This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[2019-09-22 10:21:14] api-debugger.INFO: >>>>>>>> | |
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1 | |
Content-Length: 1276 | |
Referer: https://myjoomla.com/ | |
User-Agent: myJoomla/2.0 (myJoomla.com) | |
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com | |
Content-Type: application/x-www-form-urlencoded | |
Host: wyspataichi.waw.pl | |
X-MYJOOMLA-HMAC: fXg+tYMbjw2C0ZH7tuj6lzMh8/s8efUX1dIkzrajl2E= | |
X-MYJOOMLA-TIME: 1569147553 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>> | |
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1 | |
Content-Length: 658 | |
Referer: https://myjoomla.com/ | |
User-Agent: myJoomla/2.0 (myJoomla.com) | |
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com | |
Content-Type: application/x-www-form-urlencoded | |
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt | |
Host: al-halo-echo.pl | |
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>> | |
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1 | |
Content-Length: 658 | |
Referer: https://myjoomla.com/ | |
User-Agent: myJoomla/2.0 (myJoomla.com) | |
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com | |
Content-Type: application/x-www-form-urlencoded | |
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt | |
Host: al-halo-echo.pl | |
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[2019-09-22 10:10:00] api-debugger.INFO: >>>>>>>> | |
GET /wp-login.php?redirect_to=http%3A%2F%2Fal-halo-echo.pl%2Fwp-admin%2F&reauth=1 HTTP/1.1 | |
Host: al-halo-echo.pl | |
User-Agent: myJoomla/2.0 (myJoomla.com) | |
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com | |
<<<<<<<< | |
HTTP/1.1 401 Unauthorized | |
Date: Sun, 22 Sep 2019 10:10:00 GMT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[2019-09-09 17:00:59] api-debugger.INFO: >>>>>>>> | |
POST /plugins/system/bfnetwork/bfnetwork/bfTools.php HTTP/1.1 | |
Content-Length: 923 | |
Referer: https://mysites.guru/ | |
User-Agent: mySites/3.0 (mySites.guru) | |
Accept: application/json | |
X-MyJoomla-FAQ: For full details see mySites.guru or email phil@phil-taylor.com | |
Content-Type: application/x-www-form-urlencoded | |
Host: www.apecs.org | |
X-MYJOOMLA-HMAC: 5picr+I4nWZUlPGd4izSMbVzm9mEhNxWKx5B7QeBzQ0= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "GET /administrator/ HTTP/1.1" 200 2016 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" | |
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "POST /administrator/index.php HTTP/1.1" 303 20 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" | |
34.201.72.165 - - [02/Jul/2019:14:21:31 -0500] "GET /administrator/index.php HTTP/1.1" 200 6592 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" | |
34.201.72.165 - - [02/Jul/2019:14:21:33 -0500] "GET /administrator/index.php?option=com_templates HTTP/1.1" 200 8114 "https://refugecountryclub.com/administrator/index.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" | |
34.201.72.165 - - [02/Jul/2019:14:21:34 -0500] "GET /administrator/index.php?option=com_templates&view=template&id=10000++ HTTP/1.1" 200 24129 "https://refugecountryclub.com/administrator/index.php?optio |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
UPDATE bf_files AS NEWTABLE | |
INNER JOIN ( | |
SELECT | |
bf_files_last.filewithpath, bf_files_last.suspectcontent, bf_files_last.falsepositive, bf_files_last.encrypted FROM bf_files_last | |
LEFT JOIN | |
bf_files ON bf_files_last.filewithpath = bf_files.filewithpath | |
WHERE | |
bf_files_last.currenthash = bf_files.currenthash | |
AND | |
bf_files_last.filemtime = bf_files.filemtime |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
UPDATE bf_files AS NEWTABLE | |
INNER JOIN ( | |
SELECT | |
bf_files_last.filewithpath, | |
bf_files_last.suspectcontent, bf_files_last.falsepositive, | |
bf_files_last.encrypted FROM bf_files_last | |
LEFT JOIN | |
bf_files ON | |
bf_files_last.filewithpath = bf_files.filewithpath | |
WHERE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Delivered-To: phil@phil-taylor.com | |
Return-Path: <abler54@lxvm3.neteffx.net> | |
Delivered-To: phil+spam@phil-taylor.com | |
Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6]) | |
by backend37.mail.ord1d.rsapps.net with LMTP id cIZhDLUq5VzKUwAAXiPxRA | |
for <phil+spam@phil-taylor.com>; Wed, 22 May 2019 06:55:49 -0400 | |
Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6]) | |
by director12.mail.ord1d.rsapps.net with LMTP id ECR0DLUq5VyJPAAAIasKDg | |
; Wed, 22 May 2019 06:55:49 -0400 | |
Received: from smtp13.gate.ord1d ([172.30.191.6]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Delivered-To: phil@phil-taylor.com | |
Return-Path: <seasontickets@seasonticketfinance.com> | |
Delivered-To: phil+spam@phil-taylor.com | |
Received: from director9.mail.ord1d.rsapps.net ([172.30.191.6]) | |
by backend37.mail.ord1d.rsapps.net with LMTP id ODxyHg0j5Vz+UQAAXiPxRA | |
for <phil+spam@phil-taylor.com>; Wed, 22 May 2019 06:23:09 -0400 | |
Received: from proxy11.mail.ord1d.rsapps.net ([172.30.191.6]) | |
by director9.mail.ord1d.rsapps.net with LMTP id 4Ft9Hg0j5VxgTwAAalYnBA | |
; Wed, 22 May 2019 06:23:09 -0400 | |
Received: from smtp14.gate.ord1d ([172.30.191.6]) |