Current File : //home/honehdyv/scanreport-honehdyv-2025-06-12T16:32:19.046500.txt

----------- SCAN REPORT -----------
TimeStamp: Thu, 12 Jun 2025 12:32:22 -0400
(/usr/sbin/cxs --clamdsock /var/clamd --dbreport --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 50000 --noforce --html --ignore /etc/cxs/cxs.ignore.manual --options mMOLfSGchexdnwZDRru --noprobability --qoptions Mv --report /home/honehdyv/scanreport-honehdyv-2025-06-12T16:32:19.046500.txt --sizemax 1000000 --ssl --summary --sversionscan --timemax 30 --unofficial --user honehdyv --virusscan --vmrssmax 2000000 --waitscan 0 --xtra /etc/cxs/cxs.xtra.manual)


Scanning /home/honehdyv:

'/home/honehdyv/access-logs'
# Symlink to [/etc/apache2/logs/domlogs/honehdyv]

'/home/honehdyv/.nc_plugin/hidden'
# World writeable directory

'/home/honehdyv/coursedownloadly.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/funniesthost.com/522314/radio.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/isekainonbirinoukachapters.com/wp-includes/template-loader.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/isekainonbirinoukachapters.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/isekainonbirinoukachapters.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/jujutsukaisenscan.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/junglejuicewebtoon.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/junglejuicewebtoon.com/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/522314/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/cgi-bin/cgi-bin/vBIizQHNUFVCJkWmEb.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/junglejuicewebtoon.com/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/images/images/sbtCVgxSIefEQXZ.tiff'
# Suspicious image file (hidden script file)

'/home/honehdyv/junglejuicewebtoon.com/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/images/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/images/images/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-admin/css/colors/sunrise/sunrise/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-admin/css/colors/sunrise/sunrise/sunrise/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/junglejuicewebtoon.com/wp-admin/css/colors/sunrise/sunrise/sunrise/sunrise/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ad-inserter/ad-inserter.php'
# Script version check [OLD] [Ad Inserter v2.7.38 < v2.8.1]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA/RSA/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/akismet/_inc/img/logo-rqqrsooqrrn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/ga-google-analytics/ga-google-analytics.php'
# Script version check [OLD] [GA Google Analytics v20241102 < v20250326]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/insert-headers-and-footers/ihaf.php'
# Script version check [OLD] [WPCode Lite v2.2.2 < v2.2.7]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/links-auto-replacer/admin/cmb/languages/languages/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/links-auto-replacer/admin/js/js/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/litespeed-cache/litespeed-cache.php'
# Script version check [OLD] [LiteSpeed Cache v6.5.2 < v7.0.1]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/post-types-order/post-types-order.php'
# Script version check [OLD] [Post Types Order v2.3.2 < v2.3.5]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/simple-custom-post-order/simple-custom-post-order.php'
# Script version check [OLD] [Simple Custom Post Order v2.5.8 < v2.5.10]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/wordpress-seo/wp-seo.php'
# Script version check [OLD] [Yoast SEO v23.8 < v24.9]

'/home/honehdyv/junglejuicewebtoon.com/wp-content/plugins/wordpress-seo/src/initializers/initializers/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v6.7.2 < v6.8.1]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/SimplePie/library/SimplePie/Parse/Parse/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/Text/Diff/Engine/rqqrsooqrrn.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/css/dist/edit-site/edit-site/NsPBqaURzrpAfTxFbjEV.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/css/dist/edit-site/edit-site/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/images/w-eddefbbdeea.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/images/crystal/crystal/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/images/media/eddefbbdeea.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/js/tinymce/plugins/charmap/charmap/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/junglejuicewebtoon.com/wp-includes/js/tinymce/plugins/plugins/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/myheroscan.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/newsbark.online/admin.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/newsbark.online/.tmb'
# World writeable directory

'/home/honehdyv/newsbark.online/522314/radio.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/newsbark.online/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/newsbark.online/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/newsbark.online/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/newsbark.online/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/newsbark.online/wp-content/plugins/blocksy-companion/framework/dashboard.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/newsbark.online/wp-content/plugins/file-manager-advanced/application/library/codemirror/mode/clike/index.html'
# Suspicious file type [application/x-c]

'/home/honehdyv/newsbark.online/wp-content/themes/blocksy/admin/dashboard/core.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/newsbark.online/wp-content/uploads'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2020'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2020/01'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2020/03'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2020/07'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2023'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2023/10'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2023/11'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2023/12'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/01'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/02'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/03'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/04'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/05'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/06'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/07'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/08'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/09'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/10'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/11'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2024/12'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2025'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2025/01'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2025/02'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2025/03'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2025/04'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/2025/05'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/wpforms'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-content/uploads/wpforms/cache'
# World writeable directory

'/home/honehdyv/newsbark.online/wp-includes/version.php'
# Script version check [OLD] [Wordpress v6.5.3 < v6.8.1]

'/home/honehdyv/operationtruelovenow.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/operationtruelovenow.com/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/522314/522314/522314/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/522314/522314/522314/522314/cU.tiff'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/522314/522314/522314/522314/522314/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/522314/522314/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/vbUKNPulTFrQgG.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/images/images/images/WnUlabsArPJBG.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/images/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/images/images/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/images/images/images/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/blue/blue/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/blue/blue/cjmkFpXSMCAfuebZU.jpg'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/blue/blue/blue/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/coffee/coffee/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/coffee/coffee/coffee/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/coffee/coffee/coffee/coffee/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/coffee/coffee/coffee/coffee/coffee/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/light/light/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/midnight/midnight/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/colors/ocean/ocean/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/wp-admin/css/css/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/includes/includes/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/js/widgets/widgets/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/js/widgets/widgets/widgets/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/js/widgets/widgets/widgets/widgets/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/maint/maint/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/maint/maint/maint/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/maint/maint/maint/maint/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/network/network/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/wp-admin/network/network/network/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/user/user/ZjtUlMufzvimhWsY.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-admin/user/user/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-admin/user/user/user/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/ad-inserter.php'
# Script version check [OLD] [Ad Inserter v2.7.38 < v2.8.1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/Signature/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api-8/src/Task/Task/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/.github/.github/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Exception/Exception/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/akismet/_inc/img/logo-rpqsnonnqoqnqs.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/ga-google-analytics/ga-google-analytics.php'
# Script version check [OLD] [GA Google Analytics v20241102 < v20250326]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/insert-headers-and-footers/ihaf.php'
# Script version check [OLD] [WPCode Lite v2.2.3 < v2.2.7]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/insert-headers-and-footers/includes/includes/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/post-types-order/post-types-order.php'
# Script version check [OLD] [Post Types Order v2.3.2 < v2.3.5]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/redirection/database/database/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/simple-custom-post-order/simple-custom-post-order.php'
# Script version check [OLD] [Simple Custom Post Order v2.5.8 < v2.5.10]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/widgets-on-pages/freemius/templates/partials/partials/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wordpress-seo/wp-seo.php'
# Script version check [OLD] [Yoast SEO v23.8 < v24.9]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wordpress-seo/src/actions/actions/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wordpress-seo/src/content-type-visibility/content-type-visibility/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wordpress-seo/src/deprecated/src/introductions/introductions/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wordpress-seo/vendor_prefixed/symfony/dependency-injection/Exception/Exception/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wp-rocket/inc/Dependencies/ActionScheduler/deprecated/deprecated/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wp-rocket/inc/Engine/Media/AboveTheFold/Database/Database/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wp-rocket/inc/Engine/Media/Lazyload/CSS/CSS/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wp-rocket/inc/Engine/Optimization/DelayJS/Admin/Admin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wp-rocket/vendor/symfony/css-selector/Exception/Exception/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/plugins/wp-rocket/views/settings/buttons/buttons/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-content/themes/twentynineteen/sass/modules/modules/TbGiQ.jpeg'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-content/themes/twentynineteen/sass/modules/modules/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/wp-content/themes/twentytwentyfour/templates/templates/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v6.6.2 < v6.8.1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/ID3/ID3/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/wp-includes/Requests/Requests/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/Text/Diff/Engine/rpqsnonnqoqnqs.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-includes/assets/assets/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/code/code/AIztmKGglMqPRNyih.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/code/code/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/comment-edit-link/comment-edit-link/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/comments-pagination-next/comments-pagination-next/bUpNixnMAmXJwzPHau.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/comments-pagination-next/comments-pagination-next/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/group/group/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/post-author-biography/post-author-biography/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/post-date/post-date/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/post-featured-image/post-featured-image/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/quote/quote/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/separator/separator/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/site-tagline/site-tagline/WMAzvRsEj.jpeg'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/site-tagline/site-tagline/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/blocks/site-title/site-title/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/css/dist/preferences/preferences/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/css/dist/widgets/widgets/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/images/w-ecdfabaadbdadf.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-includes/images/media/ecdfabaadbdadf.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/operationtruelovenow.com/wp-includes/js/dist/development/development/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/js/tinymce/plugins/textcolor/textcolor/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/js/tinymce/plugins/wpeditimage/wpeditimage/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/js/tinymce/plugins/wpeditimage/wpeditimage/wpeditimage/TfyBeZJV.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/operationtruelovenow.com/wp-includes/js/tinymce/plugins/wpeditimage/wpeditimage/wpeditimage/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/rest-api/fields/fields/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/operationtruelovenow.com/wp-includes/sodium_compat/namespaced/Core/Core/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/operationtruelovenow.com/wp-includes/sodium_compat/src/Core32/Core32/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/perfectmarriagerevenge.com/admin.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/perfectmarriagerevenge.com/522314/radio.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/ad-inserter/ad-inserter.php'
# Script version check [OLD] [Ad Inserter v2.7.38 < v2.8.1]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/ga-google-analytics/ga-google-analytics.php'
# Script version check [OLD] [GA Google Analytics v20241102 < v20250326]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/insert-headers-and-footers/ihaf.php'
# Script version check [OLD] [WPCode Lite v2.2.3 < v2.2.7]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/post-types-order/post-types-order.php'
# Script version check [OLD] [Post Types Order v2.3.2 < v2.3.5]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/simple-custom-post-order/simple-custom-post-order.php'
# Script version check [OLD] [Simple Custom Post Order v2.5.8 < v2.5.10]

'/home/honehdyv/perfectmarriagerevenge.com/wp-content/plugins/wordpress-seo/wp-seo.php'
# Script version check [OLD] [Yoast SEO v23.8 < v24.9]

'/home/honehdyv/perfectmarriagerevenge.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v6.6.2 < v6.8.1]

'/home/honehdyv/perfectmarriagerevenge.com/wp-includes/Requests/src/index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__ALDcmQJiAEQuA'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__ByNyBlKTdxKoQ'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__BzeSYJFihovJ'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__CiTYjxuJndWk'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__DottceXerGWed'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__FruOpswInCmm'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__GALocsJWkRHfZ'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__GDssRhJZvdrLA'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__GwlwlxcNjHyB'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__HLcDFhJhdHhBl'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__HnOqQXgEbqxFj'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__HwngCNUaZPAqK'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__IEbfOXUacnbc'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__JpGkGnDYTaiPx'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__LKkwfMCbZfoQZ'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__MDyyAsaYXRFC'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__NbkAQFyGbYwmy'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__PeUjAUtJGskH'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__PoQWKWHmPFABm'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__QFEgmAYieyQid'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__QLbgDPNzxPAhh'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__SJgEHQcGqFIFY'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__SRBMdaeEDsXqI'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__TZGEZXxyvIhef'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__ULUEpkmJwSybE'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__VZnudOlGMaVTe'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__VlRoYFeyDVUm'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__WvrQDqGodfURt'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__YUBKuIKlubGkF'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__bpcWpXwTypkj'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__ceDclmzICYhL'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__faZsuietVRtK'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__fkIhSBbJkGoD'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__hMYZbEUJqcSMv'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__hZjnvCOlWpcD'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__iIdKmEyTaIORj'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__izDwMONRVzatZ'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__llSLrncFpryMI'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__qZGgIIuXidCoz'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__rGcLSETahFhmg'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__rsjAUALiyJtd'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__yYwpkpVvlasx'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php74_var_lib_php_session__znqJYsLncjUTe'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php83_var_lib_php_session__FbZRhgmKZRkr'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php83_var_lib_php_session__TWPpZHoBqryW'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/.cagefs_opt_alt_php83_var_lib_php_session__reTSrTjveojn'
# ClamAV detected virus = [YARA.eval_post.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_awstats052024.tamarinefitness.com.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats012024.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats072023.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats082023.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats092023.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats102023.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats112023.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/quarantine_clamavconnector/tmp_awstats_ssl_awstats122023.honesthings.com.txt'
# ClamAV detected virus = [{HEX}php.malware.magento.599.UNOFFICIAL]

'/home/honehdyv/readbtooom.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/readbtooom.com/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/readbtooom.com/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/readbtooom.com/f5462e/f5462e/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/readbtooom.com/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/readbtooom.com/wp-admin/css/colors/sunrise/sunrise/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/readbtooom.com/wp-admin/js/js/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/readbtooom.com/wp-content/cache/wp-rocket/w3.readbtooom.com/category/photos/index.php'
# ClamAV detected virus = [TO-38697.WEBSHEL.nc__php.MD5-90b535d1e1c05c432fff4af9e35b3b4b.size-102.UNOFFICIAL]

'/home/honehdyv/readbtooom.com/wp-content/cache/wp-rocket/w3.readbtooom.com/dmca/i18ns/index.php'
# ClamAV detected virus = [TO-38697.WEBSHEL.nc__php.MD5-90b535d1e1c05c432fff4af9e35b3b4b.size-102.UNOFFICIAL]

'/home/honehdyv/readbtooom.com/wp-content/cache/wp-rocket/w3.readbtooom.com/the-worn-and-torn-newbie/photos/index.php'
# ClamAV detected virus = [TO-38697.WEBSHEL.nc__php.MD5-90b535d1e1c05c432fff4af9e35b3b4b.size-102.UNOFFICIAL]

'/home/honehdyv/readbtooom.com/wp-content/plugins/akismet/_inc/img/logo-rsosnsqnposn.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/readbtooom.com/wp-content/plugins/autodescription/autodescription.php'
# Script version check [OLD] [The SEO Framework v4.2.8 < v5.1.2]

'/home/honehdyv/readbtooom.com/wp-content/plugins/duplicate-page/duplicatepage.php'
# Script version check [OLD] [Duplicate Page v4.5.3 < v4.5.4]

'/home/honehdyv/readbtooom.com/wp-content/plugins/ga-google-analytics/ga-google-analytics.php'
# Script version check [OLD] [GA Google Analytics v20231101 < v20250326]

'/home/honehdyv/readbtooom.com/wp-content/plugins/header-footer-code-manager/99robots-header-footer-code-manager.php'
# Script version check [OLD] [Header Footer Code Manager v1.1.36 < v1.1.39]

'/home/honehdyv/readbtooom.com/wp-content/plugins/insert-headers-and-footers/ihaf.php'
# Script version check [OLD] [WPCode Lite v2.1.5 < v2.2.7]

'/home/honehdyv/readbtooom.com/wp-content/plugins/simple-custom-post-order/simple-custom-post-order.php'
# Script version check [OLD] [Simple Custom Post Order v2.5.7 < v2.5.10]

'/home/honehdyv/readbtooom.com/wp-includes/version.php'
# Script version check [OLD] [Wordpress v6.4.5 < v6.8.1]

'/home/honehdyv/readbtooom.com/wp-includes/Text/Diff/Engine/rsosnsqnposn.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/readbtooom.com/wp-includes/blocks/index.php'
# (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [RFI Exploit [P1419]]

'/home/honehdyv/readbtooom.com/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/readbtooom.com/wp-includes/blocks/video/video/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/readbtooom.com/wp-includes/images/w-efbfafdacbfa.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/readbtooom.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/readbtooom.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/readbtooom.com/wp-includes/images/media/efbfafdacbfa.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/remonster.online/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/522314/522314/522314/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/remonster.online/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/images/images/images/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/remonster.online/wp-admin/css/colors/modern/modern/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/wp-admin/css/css/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/wp-admin/js/js/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/wp-content/plugins/ad-inserter/ad-inserter.php'
# Script version check [OLD] [Ad Inserter v2.7.38 < v2.8.1]

'/home/honehdyv/remonster.online/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-content/plugins/akismet/_inc/img/logo-qqnopnpnqp.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-content/plugins/ga-google-analytics/ga-google-analytics.php'
# Script version check [OLD] [GA Google Analytics v20241102 < v20250326]

'/home/honehdyv/remonster.online/wp-content/plugins/insert-headers-and-footers/ihaf.php'
# Script version check [OLD] [WPCode Lite v2.2.3 < v2.2.7]

'/home/honehdyv/remonster.online/wp-content/plugins/litespeed-cache/litespeed-cache.php'
# Script version check [OLD] [LiteSpeed Cache v6.5.2 < v7.0.1]

'/home/honehdyv/remonster.online/wp-content/plugins/onesignal-free-web-push-notifications/onesignal-admin.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-content/plugins/post-types-order/post-types-order.php'
# Script version check [OLD] [Post Types Order v2.3.2 < v2.3.5]

'/home/honehdyv/remonster.online/wp-content/plugins/simple-custom-post-order/simple-custom-post-order.php'
# Script version check [OLD] [Simple Custom Post Order v2.5.8 < v2.5.10]

'/home/honehdyv/remonster.online/wp-content/plugins/wordpress-seo/wp-seo.php'
# Script version check [OLD] [Yoast SEO v23.8 < v24.9]

'/home/honehdyv/remonster.online/wp-content/plugins/wordpress-seo/vendor_prefixed/symfony/dependency-injection/Argument/Argument/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/wp-content/plugins/wp-rocket/inc/classes/subscriber/Tools/Tools/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/wp-content/plugins/wp-rocket/inc/classes/subscriber/Tools/Tools/vUqftuNSAxTEyeVHjlMb.tif'
# Suspicious image file (hidden script file)

'/home/honehdyv/remonster.online/wp-includes/version.php'
# Script version check [OLD] [Wordpress v6.6.2 < v6.8.1]

'/home/honehdyv/remonster.online/wp-includes/Text/Diff/Engine/qqnopnpnqp.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-includes/assets/index.php'
# (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [RFI Exploit [P1419]]

'/home/honehdyv/remonster.online/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-includes/css/dist/block-directory/block-directory/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/remonster.online/wp-includes/images/w-ddabcacadc.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/remonster.online/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/remonster.online/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/remonster.online/wp-includes/images/media/ddabcacadc.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/reversevillain.com/522314/522314/caWxbe.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/reversevillain.com/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/reversevillain.com/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/reversevillain.com/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/reversevillain.com/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ad-inserter/ad-inserter.php'
# Script version check [OLD] [Ad Inserter v2.7.38 < v2.8.1]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/guzzlehttp/guzzle/vendor-bin/vendor-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-content/plugins/akismet/_inc/img/logo-opqqnssno.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-content/plugins/ga-google-analytics/ga-google-analytics.php'
# Script version check [OLD] [GA Google Analytics v20241102 < v20250326]

'/home/honehdyv/reversevillain.com/wp-content/plugins/insert-headers-and-footers/ihaf.php'
# Script version check [OLD] [WPCode Lite v2.2.3 < v2.2.7]

'/home/honehdyv/reversevillain.com/wp-content/plugins/litespeed-cache/litespeed-cache.php'
# Script version check [OLD] [LiteSpeed Cache v6.5.2 < v7.0.1]

'/home/honehdyv/reversevillain.com/wp-content/plugins/post-types-order/post-types-order.php'
# Script version check [OLD] [Post Types Order v2.3.2 < v2.3.5]

'/home/honehdyv/reversevillain.com/wp-content/plugins/post-types-order/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/reversevillain.com/wp-content/plugins/simple-custom-post-order/simple-custom-post-order.php'
# Script version check [OLD] [Simple Custom Post Order v2.5.8 < v2.5.10]

'/home/honehdyv/reversevillain.com/wp-content/plugins/wordpress-seo/wp-seo.php'
# Script version check [OLD] [Yoast SEO v23.8 < v24.9]

'/home/honehdyv/reversevillain.com/wp-includes/Text/Diff/Engine/opqqnssno.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-includes/images/w-bcddaffab.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/reversevillain.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/reversevillain.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/reversevillain.com/wp-includes/images/media/bcddaffab.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/sololevelingscan.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/windbreakermanga.com/boy.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/522314/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/windbreakermanga.com/522314/522314/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/522314/522314/522314/522314/KsB.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/522314/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/522314/522314/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/VQKujqz.jpg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/ZkVSpHXLeKiUW.jpg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cgi-bin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/images/images/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/images/images/images/images/images/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/images/images/images/images/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/images/images/images/images/images/images/images/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/colors/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/ectoplasm/ectoplasm/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/midnight/midnight/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/midnight/midnight/midnight/UxTnVHcKf.jpeg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/midnight/midnight/midnight/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/modern/modern/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-admin/css/colors/modern/modern/modern/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/images/images/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/includes/includes/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-admin/includes/includes/includes/FgCuXUThmqZWNcsI.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-admin/includes/includes/includes/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-admin/user/user/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/akismet/_inc/img/logo-nnsspsqroorrqs.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wordpress-seo/src/conditionals/traits/traits/BrtuiHJebFgzQNayx.jpeg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wordpress-seo/src/conditionals/traits/traits/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wordpress-seo/src/deprecated/admin/admin/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wp-rocket/inc/Engine/Capabilities/Capabilities/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wp-rocket/inc/Engine/Media/AboveTheFold/Database/Queries/Queries/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wp-rocket/inc/Engine/Optimization/RUCSS/Controller/Controller/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wp-rocket/inc/Engine/Optimization/RUCSS/Controller/Controller/xzHZaMEjVBlX.jpeg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wp-rocket/inc/classes/dependencies/wp-media/wp-media/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/plugins/wp-rocket/inc/classes/dependencies/wp-media/wp-media/wfVvZMbQYW.tif'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-content/uploads/2024/06/06/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-content/uploads/2025/05/05/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/SimplePie/library/library/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/Text/Diff/Engine/nnsspsqroorrqs.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/list/list/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/loginout/loginout/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/post-navigation-link/post-navigation-link/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/quote/quote/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/search/search/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/blocks/search/search/prWSNJkMblLVg.tiff'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/css/dist/customize-widgets/customize-widgets/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-includes/css/dist/nux/nux/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-includes/css/dist/preferences/preferences/TNbSYpkfyceU.jpg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/css/dist/preferences/preferences/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/images/w-aaffcfdebbeedf.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/windbreakermanga.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/images/media/aaffcfdebbeedf.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/windbreakermanga.com/wp-includes/js/dist/script-modules/interactivity/interactivity/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/js/dist/script-modules/interactivity/interactivity/lcrt.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/js/swfupload/swfupload/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/js/tinymce/skins/lightgray/lightgray/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/pomo/pomo/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/windbreakermanga.com/wp-includes/rest-api/rest-api/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-includes/sitemaps/sitemaps/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/windbreakermanga.com/wp-includes/sitemaps/sitemaps/zMTNZx.jpeg'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/sodium_compat/src/Core/Curve25519/Curve25519/Ak.tif'
# Suspicious image file (hidden script file)

'/home/honehdyv/windbreakermanga.com/wp-includes/sodium_compat/src/Core/Curve25519/Curve25519/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/about.php'
# Universal decode regex match = [universal decoder]
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# Decode regex match = [decode regex: 1]
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/522314/index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/wotaku-manga.com/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/522314/522314/522314/522314/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/wotaku-manga.com/522314/522314/522314/522314/522314/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-admin/index.php'
# Universal decode regex match = [universal decoder]
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# Decode regex match = [decode regex: 1]
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-admin/css/colors/ocean/ocean/cache.php'
# (decoded file [depth: 1]) Decode regex match = [decode regex: 1]
# (decoded file [depth: 2]) Known exploit = [Fingerprint Match (fp)] [PHP Exploit [P2223]]

'/home/honehdyv/wotaku-manga.com/wp-admin/network/network/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-admin/user/user/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/symfony/polyfill-intl-idn/polyfill-intl-idn/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/akismet/_inc/img/logo-sprprqro.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/onesignal-free-web-push-notifications/v2/onesignal-admin.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-content/plugins/onesignal-free-web-push-notifications/v3/onesignal-admin/onesignal-admin.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-includes/Text/Diff/Engine/sprprqro.ttf'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-includes/blocks/cover/style-rel.css'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-includes/css/dist/edit-site/edit-site/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-includes/css/dist/preferences/preferences/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-includes/images/w-fcecedeb.gif'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-includes/images/wpspin-1x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/wotaku-manga.com/wp-includes/images/xit-3x.gif'
# Suspicious image file (hidden script file)

'/home/honehdyv/wotaku-manga.com/wp-includes/images/media/fcecedeb.png'
# Suspicious image file (hidden script file)
# Universal decode regex match = [universal decoder]

'/home/honehdyv/wotaku-manga.com/wp-includes/js/dist/script-modules/block-library/image/image/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-includes/js/dist/script-modules/block-library/image/image/jZKGheSFLYRct.png'
# Suspicious image file (hidden script file)

'/home/honehdyv/wotaku-manga.com/wp-includes/js/tinymce/plugins/wpdialogs/wpdialogs/cache.php'
# Decode regex match = [decode regex: 1]

'/home/honehdyv/wotaku-manga.com/wp-includes/rest-api/index.php'
# (decoded file [depth: 1]) Known exploit = [Fingerprint Match (fp)] [RFI Exploit [P1419]]

'/home/honehdyv/yours-toclaim.com/admin.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/yours-toclaim.com/522314/radio.php'
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/ad-inserter/includes/google-api/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571k1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/ad-inserter/includes/google-api-8/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Curves/sect571r1.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/onesignal-free-web-push-notifications/v2/onesignal-admin.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/onesignal-free-web-push-notifications/v3/onesignal-admin/onesignal-admin.php'
# Universal decode regex match = [universal decoder]

'/home/honehdyv/yours-toclaim.com/wp-content/plugins/post-types-order/js/radio.php'
# Universal decode regex match = [universal decoder]
# (decoded file [advanced decoder: 14 (depth: 1)]) Known exploit = [Fingerprint Match (fp)] [PHP Shell Exploit [P1295]]

----------- SCAN SUMMARY -----------
Scanned directories: 24924
Scanned files: 352856
Ignored items: 497
Suspicious matches: 549
Viruses found: 57
Fingerprint matches: 51
Data scanned: 4065.62 MB
Scan peak memory: 418732 kB
Scan time/item: 0.043 sec
Scan time: 16191.970 sec