MOON
Server: Apache
System: Linux ded.whatishomestaging.com 5.14.0-503.33.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Mar 20 03:39:23 EDT 2025 x86_64
User: canadiansp (1001)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/canadiansp/access-logs/
Upload Files
File: /home/canadiansp/access-logs/canadianstagingprofessionalsca.canadianstagingprofessionals.com
66.132.186.184 - - [08/May/2026:08:08:46 -0400] "GET / HTTP/1.1" 301 - "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
20.48.164.116 - - [08/May/2026:10:58:44 -0400] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 200 11875 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:44 -0400] "GET /shoha.php HTTP/1.1" 200 11830 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:44 -0400] "GET /wp-thi.php HTTP/1.1" 200 11831 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:45 -0400] "GET /wp-slss.php HTTP/1.1" 200 11860 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:45 -0400] "GET /wp-load.php HTTP/1.1" 200 11860 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:45 -0400] "GET /ftde.php HTTP/1.1" 200 11857 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:45 -0400] "GET /tires.php HTTP/1.1" 200 11858 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:45 -0400] "GET /ff1.php HTTP/1.1" 200 11856 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:46 -0400] "GET /bthil.php HTTP/1.1" 200 11812 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:46 -0400] "GET /333.php HTTP/1.1" 200 11810 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:46 -0400] "GET /ccou.php HTTP/1.1" 200 11811 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:46 -0400] "GET /albin.php HTTP/1.1" 200 11812 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:46 -0400] "GET /sbhu.php HTTP/1.1" 200 11811 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:46 -0400] "GET /xda.php HTTP/1.1" 200 11810 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /yellow.php HTTP/1.1" 200 11955 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /lib.php HTTP/1.1" 200 11952 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /ah25.php HTTP/1.1" 200 11953 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /revealability.php HTTP/1.1" 200 11962 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /file4.php HTTP/1.1" 200 11954 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /atomlib.php HTTP/1.1" 200 11956 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:47 -0400] "GET /file30.php HTTP/1.1" 200 11955 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:48 -0400] "GET /forbidals.php HTTP/1.1" 200 11886 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:48 -0400] "GET /wp-firewall.php HTTP/1.1" 200 11888 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:48 -0400] "GET /shell20211028.php HTTP/1.1" 200 11890 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:48 -0400] "GET /wuasr.php HTTP/1.1" 200 11882 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:48 -0400] "GET /1index.php HTTP/1.1" 200 11883 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:49 -0400] "GET /png.php HTTP/1.1" 200 11907 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:49 -0400] "GET /x.php HTTP/1.1" 200 11905 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:49 -0400] "GET /yas.php HTTP/1.1" 200 11907 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:49 -0400] "GET /dropdown.php HTTP/1.1" 200 11912 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:50 -0400] "GET /wp-access.php HTTP/1.1" 200 11807 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:50 -0400] "GET /fun.php HTTP/1.1" 200 11801 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:50 -0400] "GET /wp-kd4xalrg7m.php HTTP/1.1" 200 11811 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:50 -0400] "GET /explorer/index_.php HTTP/1.1" 200 11815 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:50 -0400] "GET /wp-trackback.php HTTP/1.1" 200 11810 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:51 -0400] "GET /wp-admin/css/colors/blue/file.php HTTP/1.1" 200 11986 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:51 -0400] "GET /new.php HTTP/1.1" 200 11952 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:51 -0400] "GET /aevly.php HTTP/1.1" 200 11954 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:51 -0400] "GET /app.php HTTP/1.1" 200 11952 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:51 -0400] "GET /txets.php HTTP/1.1" 200 11954 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:51 -0400] "GET /file59.php HTTP/1.1" 200 11955 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:52 -0400] "GET /lala.php HTTP/1.1" 200 11887 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:52 -0400] "GET /wp-at.php HTTP/1.1" 200 11888 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:52 -0400] "GET /wp.php HTTP/1.1" 200 11885 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:52 -0400] "GET /sys.php HTTP/1.1" 200 11886 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:52 -0400] "GET /lv.php HTTP/1.1" 200 11885 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:53 -0400] "GET /wp-good.php HTTP/1.1" 200 11890 "-" "-"
20.48.164.116 - - [08/May/2026:10:58:53 -0400] "GET /db.php HTTP/1.1" 200 11885 "-" "-"
198.235.24.90 - - [08/May/2026:11:37:47 -0400] "GET / HTTP/1.1" 301 291 "-" "Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity"
@ Telegram