other.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /.well-known/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /templates/beez3/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-content/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/assets/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-admin/css/colors/blue/ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /css/adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /.well-known/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /cgi-bin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/sodium_compat/lib/widget-group.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:51 +0330] "GET /wp-admin/css/colors/blue/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /.well-known/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/css/colors/blue/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/js/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-includes/random_compat/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:52 +0330] "GET /wp-admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-content/plugins/WordPressCore/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-links-opml.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-admin/user/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:53 +0330] "GET /wp-includes/js/jquery/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/certificates/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/images/media/dog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /xp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/SimplePie/applicationd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/assets/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-content/uploads/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-content/raw.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /cgi-bin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/js/jcrop/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-content/plugins/view-more/ioxi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-content/uploads/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-admin/includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/customize/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/plugins/view-more/ioxi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/customize/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/pomo/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/customize/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/uploads/2021/wp-works.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-admin/css/colors/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/pomo/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-admin/media-new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /warm.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-admin/css/colors/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /media-new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-admin/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /warm.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /js/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-admin/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/uploads/2021/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/images/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /admin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/plugins/ioxi/ioxiworm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/images/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-includes/class-wp-scripts-query.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/plugins/ioxi/ioxiworm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /blog/wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-admin/js/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /blog/wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /hehehehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /pages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /hehehehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /.well-known/acme-challenge/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-includes/ID3/module.audio-license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /.well-known/acme-challenge/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /.well-known/acme-challenge/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/themes/classwithtostring.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /.well-known/acme-challenge/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /.well-known/acme-challenge/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /uploads/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /.well-known/acme-challenge/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/themes/astra/inc/ki1k.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /assets/js/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/themes/astra/inc/ki1k.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/themes/astra/inc/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /assets/comfunctions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-content/themes/astra/inc/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-content/plugins/ccx/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/class-wp-error-module.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-includes/assets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:28:54 +0330] "GET /wp-links.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/ID3/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/pomo/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-includes/IXR/security.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:55 +0330] "GET /wp-content/plugins/phpadmin/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-includes/Requests/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/plugins/hello.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-content/plugins/seoo/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-includes/fonts/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /moon.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-admin/user/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:56 +0330] "GET /wp-admin/js/widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /webadmin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/PHPMailer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /xl2023.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-content/plugins/ccx/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /css/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-content/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-content/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/Requests/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/Requests/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/css/litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/css/dist/edit-widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/css/dist/edit-widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /images/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/css/dist/edit-widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/css/dist/edit-widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-admin/setup-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/Requests/src/Exception/Http/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/Requests/src/Exception/Http/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/css/dist/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/Text/Diff/Renderer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-includes/Text/Diff/Renderer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/Text/Diff/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/Text/Diff/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/block-bindings/imagess.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-admin/css/colors/ocean/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-admin/css/colors/ocean/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-content/plugins/pwnd/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/images/media/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/images/media/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/default-filters-edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /css/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /assets/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /autoload_classmap/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-admin/maint/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-configs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-content/plugins/seoplugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-admin/maint/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/Requests/Auth/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/fonts/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-content/plugins/seoplugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-admin/js/widgets/bless2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-content/themes/twentytwentytwo/assets/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/fonts/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-admin/network/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/certificates/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-content/themes/twentytwentytwo/assets/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-admin/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /byp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/certificates/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/Text/Diff/Engine/theme.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /go.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /wp-admin/xleet.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:57 +0330] "GET /templates/beez3/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-admin/css/colors/blue/ahax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /.well-known/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/assets/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /cgi-bin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-content/uploads/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-content/plugins/view-more/ioxi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:58 +0330] "GET /wp-includes/customize/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/pomo/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-admin/css/colors/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /warm.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-admin/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/images/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/plugins/ioxi/ioxiworm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /blog/wp-content/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /hehehehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /blog/wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /byp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /.well-known/acme-challenge/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/images/media/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /wp-includes/ID3/shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /blog/wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:28:59 +0330] "GET /blog/wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/customize/class-wp-customize-selective-refresh-library.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/images/media/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /ms-users.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /blog/wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-admin/js/cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /cgi-bin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/Requests/library/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/interactivity-api/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /cgi-bin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /css/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-includes/certificates/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/plugins/classic-editor/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wordpress/wp-admin/includes/wordpress/wp-admin/includes/admin-filters.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /system_log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/certificates/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /assets/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /.alf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /fm.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-content/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-content/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /system_log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/blocks/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/wp-2019.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /.alf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /flower.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/SimplePie/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /assets/images/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/blocks/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-admin/js/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-content/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /flower.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/assets/script-loader-react-refresh-runtime-num.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/assets/script-loader-react-refresh-entry.min-object.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-admin/js/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/aw.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /.well-known/acme-challenge/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /.well-known/acme-challenge/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /.well-known/acme-challenge/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:00 +0330] "GET /wp-content/themes/astra/inc/ki1k.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-content/themes/astra/inc/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-content/plugins/ccx/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-content/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/Requests/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/css/dist/edit-widgets/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/css/dist/edit-widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:01 +0330] "GET /wp-includes/Requests/src/Exception/Http/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/Text/Diff/Renderer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/Text/Diff/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-admin/css/colors/ocean/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/images/media/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/js/tinymce/skins/lightgray/img/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-content/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /update/gely.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /.bod/.ll/ss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /uploads/c99shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /.well-known/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-content/themes/pridmag/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-content/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /uploads/lala.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-admin/css/colors/ectoplasm/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/IXR/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /.bod/.ll/ss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:02 +0330] "GET /wp-includes/css/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /.well-known/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/plugins/wp-theme-editor/include.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /top.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /ab.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-admin/css/colors/ectoplasm/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-includes/css/dist/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/themes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-includes/style-engine/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/themes/twentytwentytwo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-admin/css/adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-includes/html-api/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-includes/template-less.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /ab.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/style-engine/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/pomo/alfa-rex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-content/themes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/abcd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-content/themes/twentytwentytwo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-admin/css/colors/blue/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/sitemaps/providers/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /retu11.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/html-api/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-admin/css/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-content/themes/twentytwentytwo/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/style-engine/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-admin/css/elementskit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/Text/Diff/Engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /js/1.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/style-engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-content/themes/twentytwentyfour/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /js/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/assets/min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/sitemaps/providers/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-admin/images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-admin/css/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-content/uploads/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /backup/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-content/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-content/uploads/uploads.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/Text/Diff/Engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/style-engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-admin/maint/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/plugins/seoplugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-includes/fonts/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-content/themes/twentytwentytwo/assets/fonts/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /wp-includes/certificates/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:03 +0330] "GET /byp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /blog/wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/images/media/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /blog/wp-admin/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-includes/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /cgi-bin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:04 +0330] "GET /wp-content/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /class.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/certificates/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-content/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /system_log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /.alf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-content/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /js/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-admin/js/widgets/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/block-patterns/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-admin/images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /worm0.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /adminfuns.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-content/uploads/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-admin/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/ID3/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-content/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/class-wp-theme-float.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-admin/css/colors/coffee/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /images/c99.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/blocks/calendar/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-content/plugins/core-plugin/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-admin/js/widgets/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-content/themes/twentytwentytwo/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /adminfuns.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/widgets/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /.well-known/acme-challenge/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-admin/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /setup-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-admin/js/instaall.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/widgets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-admin/css/colors/coffee/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-content/uploads/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/blocks/calendar/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /img/prettyPhoto/dark_square/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-content/plugins/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /type.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/block-bindings/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/css/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/PHPMailer/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-includes/Text/Diff/Renderer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /.well-known/acme-challenge/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /as/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-admin/network/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-admin/js/instaall.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/theme-compat/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-admin/css/colors/light/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-admin/maint/flex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /customize.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:05 +0330] "GET /wp-includes/blocks/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /flower.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-includes/wp-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-admin/js/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /wp-content/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /ioxi-o.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:06 +0330] "GET /setup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /.bod/.ll/ss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /.well-known/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-content/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /wp-admin/css/colors/ectoplasm/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:07 +0330] "GET /cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /ab.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-content/themes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-content/themes/twentytwentytwo/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/html-api/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-content/plugins/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /css/hekokstyle.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-content/languages/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-admin/user/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /lock.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/css/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /files/shares/403ws.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-admin/css/colors/blue/gold.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /goat.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/Text/Diff/Renderer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /images/fix.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-admin/network/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/rest-api/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-content/themes/tflow/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-admin/css/colors/light/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /.well-known/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /files.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /.well-known/wincust.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /customize.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/assets/system.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-admin/css/colors/light/alfa-rex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/l10n/class-wp-translations-library.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-good.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-content/languages/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/block-bindings/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /lock.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /images/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/style-engine/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-admin/css/colors/blue/gold.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-content/plugins/linkpreview/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/assets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/customize/class-wp-customize-upload-control-cookie.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-content/themes/twentytwentyfour/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/ID3/simi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/rest-api/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /randkeyword.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/class-wp-taxonomy-sample.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /.well-known/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-admin/js/widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /img/chat-search.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /.well-known/wincust.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /fonts/database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-admin/css/colors/light/alfa-rex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /ff2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-good.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/SimplePie/Exception-wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-admin/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/sitemaps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/rest-api/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/style-engine/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-content/plugins/erinyani/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /jp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/assets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/l10n/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-atom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-content/themes/twentytwentyfour/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-content/uploads/2023/11/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /randkeyword.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/sodium_compat/lib/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/blocks/file/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-admin/js/widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-content/uploads/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:08 +0330] "GET /wp-includes/style-engine/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /mar.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/sitemaps/providers/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-admin/css/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/Text/Diff/Engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:09 +0330] "GET /wp-includes/style-engine/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /js/fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-admin/images/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-content/uploads/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-content/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /fm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:10 +0330] "GET /wp-admin/js/widgets/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /adminfuns.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-admin/images/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /ini.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-admin/css/colors/coffee/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/blocks/calendar/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /admin/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /fonts/database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /assets/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-includes/block-bindings/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /ff2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:11 +0330] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-content/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/SimplePie/Exception-wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-admin/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /simple/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-admin/network/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /worm.PhP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/rest-api/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /ext.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /jp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/theme-compat/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /delpaths.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-atom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-content/plugins/ioxi/ioxi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /.well-known/pki-validation/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/id3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/bk/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/blocks/query/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-content/plugins/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-includes/js/tinymce/langs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-content/uploads/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /.well-known/pki-validation/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /assets/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-admin/css/colors/sunrise/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-includes/blocks/group/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /gifclass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /blog/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-content/themes/twentytwentyfour/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /simple/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-content/themes/twentytwentyfour/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-includes/interactivity-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /update-core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /worm.PhP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-includes/wp-class.php/wp-content/themes/travelscape/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /ext.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-content/upgrade/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-mail.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /delpaths.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /.well-known/pki-validation/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /assets/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-includes/js/jquery/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-includes/bk/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /.well-known/acme-challenge/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-admin/js/instaall.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-includes/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-content/plugins/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:12 +0330] "GET /wp-content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-includes/css/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-includes/Text/Diff/Renderer/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-admin/network/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-admin/css/colors/light/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /customize.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:13 +0330] "GET /wp-content/languages/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /lock.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/css/colors/blue/gold.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-includes/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-includes/rest-api/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /.well-known/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /.well-known/acme-challenge/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-includes/Requests/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-content/plugins/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/js/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /.well-known/pki-validation/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/maint/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-content/plugins/wp-file-manager/admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/css/colors/sunrise/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/js/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/js/widget/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /gifclass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/uploads/2023/05/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-admin/maint/maint.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /assets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/themes/twentytwentyfour/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/themes/tflow/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /aa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /update-core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /index2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wordpress/wp-admin/includes HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/themes/hello-element/footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-mail.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-admin/network/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /ALFA_DATA/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /.well-known/pki-validation/2index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-content/languages/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /.well-known/acme-challenge/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/ID3 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /.well-known/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/blocks/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/Text/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/maint/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/network/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/js/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /.well-known/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/maint/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-content/uploads/2023/05/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /hehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/meta/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/maint/maint.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-includes/fonts/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-admin/user/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /assets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /css/slider.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /.well-known/wincust.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:14 +0330] "GET /wp-admin/css/colors/light/alfa-rex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-good.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-includes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-includes/style-engine/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-includes/assets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /wp-content/themes/twentytwentyfour/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:15 +0330] "GET /randkeyword.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/js/widgets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /fonts/database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /ff2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/SimplePie/Exception-wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-admin/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /wp-includes/rest-api/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:16 +0330] "GET /jp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-atom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /up.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/uploads/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /assets/images/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/uploads/ao_ccss/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /aa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /dir.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/uploads/2021/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /index2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-includes/css/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/plugins/elementor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/themes/hello-element/footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/mu-plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-admin/network/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /libraries/phpmailer/updates.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /upload/image/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /nf_tracking.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /.well-known/pki-validation/2index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wordpress/wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-admin/css/about.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wordpress/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/languages/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /filefuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /blog/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /.well-known/pki-validation/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /sites/default/files/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /.well-known/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /l.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /admin/controller/extension/extension/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wp-includes/Text/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /repeater.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /admin/editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wp-admin/network/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /admin/images/slider/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wp-admin/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /.well-known/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /admin/tmp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wp-includes/sitemaps/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /hehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /contacts.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wp-includes/fonts/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /Admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wsa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /admin/uploads/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /css/slider.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-includes/SimplePie/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /administrator/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /dir.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-includes/sodium_compat/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-includes/css/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-content/uploads/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-content/style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /cgi-bin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /lv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /libraries/phpmailer/updates.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /components/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /images/js1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /nf_tracking.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-admin/maint/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-admin/css/about.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /include/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /.well-known/acme-challenge/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /filefuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /modules/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /.well-known/acme-challenge/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /.well-known/pki-validation/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-includes/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /mt/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /l.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-includes/ID3/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /site/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /repeater.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/theme-editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /tmps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/css/colors/blue/abc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /wp-content/plugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:17 +0330] "GET /js/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /simple/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /worm.PhP HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /ext.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /delpaths.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /.well-known/pki-validation/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:18 +0330] "GET /wp-includes/bk/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-content/plugins/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /.well-known/pki-validation/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-admin/css/colors/sunrise/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /gifclass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /wp-content/themes/twentytwentyfour/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:19 +0330] "GET /update-core.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-mail.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/defaults.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /.well-known/acme-challenge/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wordpress/wp-admin/includes/wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/maint/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-includes/sitemaps/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/css/colors/light/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-content/themes/twentytwentyfour/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /contacts.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/css/colors/midnight/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/plugins/fix/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wsa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/css/colors/modern/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /tox.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-includes/SimplePie/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/languages/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-includes/js/dist/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-includes/sodium_compat/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/uploads/2022/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/css/colors/tfileman.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/uploads/2023/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/uploads/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /tiny.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/uploads/2024/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /lv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/js/widgets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /images/js1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-admin/maint/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/ID3/wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/sodium_compat/src/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /.well-known/acme-challenge/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/images/crystal/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-content/plugins/erinyani/asasx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /.well-known/acme-challenge/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/images/media/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/ID3/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/images/wlw/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-admin/maint/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-admin/theme-editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/js/codemirror/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/js/plupload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-admin/css/colors/blue/abc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-admin/css/glex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/PHPMailer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-admin/maint/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-admin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/sitemaps/providers/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:20 +0330] "GET /wp-admin/maint/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/js/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/uploads/2023/05/404.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-admin/maint/maint.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /assets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /aa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /index2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:21 +0330] "GET /wp-content/themes/hello-element/footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-admin/network/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /.well-known/pki-validation/2index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-content/languages/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /.well-known/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:22 +0330] "GET /wp-includes/Text/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-admin/network/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /.well-known/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /hehe.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/fonts/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/themes/twentytwentyfour/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/SimplePie/Parse/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/plugins/fix/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /.well-known/acme-challenge/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /tox.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/plugins/linkpreview/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/themes/sky-pro/js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/languages/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/plugins/aryabot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/Text/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/js/dist/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/plugins/BrutalShell/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-content/themes/pridmag/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-admin/css/colors/tfileman.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /theme.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/cakil/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /tiny.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/themes/twentytwentytwo/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/cekidot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-admin/js/widgets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-admin/css/colors/coffee/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/db/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /.well-known/acme-challenge/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/limit/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-includes/sodium_compat/src/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-admin/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/owfsmac/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/erinyani/asasx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-admin/css/colors/ocean/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/plugins/prenota/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/random/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /.well-known/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/ubh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /css/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-admin/maint/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/Uwogh-Segs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /images/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/wp-diambar/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-includes/SimplePie/Cache/upfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/wp-freeform/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-admin/css/glex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /small.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/wp-hps/sh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-admin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /css/slider.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /dir.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:23 +0330] "GET /wp-includes/css/atomlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-content/style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /libraries/phpmailer/updates.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /nf_tracking.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /wp-admin/css/about.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /filefuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /.well-known/pki-validation/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:24 +0330] "GET /l.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /repeater.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-admin/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-includes/sitemaps/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /contacts.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wsa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-includes/SimplePie/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-includes/sodium_compat/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/uploads/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /lv.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /images/js1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-content/plugins/wpeazvp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:25 +0330] "GET /wp-includes/SimplePie/Parse/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /NewFile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/plugins/zaen/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /.well-known/acme-challenge/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/uploads/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/uploads/revslider/templates/immersion-photography/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /patriotic/wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/sky-pro/js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/plugins/pwnd/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-includes/widgets/class-wp-widget-search-function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-includes/Text/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/plugins/core-stab/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/languages/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/pridmag/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/alera/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/rishi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /theme.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/sketch/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-content/themes/twentytwentytwo/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /admin/controller/extension/extension/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/themes/thuoc-nam/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-admin/css/colors/coffee/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-includes/SimplePie/Canonical.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/themes/twentyfive/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/uss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/themes/wp-pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /.well-known/acme-challenge/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-includes/certificates/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-admin/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /aks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/themes/zakra/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-admin/css/colors/ocean/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/uploads/simple-file-list/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/plugins/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /admin/upload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/class-feed-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /.well-known/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-admin/css/colors/blue/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wpn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /up/.well-known/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /css/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-content/plugins/apikey/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-content/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /images/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /.well-known/acme-challenge/iR7SzrsOUEP.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/SimplePie/Cache/upfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-section-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /small.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-content/themes/twentytwentyfour/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /NewFile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/SimplePie/XML/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/class-wp-dependency-float.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-content/uploads/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-content/uploads/wpr-addons/forms/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/PHPMailer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-content/plugins/WordPressCore/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/PHPMailer/purna.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-content/plugins/pwnd/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wordpress/wp-admin/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /wp-admin/maint/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:26 +0330] "GET /.well-known/acme-challenge/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /.well-known/acme-challenge/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-includes/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-includes/ID3/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-admin/theme-editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-admin/css/colors/blue/abc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-admin/maint/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:27 +0330] "GET /wp-content/themes/twentytwentyfour/wonder.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-content/plugins/fix/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /tox.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-content/languages/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-includes/js/dist/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-admin/css/colors/tfileman.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /tiny.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:28 +0330] "GET /wp-admin/js/widgets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/sodium_compat/src/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-content/plugins/erinyani/asasx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/interactivity-api/interactivity-api-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/widgets/class-wp-widget-search-function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/l10n/class-wp-widddget-pages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /tinyfilemanager/tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-content/languages/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/SimplePie/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-admin/css/colors/light/colors.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-auto-add-control-repository.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/Text/Diff/Renderer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-includes/assets/script-loader-react-refresh-runtime.min-soap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /admin/controller/extension/extension/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/customize/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/ID3/module.audio-video.riff-set.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/SimplePie/Canonical.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /fog/management/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/uss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/js/tinymce/utils/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/certificates/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /components/com_newsfeeds/models/indexx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /aks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-content/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /images/wp-aespa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-content/plugins/pwnd/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/Text/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /about/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /.well-known/acme-challenge/wp-load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /plugins/jquery.filer/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/upgrade/cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-includes/class-feed-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/plugins/dummyyummy/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/aahana/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wpn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/seotheme/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /anonse/lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/plugins/core/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /.well-known/acme-challenge/iR7SzrsOUEP.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/plugins/revslider/includes/external/page/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-admin/includes/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-section-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/plugins/Cache/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /plugins/content/apismtp/apismtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/twentytwentyfour/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-admin/includes/class-core-upgrader-first.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/plugins/seoplugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /mariju.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:29 +0330] "GET /wp-admin/maint/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-admin/css/glex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-admin/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-includes/SimplePie/Parse/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /.well-known/acme-challenge/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:30 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/sky-pro/js.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-includes/Text/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/pridmag/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /theme.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-content/themes/twentytwentytwo/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-admin/css/colors/coffee/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /.well-known/acme-challenge/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-admin/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-admin/css/colors/ocean/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-includes/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:31 +0330] "GET /wp-admin/css/wp-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/class-wp-dependency-float.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /.well-known/save.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/PHPMailer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/feed-rsss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /routes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/PHPMailer/purna.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/IXR/goto.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-admin/css/colors/blue/xboom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/interactivity-api/interactivity-api-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /templates/beez3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /uploads/af32.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-includes/l10n/class-wp-widddget-pages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-content/themes/digital-download/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-content/themes/kadence/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /tinyfilemanager/tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-content/plugins/wp-theme-editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /Sanskrit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-admin/css/colors/light/colors.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /templates/atomic/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-fmfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-auto-add-control-repository.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/seoo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /.trash7309/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/js/jcrop/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/assets/script-loader-react-refresh-runtime.min-soap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/revslider/includes/external/page/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/google-seo-rank/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/ID3/module.audio-video.riff-set.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/ioxi/ioxi/dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/erin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /fog/management/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /memberfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/maintenance/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/js/tinymce/utils/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /infos.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/x/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /components/com_newsfeeds/models/indexx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /modules/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/seooyanz/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /images/wp-aespa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/themes/sky-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-includes/Text/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/plugins/cp-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /options-writing.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /.well-known/acme-challenge/wp-load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /options-reading.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/upgrade/cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/uploads/typehub/custom/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wsad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/plugins/rencontre/inc/photo_import/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /wp-content/plugins/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /.well-known/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /css/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:32 +0330] "GET /images/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/SimplePie/Cache/upfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /small.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /NewFile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/uploads/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:33 +0330] "GET /wp-content/plugins/pwnd/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-includes/widgets/class-wp-widget-search-function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/languages/themes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /admin/controller/extension/extension/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-includes/SimplePie/Canonical.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/uss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/themes/aahana/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /nation.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/plugins/backup-backup/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /anonse/lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-includes/js/codemirror/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/plugins/pwnd-1/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-includes/wp_class_datlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /.tmb/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:34 +0330] "GET /wp-admin/includes/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-includes/js/tinymce/langs/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-content/plugins/fix/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /plugins/content/apismtp/apismtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /autoload_classmap/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-admin/includes/class-core-upgrader-first.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-atomx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-admin/css/wp-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-admin/maint/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /.well-known/save.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-includes/feed-rsss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-includes/IXR/goto.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-content/plugins/ubh/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-admin/css/colors/blue/xboom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/SimplePie/Registry-private.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /uploads/af32.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/assets/script-modules-packages.min-meta.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-content/themes/kadence/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /Sanskrit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-content/themes/twentytwentyfour/content-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-fmfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /admin/controller/extension/extension/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /.trash7309/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-content/plugins/revslider/includes/external/page/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-includes/certificates/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /aks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /img/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wp-includes/class-feed-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:35 +0330] "GET /wpn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-content/classwithtostring.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /.well-known/acme-challenge/iR7SzrsOUEP.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-section-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-content/themes/twentytwentyfour/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/class-wp-dependency-float.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-includes/PHPMailer/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/PHPMailer/purna.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/interactivity-api/interactivity-api-class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/l10n/class-wp-widddget-pages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /tinyfilemanager/tinyfilemanager.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:36 +0330] "GET /wp-admin/css/colors/modern/colors.css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-content/plugins/ioxi/ioxi/dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/style-engine/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /memberfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /css/media-widget-vide02.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /infos.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/blocks/group/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /modules/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /images/buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-content/x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /templates/beez3/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-content/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/widgets/class-wp-wolf-widget.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /options-writing.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-admin/css/colors/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /options-reading.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /plugins/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wsad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /.well-known/header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /nation.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wordpress/wp-content/uploads/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-includes/js/codemirror/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /.well-known/pki-validation/server.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-includes/wp_class_datlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /autoload_classmap/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-includes/js/tinymce/langs/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-content/plugins/pwnd/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /autoload_classmap/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-content/plugins/ubh/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-atomx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-content/uploads/anas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-admin/css/colors/blue/shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-admin/maint/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-content/plugins/erinyani/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-includes/Text/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /xex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-content/plugins/ubh/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-admin/css/colors/light/colors.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/customize/class-wp-customize-nav-menu-auto-add-control-repository.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:37 +0330] "GET /wp-includes/assets/script-loader-react-refresh-runtime.min-soap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-includes/ID3/module.audio-video.riff-set.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /fog/management/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-includes/js/tinymce/utils/license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /components/com_newsfeeds/models/indexx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /images/wp-aespa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:38 +0330] "GET /wp-includes/Text/options.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /.well-known/acme-challenge/wp-load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-content/upgrade/cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-content/themes/aahana/worksec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /anonse/lock360.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-content/themes/bltm/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-admin/includes/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /plugins/content/apismtp/apismtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-admin/includes/class-core-upgrader-first.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-admin/css/wp-css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /ar/wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:39 +0330] "GET /wp-includes/SimplePie/Registry-private.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-includes/assets/script-modules-packages.min-meta.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-content/plugins/pwnd/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-includes/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /upload/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-content/themes/twentytwentyfour/content-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-head.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /admin/controller/extension/extension/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-content/upgrade/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-admin/css/colors/modern/colors.css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-includes/style-engine/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /makeasmtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /css/media-widget-vide02.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-includes/wp-sup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-includes/blocks/group/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wordpress/wp-includes/class-wp-http-ixr-client-view.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /images/buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /images/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /templates/beez3/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-includes/widgets/class-t.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-includes/widgets/class-wp-wolf-widget.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-content/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-admin/css/colors/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /.well-known/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /plugins/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-content/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /.well-known/header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-admin/css/colors/blue/navi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wordpress/wp-content/uploads/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-includes/css/dist/require-dynamic-blocks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /.well-known/pki-validation/server.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /xp.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /.well-known/save.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-includes/feed-rsss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-includes/IXR/goto.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /wp-admin/css/colors/blue/xboom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:40 +0330] "GET /uploads/af32.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-content/themes/kadence/functions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /Sanskrit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-fmfile.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /.trash7309/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-content/plugins/revslider/includes/external/page/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:41 +0330] "GET /wp-content/plugins/ioxi/ioxi/dropdown.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /memberfuns.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /infos.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /modules/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/x.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/wp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /options-writing.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /options-reading.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wsad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /nation.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /autoload_classmap/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/languages/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/plugins/pwnd/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/bypass_1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/plugins/ubh/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-admin/js/elementskit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-content/uploads/anas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /admin/user_data.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:42 +0330] "GET /wp-admin/css/colors/blue/shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/widgets/class-wp-widget-rss-database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-content/plugins/erinyani/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /.well-known/pki-validation/kur.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/Text/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /xex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/class-wp-customize-manager-client.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /ar/wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/assets/script-modules-packages.min-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/js/codemirror/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/wp_class_datlib.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-includes/js/tinymce/langs/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /autoload_classmap/wso.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-atomx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-admin/maint/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-content/plugins/ubh/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-includes/SimplePie/Registry-private.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-includes/assets/script-modules-packages.min-meta.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /wp-includes/widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /wp-content/themes/twentytwentyfour/content-index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /admin/controller/extension/extension/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /wp-content/themes/twentytwentyfour/system_cache.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /wp-admin/css/colors/modern/colors.css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /wp-includes/style-engine/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:45 +0330] "GET /css/media-widget-vide02.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /wp-includes/blocks/group/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /images/buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /templates/beez3/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /wp-includes/widgets/class-wp-wolf-widget.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /wp-admin/css/colors/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /plugins/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:29:46 +0330] "GET /.well-known/header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:29:47 +0330] "GET /wordpress/wp-content/uploads/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:47 +0330] "GET /.well-known/pki-validation/server.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:47 +0330] "GET /autoload_classmap/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:47 +0330] "GET /wp-content/plugins/pwnd/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:29:47 +0330] "GET /wp-content/plugins/ubh/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:29:47 +0330] "GET /wp-content/uploads/anas.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /wp-admin/css/colors/blue/shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /wp-content/plugins/erinyani/default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /wp-includes/Text/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /xex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /ar/wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /wp-includes/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:48 +0330] "GET /wp-content/plugins/pwnd/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /upload/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /wp-head.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /wp-content/upgrade/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /makeasmtp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /wp-includes/wp-sup.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:49 +0330] "GET /wordpress/wp-includes/class-wp-http-ixr-client-view.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /images/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /wp-includes/widgets/class-t.api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /wp-content/edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /.well-known/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /wp-content/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /wp-admin/css/colors/blue/navi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:50 +0330] "GET /wp-includes/css/dist/require-dynamic-blocks.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /xp.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /wp-content/languages/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /wp-content/bypass_1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /wp-admin/js/elementskit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /admin/user_data.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /wp-includes/widgets/class-wp-widget-rss-database.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:51 +0330] "GET /.well-known/pki-validation/kur.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:52 +0330] "GET /click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:52 +0330] "GET /wp-includes/class-wp-customize-manager-client.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:52 +0330] "GET /wp-includes/assets/script-modules-packages.min-boolean.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:52 +0330] "GET /wp-admin/css/colors/error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:52 +0330] "GET /ALFA_DATA/alfacgiapi/all.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:52 +0330] "GET /wp-admin/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /.well-known/pki-validation/xmrlpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /wp-admin/maint/repairs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /wp-includes/images/smilies/simi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /wp-admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /wp-header.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /file.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /.tmb/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:53 +0330] "GET /wp-editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/style-engine-session.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /images/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /js/js1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/assets/wp-includes/assets/script-loader-packages.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:54 +0330] "GET /wp-includes/assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/blocks/file/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/sitemaps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/sitemaps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /images/habhan.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-content/plugins/erinyani/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-content/plugins/erinyani/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-content/mu-plugins/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/l10n/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/l10n/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-content/uploads/2023/11/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/IXR/class-IXR-cilent.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-content/uploads/2023/11/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/sodium_compat/lib/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-content/uploads/wp-cert.phtml HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/sodium_compat/lib/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/blocks/file/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /about/function.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/blocks/file/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /routes/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:55 +0330] "GET /wp-includes/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/block-bindings/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/images/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/block-bindings/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-content/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/PHPMailer/xleet.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-content/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/js/widgets/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/network/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /f35_SpaceTn.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/network/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/css/colors/sunrise/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/theme-compat/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/fixed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/theme-compat/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-content/plugins/ioxi/ioxi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-admin/js/widgets/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-includes/id3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:56 +0330] "GET /wp-content/plugins/ioxi/ioxi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-content/plugins/fix/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/blocks/query/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/id3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/category-double.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/js/tinymce/langs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/blocks/query/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-admin/maint/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/js/tinymce/langs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /blog/signatur.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/blocks/group/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/assets/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /blog/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/blocks/group/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-content/themes/twentytwentyfour/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/widgets/security.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /blog/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /wp-includes/interactivity-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:57 +0330] "GET /include/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-content/themes/twentytwentyfour/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/wp-class.php/wp-content/themes/travelscape/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /gm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/interactivity-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-content/upgrade/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/class-wp-language-pack.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/wp-class.php/wp-content/themes/travelscape/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-admin/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /js/content-type.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-content/upgrade/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /assets/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/class-walker-comment-client.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-admin/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/js/jquery/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /about/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /assets/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/Requests/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /file/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-includes/js/jquery/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /wp-admin/js/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:58 +0330] "GET /function/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-includes/Requests/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/plugins/wp-file-manager/admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-admin/js/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-admin/js/widget/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/upgrade/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/plugins/wp-file-manager/admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-includes/class-wp-network-query-stat.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-admin/js/widget/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/themes/pridmag/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/themes/tflow/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /plugin-install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-includes/class-wp-session-tokens-https.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wordpress/wp-admin/includes HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-content/themes/tflow/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:29:59 +0330] "GET /wp-admin/js/load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /ALFA_DATA/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /images/firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wordpress/wp-admin/includes HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/images/crystal/lrs_dage.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-content/upgrade/pdf.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /ALFA_DATA/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/ID3 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/blocks/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-content/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/certificates/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-includes/ID3 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:00 +0330] "GET /wp-admin/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-includes/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-includes/blocks/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/maint/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-includes/customize/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/meta/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /css/fan.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/user/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/css/colors/blue/colors.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/maint/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-content/uploads/ao_ccss/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /images/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/meta/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-content/uploads/2021/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-content/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/user/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-content/plugins/elementor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-admin/css/colors/ectoplasm/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-content/mu-plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:01 +0330] "GET /wp-content/uploads/ao_ccss/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /upload/image/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/uploads/2021/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-includes/js/thickbox/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wordpress/wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/plugins/elementor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wordpress/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/mu-plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /blog/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/themes/twentytwentyfour/icascreenshots.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /upload/image/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /sites/default/files/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-content/upgrade/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wordpress/wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /admin/controller/extension/extension/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-includes/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wordpress/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /admin/editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /wp-admin/css/colors/ocean/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:02 +0330] "GET /blog/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/images/slider/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /.well-known/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /sites/default/files/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/tmp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /b.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/controller/extension/extension/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /wp-includes/certificates/past.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /Admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /wp-content/uploads/2021/faiyy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/images/slider/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/uploads/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /css/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/tmp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /administrator/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /wp-content/plugins/pwnd/sst.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /wp-includes/edit-tags.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /Admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:03 +0330] "GET /assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /wsax.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /admin/uploads/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /cgi-bin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /bless.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /administrator/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /components/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /wp-content/uploads/system_cache.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /templates/beez3/dbcthbohhr.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /include/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /modules/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /cgi-bin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /wp-content/themes/tflow/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /components/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /mt/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /wp-includes/css/dist/footer-default.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:04 +0330] "GET /home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /site/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-content/plugins/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /include/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /tmps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-includes/widgets/class-wp-widget-meta-request.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /modules/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wordpress/wp-admin/includes/wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-content/plugins/pwnd/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-admin/css/colors/light/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-includes/css/dist/edit-widgets/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /mt/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-admin/css/colors/midnight/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-content/plugins/ubh/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /site/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-admin/css/colors/modern/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /.well-known/pki-validation/webdb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /tmps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:05 +0330] "GET /wp-includes/l10n/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wordpress/wp-admin/includes/wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-admin/js/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-admin/css/colors/light/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/uploads/2022/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-admin/js/widgets/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-admin/css/colors/midnight/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/uploads/2023/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /uploads/xsec.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-admin/css/colors/modern/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/uploads/2024/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /images/Marvins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-includes/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/plugins/pwnd-1/kurd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-includes/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/themes/tflow/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-includes/ID3/wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:06 +0330] "GET /wp-content/uploads/2022/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-content/languages/radio.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/images/crystal/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-content/uploads/2023/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/images/media/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-content/uploads/fileman.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-content/uploads/2024/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/widgets/wp-ss.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/images/wlw/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/IXR/xsec1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/js/codemirror/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /admin.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/ID3/wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/js/plupload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-admin/css/colors/hong1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/images/crystal/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/PHPMailer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-admin/maint/byps.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/images/media/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:07 +0330] "GET /wp-includes/sitemaps/providers/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/images/crystal/sad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/assets/script-loader-packages.min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/images/wlw/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/themes/twentytwentyfour/patterns/content-type.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/js/codemirror/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/plugins/linkpreview/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-admin/network/class.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/js/plupload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/plugins/aryabot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/class-phpmailer-beta.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/PHPMailer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/plugins/BrutalShell/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/ms-file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-includes/sitemaps/providers/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/plugins/cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /.well-known/acme-challenge/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:08 +0330] "GET /wp-content/plugins/cakil/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-includes/widgets/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/cekidot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /images/news_event/1.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/linkpreview/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/db/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /chosen.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/aryabot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/limit/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /bs1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/BrutalShell/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/owfsmac/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-includes/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/prenota/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-includes/network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/cakil/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/random/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /page.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:09 +0330] "GET /wp-content/plugins/cekidot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/ubh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-admin/includes/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/db/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/Uwogh-Segs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/uploads/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/wp-diambar/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/WordPressCore/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/limit/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/wp-freeform/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/owfsmac/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/wp-hps/sh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/prenota/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/wpeazvp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/random/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /assets/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/zaen/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/plugins/ubh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-includes/SimplePie/XML/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:10 +0330] "GET /wp-content/uploads/revslider/templates/immersion-photography/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/Uwogh-Segs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-includes/pomo/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /patriotic/wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/wp-diambar/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/1.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/wp-freeform/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-admin/css/colors/blue/wp-atom.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/core-stab/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/wp-hps/sh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-includes/pomo/plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/themes/alera/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/wpeazvp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-includes/assets/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/themes/rishi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/themes/sketch/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/plugins/zaen/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /.well-known/acme-challenge/gecko-old.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/themes/thuoc-nam/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-content/uploads/revslider/templates/immersion-photography/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:11 +0330] "GET /wp-admin/css/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/twentyfive/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /patriotic/wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/wp-pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-includes/widgets/class-wp-nav-widgets.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/plugins/core-stab/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /x/test.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/zakra/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/alera/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/wp-pridmag/init.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/uploads/simple-file-list/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/rishi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-admin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /admin/upload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/sketch/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-admin/css/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-admin/css/colors/blue/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-content/themes/thuoc-nam/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:12 +0330] "GET /wp-includes/sitemaps/providers/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /up/.well-known/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/themes/twentyfive/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /ws.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/plugins/apikey/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/themes/wp-pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-includes/rest-api/1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-includes/fonts/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/themes/zakra/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /shop.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/uploads/simple-file-list/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-content/plugins/pwnd-1/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-includes/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /admin/upload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-admin/js/widgets/setting.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-includes/SimplePie/XML/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:13 +0330] "GET /wp-admin/css/colors/blue/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/images/smilies/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-content/uploads/wpr-addons/forms/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /up/.well-known/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-content/plugins/WordPressCore/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-admin/css/colors/light/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wordpress/wp-admin/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-content/plugins/apikey/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-admin/user/header.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/IXR/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/SimplePie/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /css.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:14 +0330] "GET /wp-includes/Text/Diff/Renderer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/SimplePie/XML/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/customize/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-content/uploads/wpr-addons/forms/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/class-wp-customize-manager-interpreter.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-content/plugins/WordPressCore/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wordpress/wp-admin/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /images/fm.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/count.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-content/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-error_log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-content/plugins/pwnd/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /wp-includes/SimplePie/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /assets/class_update_plugins.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:15 +0330] "GET /about/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-admin/network/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /plugins/jquery.filer/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/Text/Diff/Renderer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /templates/beez5/error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/plugins/dummyyummy/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/customize/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-admin/network/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/themes/seotheme/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/plugins/core/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /js/firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/plugins/revslider/includes/external/page/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/certificates/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/plugins/Cache/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /assets/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/themes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-content/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:16 +0330] "GET /wp-admin/js/file/incpb.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/plugins/seoplugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/plugins/pwnd/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /images/stories/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /about/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-includes/theme-compat/footer-embed-function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /plugins/jquery.filer/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-includes/firewall.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /routes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/plugins/dummyyummy/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /home/O-Simple.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/themes/seotheme/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-includes/l10n/class-wp-translation-file-mo-event.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /templates/beez3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/plugins/core/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-includes/vars-soap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/themes/digital-download/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/plugins/revslider/includes/external/page/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/themes/twentytwentytwo/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:17 +0330] "GET /wp-content/plugins/wp-theme-editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/plugins/Cache/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /style.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /templates/atomic/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/themes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /files.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/plugins/seoo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/plugins/seoplugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/themes/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-includes/js/jcrop/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-admin/css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/plugins/google-seo-rank/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /saka.phP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/plugins/erin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /routes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/maintenance/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-includes/id3/wp-work.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/x/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:18 +0330] "GET /wp-content/plugins/WordPressCore/gecko.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /templates/beez3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/seooyanz/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /baxa1.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/themes/sky-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/themes/digital-download/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-includes/class-wp-taxonomy.editor.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/cp-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/wp-theme-editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/pwnd/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /templates/atomic/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-includes/js/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/uploads/typehub/custom/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/seoo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /blog.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/rencontre/inc/photo_import/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-includes/js/jcrop/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /about/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/backup-backup/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:19 +0330] "GET /wp-content/plugins/google-seo-rank/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/themes/pridmag/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/plugins/pwnd-1/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/plugins/erin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-admin/network/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /.tmb/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/maintenance/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /images/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/plugins/fix/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/x/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-includes/interactivity-api/interactivity-api-xml.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/plugins/seooyanz/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /js/mrx.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/themes/sky-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-includes/colour.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /wp-content/plugins/cp-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /elp.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:20 +0330] "GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-includes/customize/class-wp-customize-background-position-control-variable.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/uploads/typehub/custom/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-includes/images/include.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/plugins/rencontre/inc/photo_import/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/themes/av.php.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/plugins/backup-backup/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/plugins/pwnd-1/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/plugins/pwnd-1/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-includes/js/imgareaselect/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /.tmb/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /upload/bilder/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /wp-content/plugins/fix/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /fonts/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:21 +0330] "GET /includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /wp-admin/css/colors/blue/pass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /entrepreneuse.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /wp-includes/l10n/class-wp-translations-interface.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /wp-includes/assets/about5.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /wp-admin/maint/lint-branch.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /wp-content/cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:22 +0330] "GET /js/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /.well-known/buy.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /index/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /wp-includes/ID3/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /function/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /wp-content/themes/tflow/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /wp-includes/js/dist/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:23 +0330] "GET /testt.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /wp-content/uploads/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /wp-admin/js/sad.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /wp-includes/sitemaps/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /wp-includes/assets/wp-includes/assets/script-loader-packages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /web/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /wp-includes/SimplePie/login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:24 +0330] "GET /network.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wp-admin/css/colors/blue/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wp-includes/sitemaps/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wikindex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wp-content/plugins/seoo/alfa.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wp-includes/SimplePie/Cache/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wp-includes/css/dist/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:25 +0330] "GET /wp-content/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:26 +0330] "GET /wp-includes/customize/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:26 +0330] "GET /wp-includes/js/simi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:26 +0330] "GET /wp-admin/images/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:26 +0330] "GET /wp-admin/css/colors/gold.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:26 +0330] "GET /wp-includes/Requests/Text/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:26 +0330] "GET /wp-content/mu-plugins/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /wp-includes/sitemaps/abcd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /wp-includes/ID3/rk2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /wp-includes/widgets/class-wp-widget-search-interpreter.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /wp-admin/css/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /bitrix/admin/htmleditor2/natural.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /wp-content/plugins/pwnd/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:27 +0330] "GET /wp-includes/block-template-utils-other.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /wp-content/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /css/adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /wp-includes/sodium_compat/lib/widget-group.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /wp-content/raw.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /wp-includes/js/jcrop/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /wp-admin/includes/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:28 +0330] "GET /wp-includes/customize/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /wp-content/uploads/2021/wp-works.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /wp-admin/media-new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /media-new.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /js/class_api.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /wp-content/uploads/2021/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /admin/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:29 +0330] "GET /wp-includes/plugin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /wp-includes/class-wp-scripts-query.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /wp-admin/js/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /pages.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /wp-includes/ID3/module.audio-license.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /wp-content/themes/classwithtostring.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /uploads/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:30 +0330] "GET /assets/js/doc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /assets/comfunctions.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /wp-includes/class-wp-error-module.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /css/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /wp-includes/css/litespeed.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /images/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:31 +0330] "GET /wp-admin/setup-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /wp-includes/css/dist/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /cong.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /wp-includes/block-bindings/imagess.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /wp-content/plugins/pwnd/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /wp-includes/default-filters-edit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /css/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:32 +0330] "GET /assets/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:33 +0330] "GET /autoload_classmap/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:33 +0330] "GET /wp-configs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:33 +0330] "GET /wp-includes/Requests/Auth/index.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:33 +0330] "GET /wp-admin/js/widgets/bless2.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:33 +0330] "GET /wp-admin/network/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:33 +0330] "GET /wp-admin/item.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /wp-includes/Text/Diff/Engine/theme.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /.well-known/acme-challenge/mah.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /wp-includes/ID3/shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /wp-includes/customize/class-wp-customize-selective-refresh-library.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /ms-users.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /wp-admin/js/cc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:34 +0330] "GET /wp-includes/Requests/library/wp-login.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /wp-includes/interactivity-api/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /css/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /wp-content/plugins/classic-editor/alam.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /wordpress/wp-admin/includes/wordpress/wp-admin/includes/admin-filters.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /assets/content.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /fm.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:35 +0330] "GET /wp-content/goods.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /wp-includes/wp-2019.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /wp-includes/SimplePie/info.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /assets/images/cloud.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /wp-includes/log.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /wp-includes/assets/script-loader-react-refresh-runtime-num.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /wp-includes/assets/script-loader-react-refresh-entry.min-object.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:36 +0330] "GET /wp-includes/aw.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /update/gely.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /uploads/c99shell.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /wp-content/themes/pridmag/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /uploads/lala.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /wp-includes/IXR/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /wp-includes/css/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:37 +0330] "GET /wp-content/plugins/wp-theme-editor/include.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /top.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /wp-includes/css/dist/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /wp-includes/style-engine/dedi1.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /wp-admin/css/adminfusm.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /wp-content/click.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /wp-includes/template-less.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:38 +0330] "GET /wp-includes/pomo/alfa-rex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:39 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/abcd.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:39 +0330] "GET /wp-admin/css/colors/blue/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:39 +0330] "GET /retu11.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:39 +0330] "GET /wp-content/themes/twentytwentytwo/bypass.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:39 +0330] "GET /wp-admin/css/elementskit.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:39 +0330] "GET /js/1.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /wp-content/themes/twentytwentyfour/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /wp-includes/assets/min.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /wp-includes/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /backup/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /wp-content/uploads/uploads.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /wp-includes/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:40 +0330] "GET /wp-content/themes.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /wp-includes/block-patterns/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /worm0.PhP7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /wp-includes/load.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /wp-includes/ID3/chosen.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /wp-includes/class-wp-theme-float.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /images/c99.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:41 +0330] "GET /wp-content/plugins/core-plugin/waf_defender.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /wp-content/themes/twentytwentytwo/as.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /wp-includes/widgets/wp-style.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /setup-config.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /wp-includes/widgets/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /wp-content/uploads/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /img/prettyPhoto/dark_square/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:42 +0330] "GET /type.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /wp-includes/block-bindings/admin.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /wp-includes/PHPMailer/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /as/function.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /wp-includes/theme-compat/db.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /wp-admin/maint/flex.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /css/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:43 +0330] "GET /css/hekokstyle.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /wp-admin/user/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /files/shares/403ws.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /goat.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /images/fix.php7 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /wp-content/themes/tflow/adminfus.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /files.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:44 +0330] "GET /wp-includes/assets/system.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /wp-includes/l10n/class-wp-translations-library.php%20 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /wp-includes/block-bindings/about.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /images/file.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /wp-content/plugins/linkpreview/av.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /wp-includes/customize/class-wp-customize-upload-control-cookie.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /wp-includes/ID3/simi.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:45 +0330] "GET /wp-includes/class-wp-taxonomy-sample.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:46 +0330] "GET /img/chat-search.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:46 +0330] "GET /wp-includes/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:46 +0330] "GET /wp-includes/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:46 +0330] "GET /wp-includes/assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:46 +0330] "GET /wp-includes/sitemaps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:46 +0330] "GET /wp-content/plugins/erinyani/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-includes/l10n/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-content/uploads/2023/11/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-includes/sodium_compat/lib/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-includes/blocks/file/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-includes/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-includes/block-bindings/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:47 +0330] "GET /wp-content/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-includes/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-admin/network/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-includes/theme-compat/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-content/plugins/ioxi/ioxi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-includes/id3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:48 +0330] "GET /wp-includes/blocks/query/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /wp-includes/js/tinymce/langs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /wp-includes/blocks/group/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /blog/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /wp-content/themes/twentytwentyfour/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /wp-includes/interactivity-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:49 +0330] "GET /wp-includes/wp-class.php/wp-content/themes/travelscape/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /wp-content/upgrade/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /wp-admin/js/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /assets/css/dist/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /wp-includes/js/jquery/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /wp-includes/Requests/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /wp-admin/js/widgets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:50 +0330] "GET /wp-content/plugins/wp-file-manager/admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /wp-admin/js/widget/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /wp-content/themes/tflow/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /wp-admin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /wordpress/wp-admin/includes HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:51 +0330] "GET /wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /ALFA_DATA/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /wp-includes/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /wp-includes/ID3 HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /wp-includes/blocks/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:52 +0330] "GET /wp-admin/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:53 +0330] "GET /wp-admin/maint/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:53 +0330] "GET /wp-admin/meta/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:53 +0330] "GET /wp-admin/user/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:53 +0330] "GET /wp-content/uploads/ao_ccss/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:53 +0330] "GET /wp-content/uploads/2021/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:53 +0330] "GET /wp-content/plugins/elementor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /wp-content/mu-plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /upload/image/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /wordpress/wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /wordpress/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /blog/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /sites/default/files/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:30:54 +0330] "GET /admin/controller/extension/extension/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:55 +0330] "GET /admin/editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:55 +0330] "GET /admin/images/slider/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:55 +0330] "GET /admin/tmp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:55 +0330] "GET /admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:55 +0330] "GET /Admin/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /admin/uploads/images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /administrator/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /assets/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /cgi-bin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /components/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:56 +0330] "GET /home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /include/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /modules/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /mt/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /site/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /tmps/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:30:57 +0330] "GET /wordpress/wp-admin/includes/wp-admin/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-admin/css/colors/light/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-admin/css/colors/midnight/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-admin/css/colors/modern/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-content/languages/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-content/uploads/2022/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:30:58 +0330] "GET /wp-content/uploads/2023/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-content/uploads/2024/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-includes/wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-includes/ID3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-includes/ID3/wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-includes/images/crystal/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-includes/images/media/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:30:59 +0330] "GET /wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:00 +0330] "GET /wp-includes/images/wlw/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:31:00 +0330] "GET /wp-includes/js/codemirror/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:31:00 +0330] "GET /wp-includes/js/plupload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:31:00 +0330] "GET /wp-includes/PHPMailer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:00 +0330] "GET /wp-includes/sitemaps/providers/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 37.120.235.38 - - [01/Nov/2025:16:31:00 +0330] "GET /cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/plugins/linkpreview/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/plugins/aryabot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/plugins/BrutalShell/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/plugins/cache-wordpress/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/plugins/cakil/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:01 +0330] "GET /wp-content/plugins/cekidot/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/db/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/home/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/limit/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/owfsmac/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/prenota/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/random/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:02 +0330] "GET /wp-content/plugins/ubh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/plugins/Uwogh-Segs/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/plugins/wp-diambar/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/plugins/wp-freeform/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/plugins/wp-hps/sh/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/plugins/wpeazvp/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/plugins/zaen/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:03 +0330] "GET /wp-content/uploads/revslider/templates/immersion-photography/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /patriotic/wp-includes/images/smilies/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /wp-includes/js/tinymce/plugins/fullscreen/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /wp-content/plugins/core-stab/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /wp-content/themes/alera/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /wp-content/themes/rishi/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /wp-content/themes/sketch/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:04 +0330] "GET /wp-content/themes/thuoc-nam/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /wp-content/themes/twentyfive/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /wp-content/themes/wp-pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /wp-content/themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /wp-content/themes/zakra/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /wp-content/uploads/simple-file-list/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /admin/upload/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:05 +0330] "GET /wp-admin/css/colors/blue/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:06 +0330] "GET /up/.well-known/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:06 +0330] "GET /wp-content/plugins/apikey/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:06 +0330] "GET /images/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:06 +0330] "GET /css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:31:06 +0330] "GET /wp-admin/css/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:06 +0330] "GET /wp-includes/js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-includes/SimplePie/XML/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-content/uploads/wpr-addons/forms/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-content/plugins/WordPressCore/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wordpress/wp-admin/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-includes/IXR/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-includes/SimplePie/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:07 +0330] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:08 +0330] "GET /wp-includes/Text/Diff/Renderer/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:08 +0330] "GET /wp-includes/customize/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:08 +0330] "GET /wp-includes/fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:08 +0330] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.120.235.38 - - [01/Nov/2025:16:31:08 +0330] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:31:08 +0330] "GET /wp-content/plugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /wp-content/plugins/pwnd/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /about/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /plugins/jquery.filer/uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /wp-content/plugins/dummyyummy/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /wp-content/themes/seotheme/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /wp-content/plugins/core/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:09 +0330] "GET /wp-content/plugins/revslider/includes/external/page/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /wp-content/plugins/Cache/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /wp-content/themes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /wp-content/plugins/seoplugins/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /fonts/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /js/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /routes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:10 +0330] "GET /uploads/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /templates/beez3/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /wp-content/themes/digital-download/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /wp-content/plugins/wp-theme-editor/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /templates/atomic/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /wp-content/plugins/seoo/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /wp-includes/js/jcrop/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 37.120.235.38 - - [01/Nov/2025:16:31:11 +0330] "GET /wp-content/plugins/google-seo-rank/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /wp-content/plugins/erin/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /wp-content/maintenance/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /wp-content/x/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /wp-content/plugins/seooyanz/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /wp-content/themes/sky-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /wp-content/plugins/cp-pro/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:12 +0330] "GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /wp-content/uploads/typehub/custom/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /wp-content/plugins/rencontre/inc/photo_import/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /wp-content/plugins/backup-backup/includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /wp-content/plugins/pwnd-1/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /.tmb/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /wp-content/plugins/fix/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 37.120.235.38 - - [01/Nov/2025:16:31:13 +0330] "GET /includes/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 37.120.235.38 - - [01/Nov/2025:16:31:14 +0330] "GET /themes/pridmag/ HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-admin/css/colors/error.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /wp-content/plugins/pwnd/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /ALFA_DATA/alfacgiapi/all.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" 149.34.242.98 - - [01/Nov/2025:16:29:43 +0330] "GET /upload/install.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-admin/images/autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-head.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /.well-known/pki-validation/xmrlpc.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/admin-footer.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-admin/maint/repairs.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 149.34.242.98 - - [01/Nov/2025:16:29:44 +0330] "GET /wp-content/upgrade/wp-conflg.php HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 51.79.229.86 - - [01/Nov/2025:16:54:21 +0330] "GET /wp-content/themes/travelscape/json.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:22 +0330] "GET /wp-content/themes/aahana/json.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:23 +0330] "GET /ioxi002.PhP7 HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:23 +0330] "GET /ynz.PhP7 HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:24 +0330] "GET /themes.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:24 +0330] "GET /erin1.PhP7 HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:25 +0330] "GET /fosil.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:25 +0330] "GET /ws.php.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:26 +0330] "GET /ws.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:26 +0330] "GET /wp-admin/user/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:27 +0330] "GET /wp-includes/images/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:27 +0330] "GET /.well-known/pki-validation/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:28 +0330] "GET /wp-admin/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:28 +0330] "GET /wp-includes/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:29 +0330] "GET /cgi-bin/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:29 +0330] "GET /.wp-cli/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:30 +0330] "GET /wp-content/uploads/wp-login.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:30 +0330] "GET /wp-content/mah.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:31 +0330] "GET /wp-content/item.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:31 +0330] "GET /wp-content/plugins/work-list/lang.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:32 +0330] "GET /wp-content/themes/bute/lang.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:32 +0330] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:33 +0330] "GET /cong.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:33 +0330] "GET /wp-content/themes/travel/issue.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:34 +0330] "GET /wp-content/plugins/wp-sec/ab.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:34 +0330] "GET /wp-content/themes/newstoday/lang.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:35 +0330] "GET /wp-content/themes/seotheme/mar.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:35 +0330] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:36 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:36 +0330] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:37 +0330] "GET /wso-x569.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:38 +0330] "GET /wp-includes/js/500.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:38 +0330] "GET /wp-includes/SimplePie/about.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:39 +0330] "GET /chosen.php?p= HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:39 +0330] "GET /wp-admin/includes/themes.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:40 +0330] "GET /beence.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:40 +0330] "GET /wp-includes/css/dist/editor/fxp.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:41 +0330] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:41 +0330] "GET /users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:42 +0330] "GET /text.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:42 +0330] "GET /wp-content/style-css.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:43 +0330] "GET /Mshell.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:43 +0330] "GET /ioxi-rex.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:44 +0330] "GET /wp-apxupx.php?apx=upx HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:44 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:45 +0330] "GET /4price3.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:45 +0330] "GET /4price.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:46 +0330] "GET /wp-includes/Requests/Text/4price3.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:46 +0330] "GET /wp-includes/Requests/Text/votes.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:47 +0330] "GET /4pric.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:47 +0330] "GET /wp-includes/js//500.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:48 +0330] "GET /wp-content/plugins/admin.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:48 +0330] "GET /wp-admin/css/colors/coffee/about.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:49 +0330] "GET /wp-content/plugins/Update/wp-blog.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:49 +0330] "GET /wp-cron.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:50 +0330] "GET /wp-content/uploads/2023/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:50 +0330] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:51 +0330] "GET /wp-content/themes/wp-pridmag/up.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:51 +0330] "GET /.tmb/termps.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:52 +0330] "GET /woh.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:52 +0330] "GET /wp-content/plugins/wp-help/admin/wp-fclass.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:53 +0330] "GET /wp-content/plugins/wp-help/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:53 +0330] "GET /wp-content/updraft/themes.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:54 +0330] "GET /wp-content/themes/intense/block-css.php?mode=upload HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:54 +0330] "GET /wp-content/themes/hideo/network.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:55 +0330] "GET /wp-includes/SimplePie/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:55 +0330] "GET /wp-includes/SimplePie/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:56 +0330] "GET /wp-includes/SimplePie/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:56 +0330] "GET /wp-content/uploads/wpr-addons/forms/b1ack.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:57 +0330] "GET /wp-includes/certificates/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:57 +0330] "GET /wp-admin/user/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:58 +0330] "GET /.well-known/acme-challenge/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:59 +0330] "GET /wp-includes/customize/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:54:59 +0330] "GET /wp-admin/css/colors/blue/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:00 +0330] "GET /wp-content/themes/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:00 +0330] "GET /wp-includes/ID3/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:01 +0330] "GET /wp-admin/css/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:02 +0330] "GET /wp-admin/includes/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:02 +0330] "GET /wp-admin/network/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:03 +0330] "GET /wp-admin/images/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:03 +0330] "GET /wp-admin/maint/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:04 +0330] "GET /wp-content/upgrade/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:04 +0330] "GET /images/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:05 +0330] "GET /css/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:05 +0330] "GET /wp-includes/fonts/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:06 +0330] "GET /wp-includes/pomo/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:06 +0330] "GET /.tmb/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:07 +0330] "GET /wp-includes/IXR/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:07 +0330] "GET /.well-known/pki-validation/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:08 +0330] "GET /cgi-bin/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:08 +0330] "GET /wp-includes/random_compat/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:09 +0330] "GET /wp-content/languages/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:09 +0330] "GET /.well-known/acme-challenge/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:10 +0330] "GET /.well-known/pki-validation/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:10 +0330] "GET /atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:11 +0330] "GET /images/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:11 +0330] "GET /wp-admin/css/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:12 +0330] "GET /wp-admin/css/colors/blue/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:12 +0330] "GET /wp-admin/includes/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:13 +0330] "GET /wp-admin/maint/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:13 +0330] "GET /wp-content/languages/themes/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:14 +0330] "GET /wp-content/plugins/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:14 +0330] "GET /wp-content/themes/atomlib.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:15 +0330] "GET /wp-includes/js/crop/cropper.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:15 +0330] "GET /ms.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:16 +0330] "GET /wp-includes/rest-api//classwithtostring.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:16 +0330] "GET /wp-includes/IXR/themes.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:17 +0330] "GET /wp-content/admin.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:17 +0330] "GET /alfanew.PHP7 HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:18 +0330] "GET /wp-content/themes/hello-element/footer.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:18 +0330] "GET /wp-admin/css/colors/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:19 +0330] "GET /wp-includes/pomo/themes.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:19 +0330] "GET /wp-admin/images/plugins.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:20 +0330] "GET /wp-content/moderation.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:20 +0330] "GET /.tmb/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:21 +0330] "GET /.well-known/acme-challenge/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:21 +0330] "GET /.well-known/pki-validation/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:22 +0330] "GET /cgi-bin/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:22 +0330] "GET /file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:23 +0330] "GET /wp-admin/images/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:23 +0330] "GET /wp-admin/includes/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:24 +0330] "GET /wp-admin/js/widgets/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:24 +0330] "GET /wp-admin/maint/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:25 +0330] "GET /wp-admin/network/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:25 +0330] "GET /wp-admin/user/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:26 +0330] "GET /wp-content/languages/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:26 +0330] "GET /wp-content/languages/themes/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:27 +0330] "GET /wp-content/plugins/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:27 +0330] "GET /wp-includes/certificates/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:28 +0330] "GET /wp-includes/customize/file.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:28 +0330] "GET /wp-admin/maint/users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:29 +0330] "GET /wp-admin/css/colors/ectoplasm/users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:29 +0330] "GET /wp-admin/js/widgets/users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:30 +0330] "GET /wp-admin/user/users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:30 +0330] "GET /cgi-bin/users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:31 +0330] "GET /wp-admin/images/users.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:31 +0330] "GET /wp-admin/css/colors/ectoplasm/lofter.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:16:55:32 +0330] "GET /wp-admin/css/colors/coffee/lofter.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:17:04:11 +0330] "GET /wp-content/uploads/wpr-addons/forms/b1ack.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:16 +0330] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:23 +0330] "GET /wp-content/plugins/wordpresss3cll/includes.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:33 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:52 +0330] "GET /wp-content/plugins/yyobang/mar.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:56 +0330] "GET /shell20211028.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:00 +0330] "GET /wp-content/plugins/press/wp-class.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:07 +0330] "GET /wp-content/plugins/press/wp-class.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:14 +0330] "GET /ws.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:29 +0330] "GET /wp.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:33 +0330] "GET /wp-head.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:38 +0330] "GET /images/uploader.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:48 +0330] "GET /upload/upload.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:52 +0330] "GET /ms.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:54 +0330] "GET /simple.php HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:04:20 +0330] "GET /wp-content/themes/twentyfive/include.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:27 +0330] "GET /defaults.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:30 +0330] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:37 +0330] "GET /install.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:41 +0330] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:04:45 +0330] "GET /chosen.php?p= HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:03 +0330] "GET /xxl.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:10 +0330] "GET /fm1.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:18 +0330] "GET /wp-content/plugins/core/include.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:22 +0330] "GET /404.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:42 +0330] "GET /mah.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:53 +0330] "GET /wp-admin/css/colors/blue/blue.php?wall=ZWNobyAnQmxhY2sgQm90Jztmd3JpdGUoZm9wZW4oJ2Jsa2pydmNhLnBocCcsJ3crJyksJzw/cGhwIGVjaG8gIkJsYWNrIEJvdCI7Pz4nKTs= HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:06:06 +0330] "GET /gel4y.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:09 +0330] "GET /plugins.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:18 +0330] "GET /wp-hoard.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:05:57 +0330] "GET /class.api.php HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:05:58 +0330] "GET /wp-content/uploads/gravity_forms/g/f/f/b/ HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:02 +0330] "GET /vuln.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:13 +0330] "GET /sts.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:35 +0330] "GET /404.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:39 +0330] "GET /users.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:44 +0330] "GET /classwithtostring.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:57 +0330] "GET /admin.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:05 +0330] "GET /dropdown.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:10 +0330] "GET /wp-header.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:14 +0330] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:19 +0330] "GET /simple.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:24 +0330] "GET /cong.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:27 +0330] "GET /options.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:30 +0330] "GET /wp-content/index.php?x=ooo HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:21 +0330] "GET /wp-l0gin.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:25 +0330] "GET /priv8.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:29 +0330] "GET /wp-post-editor.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:06:52 +0330] "GET /wp-head.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:00 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:33 +0330] "GET /wp-admin/options.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:36 +0330] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:40 +0330] "GET /sts.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:43 +0330] "GET /wp-hoard.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:50 +0330] "GET /11index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:53 +0330] "GET /2index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:57 +0330] "GET /3index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:03 +0330] "GET /wp_wrong_datlib.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:07 +0330] "GET /wp-adminincludesclass-wp-media-list-data.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:16 +0330] "GET /doc.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:07:47 +0330] "GET /1index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:10 +0330] "GET /autoload_classmap.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:13 +0330] "GET /wso.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:28 +0330] "GET /stindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:31 +0330] "GET /alwso.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:38 +0330] "GET /media-admin.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:41 +0330] "GET /sym.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:51 +0330] "GET /symlink.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:56 +0330] "GET /shell.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:01 +0330] "GET /1.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:04 +0330] "GET /data.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:12 +0330] "GET /b.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:19 +0330] "GET /shx.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:22 +0330] "GET /alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:37 +0330] "GET /403.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:41 +0330] "GET /mini.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:35 +0330] "GET /ups.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:45 +0330] "GET /sym403.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:08:48 +0330] "GET /fw.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:08 +0330] "GET /wp-blog.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:15 +0330] "GET /c.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:25 +0330] "GET /a.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:28 +0330] "GET /old-index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:31 +0330] "GET /FoxWSO.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:35 +0330] "GET /x.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:47 +0330] "GET /edit-form.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:53 +0330] "GET /m.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:26 +0330] "GET /xleet.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:33 +0330] "GET /V5.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:39 +0330] "GET /up.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:42 +0330] "GET /www.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:45 +0330] "GET /100.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:44 +0330] "GET /imagesvuln.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:50 +0330] "GET /wikindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:09:56 +0330] "GET /0byte.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:02 +0330] "GET /xx.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:06 +0330] "GET /new-index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:09 +0330] "GET /wp.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:13 +0330] "GET /wp-wso.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:16 +0330] "GET /qindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:20 +0330] "GET /priv8.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:23 +0330] "GET /minimo.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:29 +0330] "GET /V3.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:36 +0330] "GET /404.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:00 +0330] "GET /f.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:03 +0330] "GET /xox.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:10 +0330] "GET /new.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:19 +0330] "GET /wi.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:21 +0330] "GET /mar.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:28 +0330] "GET /nee.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:34 +0330] "GET /z.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:38 +0330] "GET /g.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:42 +0330] "GET /c99.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:52 +0330] "GET /2.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:55 +0330] "GET /lol.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:56 +0330] "GET /wp-includes/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:11:58 +0330] "GET /wp-includes/css/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:11:58 +0330] "GET /87.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:59 +0330] "GET /wp-includes/ID3/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:01 +0330] "GET /7yn.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:03 +0330] "GET /wp-includes/Requests/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:04 +0330] "GET /wp-includes/SimplePie/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:07 +0330] "GET /13.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:07 +0330] "GET /wp-content/mu-plugins-old/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:10:54 +0330] "GET /777.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:10:57 +0330] "GET /defau1t.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:06 +0330] "GET /o.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:13 +0330] "GET /sindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:15 +0330] "GET /baindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:25 +0330] "GET /root.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:31 +0330] "GET /v.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:45 +0330] "GET /w.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:48 +0330] "GET /ws.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:11:55 +0330] "GET /wp-content/uploads/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:01 +0330] "GET /wp-includes/IXR/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:04 +0330] "GET /haxor.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:06 +0330] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:10 +0330] "GET /e.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:11 +0330] "GET /wp-content/plugins/ninja-forms/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:09 +0330] "GET /wp-content/themes/classic/inc/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:13 +0330] "GET /r.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:14 +0330] "GET /wp-includes/Text/Diff/Renderer/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:22 +0330] "GET /u.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:22 +0330] "GET /wp-includes/customize/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:25 +0330] "GET /i.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:27 +0330] "GET /.well-known/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:28 +0330] "GET /p.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:28 +0330] "GET /.well-known/%3Cahref=%22/.well-known/fm.php%22%3E%3Cimgclass=%22icon%22src=%22/_autoindex/assets/icons/file-text.svg%22alt=%22%5BTXT%5D%22%3Efm.php HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:31 +0330] "GET /ALFA_DATA/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:33 +0330] "GET /.well-knownold/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:35 +0330] "GET /.well-known/acme-challenge/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:36 +0330] "GET /.well-known/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:37 +0330] "GET /d.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:12 +0330] "GET /wp-content/mu-plugins/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:16 +0330] "GET /wp-includes/blocks/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:16 +0330] "GET /t.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:17 +0330] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:19 +0330] "GET /y.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:24 +0330] "GET /wp-includes/fonts/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:25 +0330] "GET /wp-includes/images/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:31 +0330] "GET /q.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:34 +0330] "GET /s.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:43 +0330] "GET /ALFA_DATA/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:45 +0330] "GET /.well-knownold/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:45 +0330] "GET /k.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:47 +0330] "GET /.well-known/acme-challenge/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:48 +0330] "GET /l.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:53 +0330] "GET /uploads/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:39 +0330] "GET /.well-known/%3Cahref=%22/.well-known/fm.php%22%3E%3Cimgclass=%22icon%22src=%22/_autoindex/assets/icons/file-text.svg%22alt=%22%5BTXT%5D%22%3Efm.php HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:40 +0330] "GET /h.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:42 +0330] "GET /cgi-bin/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:43 +0330] "GET /j.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:49 +0330] "GET /.well-known/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:50 +0330] "GET /.well-known/%3Cahref=%22/.well-known/fm.php%22%3E%3Cimgclass=%22icon%22src=%22/_autoindex/assets/icons/file-text.svg%22alt=%22%5BTXT%5D%22%3Efm.php HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:51 +0330] "GET /n.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:55 +0330] "GET /upload/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:56 +0330] "GET /admin/uploads/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:12:58 +0330] "GET /kindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:14 +0330] "GET /lf.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:21 +0330] "GET /hello.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:23 +0330] "GET /admin/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:24 +0330] "GET /images/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:27 +0330] "GET /if.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:12:54 +0330] "GET /xindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:02 +0330] "GET /FoxWSOv1.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:06 +0330] "GET /alf.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:11 +0330] "GET /bb.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:12 +0330] "GET /Admin/uploads/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:17 +0330] "GET /WSO.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:24 +0330] "GET /ok.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:26 +0330] "GET /assets/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:28 +0330] "GET /vendor/phpunit/phpunit/src/Util/PHP/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:31 +0330] "GET /assets/images/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:35 +0330] "GET /vendor/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:42 +0330] "GET /Site/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:47 +0330] "GET /shop/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:49 +0330] "GET /files/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:50 +0330] "GET /admin/editor/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:53 +0330] "GET /Assets/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:29 +0330] "GET /upload/image/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:29 +0330] "GET /kk.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:33 +0330] "GET /Public/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:37 +0330] "GET /local/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:39 +0330] "GET /modules/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:44 +0330] "GET /system/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:45 +0330] "GET /template/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:51 +0330] "GET /mrjn.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:52 +0330] "GET /include/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:54 +0330] "GET /kn.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:58 +0330] "GET /3301.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:58 +0330] "GET /php/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:03 +0330] "GET /wp-includes/Text/Diff/Engine/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:07 +0330] "GET /mailer.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:08 +0330] "GET /wp-includes/block-patterns/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:10 +0330] "GET /wp-includes/Text/Diff/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:28 +0330] "GET /wp-includes/Requests/Proxy/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:29 +0330] "GET /wp-includes/Requests/Response/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:34 +0330] "GET /wp-includes/js/codemirror/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:36 +0330] "GET /wp-includes/Requests/Exception/HTTP/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:38 +0330] "GET /wp-confirm.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:39 +0330] "GET /wp-includes/js/crop/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:41 +0330] "GET /wp-includes/images/crystal/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:41 +0330] "GET /alfa123.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:43 +0330] "GET /wp-includes/images/media/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:44 +0330] "GET /upload.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:46 +0330] "GET /wp-includes/images/wlw/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:52 +0330] "GET /wp-includes/Requests/Auth/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:53 +0330] "GET /wp-includes/sodium_compat/src/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:55 +0330] "GET /wso1337.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:56 +0330] "GET /wp-includes/Text/Diff/Engine/Engine/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:28 +0330] "GET /sendmail.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:31 +0330] "GET /wp-includes/Requests/Transport/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:32 +0330] "GET /rahma.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:32 +0330] "GET /wp-includes/Requests/Utility/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:35 +0330] "GET /nasgor.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:45 +0330] "GET /wp-includes/images/smilies/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:47 +0330] "GET /bypass.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:48 +0330] "GET /wp-includes/rest-api/search/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:49 +0330] "GET /wp-includes/Requests/Exception/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:50 +0330] "GET /wp-one.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:52 +0330] "GET /alexus.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:55 +0330] "GET /wp-includes/sitemaps/providers/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:58 +0330] "GET /1337.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:03 +0330] "GET /wp-includes/ID3/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:04 +0330] "GET /it.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:58 +0330] "GET /wp-includes/customize/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:00 +0330] "GET /wp-includes/fonts/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:01 +0330] "GET /blog.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:02 +0330] "GET /wp-includes/html-api/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:05 +0330] "GET /wp-includes/images/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:07 +0330] "GET /wp-includes/IXR/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:08 +0330] "GET /wp-includes/js/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:10 +0330] "GET /0.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:10 +0330] "GET /wp-includes/php-compat/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:12 +0330] "GET /wp2.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:14 +0330] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:15 +0330] "GET /owl.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:16 +0330] "GET /wp-includes/random_compat/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:22 +0330] "GET /wp-includes/sitemaps/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:23 +0330] "GET /vuln.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:07 +0330] "GET /kiss.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:13 +0330] "GET /wp-includes/PHPMailer/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:17 +0330] "GET /wp-includes/Requests/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:19 +0330] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:21 +0330] "GET /wp-includes/SimplePie/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:24 +0330] "GET /wp-includes/sodium_compat/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:25 +0330] "GET /ohayo.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:31 +0330] "GET /wp-includes/theme-compat/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:36 +0330] "GET /wp-admin/css/colors/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:39 +0330] "GET /admin/fckeditor/editor/filemanager/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:39 +0330] "GET /41.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:42 +0330] "GET /admin/controller/extension/extension/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:42 +0330] "GET /4price.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:45 +0330] "GET /MARIJUANA.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:45 +0330] "GET /components/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:28 +0330] "GET /wp-includes/style-engine/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:28 +0330] "GET /wp-admin.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:29 +0330] "GET /wp-includes/Text/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:31 +0330] "GET /cms.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:32 +0330] "GET /wp-includes/widgets/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:34 +0330] "GET /wp-uploads.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:34 +0330] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:37 +0330] "GET /Gel.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:37 +0330] "GET /admin/images/slider/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:41 +0330] "GET /sites/default/files/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:44 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:47 +0330] "GET /admin/uploads/images/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:48 +0330] "GET /marijuana.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:50 +0330] "GET /.fk.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:50 +0330] "GET /wp-includes/pomo/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:49 +0330] "GET /wp-includes/js/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:52 +0330] "GET /wp-includes/rest-api/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:57 +0330] "GET /wp-admin/images/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:59 +0330] "GET /wp-admin/maint/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:59 +0330] "GET /content.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:00 +0330] "GET /wp-admin/meta/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:04 +0330] "GET /wp-admin/user/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:05 +0330] "GET /olu.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:05 +0330] "GET /wp-content/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:07 +0330] "GET /wp-content/plugins/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:08 +0330] "GET /alexusmailer%202.0.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:12 +0330] "GET /wp-admin/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:14 +0330] "GET /wp-content/upgrade/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:23 +0330] "GET /wso2.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:25 +0330] "GET /wso1.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:54 +0330] "GET /wp-includes/widgets/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:54 +0330] "GET /alexuse.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:15:55 +0330] "GET /wp-admin/css/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:15:56 +0330] "GET /Sendemail.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:02 +0330] "GET /wp-admin/network/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:02 +0330] "GET /leafmailer2.8.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:08 +0330] "GET /wp-content/themes/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:10 +0330] "GET /wp-admin/includes/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:16:10 +0330] "GET /rss.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:13 +0330] "GET /alexus-mailer.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:20 +0330] "GET /wp-file.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:34 +0330] "GET /xl.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:36 +0330] "GET /wp-confiig.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:39 +0330] "GET /file-manager.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:42 +0330] "GET /uploader.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:28 +0330] "GET /olux.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:31 +0330] "GET /wp-info.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:50 +0330] "GET /.well-known/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:56 +0330] "GET /wp-admin/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:01 +0330] "GET /wp-includes/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:04 +0330] "GET /alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:08 +0330] "GET /files/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:13 +0330] "GET /ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:15 +0330] "GET /wp-admin/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:23 +0330] "GET /wp-content/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:26 +0330] "GET /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:28 +0330] "GET /date.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:35 +0330] "GET /.alf.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:37 +0330] "GET /wp-content/plugins/cekidot/alf.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:45 +0330] "GET /leafmailer.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:47 +0330] "GET /ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:53 +0330] "GET /tmp_images/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:16:59 +0330] "GET /wp-content/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:06 +0330] "GET /css/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:11 +0330] "GET /images/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:30 +0330] "GET /about.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:32 +0330] "GET /alfaindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:39 +0330] "GET /wp-content/fw.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:42 +0330] "GET /wp-content/alfa.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:44 +0330] "GET /snd.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:49 +0330] "GET /small.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:52 +0330] "GET /wp-content/plugins/upspy/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:01 +0330] "GET /wp-content/themes/gaukingo/db.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:04 +0330] "GET /wp-content/plugins/three-column-screen-layout/db.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:47 +0330] "GET /wp-class.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:57 +0330] "GET /wp-content/plugins/ubh/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:17:59 +0330] "GET /wp-content/plugins/vwcleanerplugin/bump.php?cache HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:12 +0330] "GET /wp-content/plugins/wp-db-ajax-made/wp-ajax.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:08 +0330] "GET /wp-content/plugins/xichang/x.php?xi HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:10 +0330] "GET /wp-content/plugins/html404/index.html HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:13:55 +0330] "GET /images/stories/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:13:57 +0330] "GET /plugins/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:00 +0330] "GET /wp-includes/assets/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:01 +0330] "GET /leaf.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:04 +0330] "GET /alex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:11 +0330] "GET /wp-includes/block-supports/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:15 +0330] "GET /wp-includes/certificates/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:16 +0330] "GET /wp-ad.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:18 +0330] "GET /wp-includes/SimplePie/Content/Type/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:19 +0330] "GET /send.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:20 +0330] "GET /wp-includes/css/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:22 +0330] "GET /3.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:23 +0330] "GET /wp-includes/rest-api/endpoints/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:25 +0330] "GET /wp-includes/rest-api/fields/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:25 +0330] "GET /.wp-cache.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:10 +0330] "GET /anone.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:13 +0330] "GET /wp-configer.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:14:13 +0330] "GET /wp-includes/blocks/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:16 +0330] "GET /wp-includes/SimplePie/Cache/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:21 +0330] "GET /wp-includes/SimplePie/Content/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:14:26 +0330] "GET /wp-includes/Requests/Cookie/ HTTP/1.1" 301 795 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 51.79.229.86 - - [01/Nov/2025:17:18:16 +0330] "GET /Marvins.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:18 +0330] "GET /wp-includes/css/modules.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:20 +0330] "GET /indoxploit.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:27 +0330] "GET /wp-content/plugins/css-ready/file.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:39 +0330] "GET /wp-content/plugins/html404/wso25.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:47 +0330] "GET /libraries/joomla/jmails.php?u HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:54 +0330] "GET /tmp/vuln.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:01 +0330] "GET /error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:06 +0330] "GET /wp-content/themes/fitnessbase/404.php?ok HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:10 +0330] "GET /RxR.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:14 +0330] "GET /components/com_b2jcontact/izoc.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:16 +0330] "GET /administrator/templates/bluestork/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:18 +0330] "GET /administrator/templates/hathor/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:20 +0330] "GET /administrator/templates/hathor/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:22 +0330] "GET /administrator/templates/isis/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:25 +0330] "GET /wp-content/plugins/css-ready-sel/file.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:29 +0330] "GET /wp-content/think.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:31 +0330] "GET /wp-content/plugins/html404/xccc.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:34 +0330] "GET /wp-content/plugins/html404/cry.php.pjpeg HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:37 +0330] "GET /wp-content/plugins/real/v.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:41 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:45 +0330] "GET /libraries/joomla/css.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:49 +0330] "GET /libraries/joomla/jmail.php?u HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:51 +0330] "GET /images/vuln.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:56 +0330] "GET /rxr.php?rxr HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:18:59 +0330] "GET /modules/modules/modules.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:08 +0330] "GET /wp-add-admin.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:12 +0330] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:25 +0330] "GET /templates/beez/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:33 +0330] "GET /templates/rhuk_milkyway/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:34 +0330] "GET /templates/+theme+/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:38 +0330] "GET /templates/beez3/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:40 +0330] "GET /templates/beez3/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:42 +0330] "GET /templates/beez5/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:44 +0330] "GET /templates/beez5/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:51 +0330] "GET /templates/protostar/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:54 +0330] "GET /templates/atomic/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:59 +0330] "GET /wp-admin/network/wp-footer.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:04 +0330] "GET /upel.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:16 +0330] "GET /wp-content/uploads/+year+/+month+/ HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:19 +0330] "GET /license.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:28 +0330] "GET /098.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:34 +0330] "GET /wp-content/plugins/theme-configurator/mini.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:43 +0330] "GET /wp-content/plugins/widget-logic/mini.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:24 +0330] "GET /administrator/templates/isis/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:28 +0330] "GET /templates/ja_purity/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:36 +0330] "GET /templates/+theme+/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:46 +0330] "GET /templates/beez_20/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:49 +0330] "GET /templates/beez_20/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:53 +0330] "GET /templates/protostar/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:19:56 +0330] "GET /templates/atomic/error.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:02 +0330] "GET /wp-content/vuln.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:06 +0330] "GET /wp-content/uploads/ HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:23 +0330] "GET /wp-content/plugins/ppus/up.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:30 +0330] "GET /new_license.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:46 +0330] "GET /wp-admin/css/index.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:58 +0330] "GET /wp-includes/wp-class.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:12 +0330] "GET /wp-admin/images/atomlib.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:17 +0330] "GET /gel4y.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:50 +0330] "GET /1975.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:54 +0330] "GET /1975.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:20:56 +0330] "GET /radio.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:04 +0330] "GET /xleet-shell.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:07 +0330] "GET /wp-content/radio.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:08 +0330] "GET /wp-includes/radio.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:11 +0330] "GET /fx.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:20 +0330] "GET /wp-content/about.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:28 +0330] "GET /wp-includes/991176.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:29 +0330] "GET /wp-admin/maint/about.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:31 +0330] "GET /fox.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:33 +0330] "GET /wp-admin/x.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:39 +0330] "GET /server.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:51 +0330] "GET /5.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:59 +0330] "GET /images/about.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:19 +0330] "GET /jindex.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:25 +0330] "GET /sh.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:36 +0330] "GET /fw.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:42 +0330] "GET /wp-includes/fw.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:21:48 +0330] "GET /4.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:22:14 +0330] "GET /wp-login.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 31.214.174.196 - - [01/Nov/2025:17:29:48 +0330] "GET /.well-known/pki-validation/index.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 51.79.229.86 - - [01/Nov/2025:17:22:01 +0330] "GET /xmlrpc.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:22:10 +0330] "GET /wp-load.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:22:23 +0330] "GET /wp-admin/fw.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:22:38 +0330] "GET /mari.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 51.79.229.86 - - [01/Nov/2025:17:22:40 +0330] "GET /swm.php HTTP/1.1" 301 795 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force" 31.214.174.196 - - [01/Nov/2025:17:30:16 +0330] "GET /.well-known/pki-validation/cloud.php HTTP/1.1" 301 795 "-" "Go-http-client/1.1" 169.150.203.242 - - [01/Nov/2025:17:31:16 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 196.251.85.87 - - [01/Nov/2025:18:05:17 +0330] "GET / HTTP/1.1" 301 795 "-" "-" 196.251.85.87 - - [01/Nov/2025:18:04:32 +0330] "GET / HTTP/1.1" 301 795 "-" "-" 66.132.153.128 - - [01/Nov/2025:18:21:32 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 182.42.111.156 - - [01/Nov/2025:18:09:32 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 43.166.1.243 - - [01/Nov/2025:18:23:11 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1" 196.251.81.190 - - [01/Nov/2025:19:02:24 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" 162.142.125.122 - - [01/Nov/2025:19:36:50 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" 18.208.152.225 - - [01/Nov/2025:19:57:05 +0330] "GET / HTTP/1.1" 301 795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" 172.105.82.111 - - [01/Nov/2025:20:33:43 +0330] "GET / HTTP/1.1" 301 795 "-" "python-requests/2.32.5"