BPS PRO SECURITY LOG ===================== ===================== [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:56 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:02 a.m.] [403 GET Request: March 31, 2026 4:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.242.236 Host Name: 172.70.242.236 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.242.236 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/logs/HEAD QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 4:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.242.236 Host Name: 172.70.242.236 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.242.236 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/refs/heads/main QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 4:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.143 Host Name: 172.70.243.143 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.143 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/refs/heads/master QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 4:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.143 Host Name: 172.70.243.143 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.143 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/config QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 4:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.143 Host Name: 172.70.243.143 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.143 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/HEAD QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 4:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.144 Host Name: 172.70.243.144 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.144 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/index QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:07 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:09 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:12 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:17 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 4:20 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 205.185.123.125 Host Name: 205.185.123.125 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.185.123.125 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:31.0) Gecko/20100101 Firefox/31.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:20 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:23 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:34 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:38 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:54 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:57 a.m.] [403 GET Request: March 31, 2026 4:57 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 194.26.192.92 Host Name: mail.fairmountinc.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 194.26.192.92 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/txets.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:59 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:04 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 5:06 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.59.141 Host Name: mail.investmentpulse.ltd SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.59.141 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) GSA/4.1.0.31802 Mobile/11D257 Safari/9537.53 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:06 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 5:07 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 139.99.61.38 Host Name: vps-1cafb99c.vps.ovh.ca SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 139.99.61.38 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:143.0) Gecko/20100101 Firefox/143.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:07 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:09 a.m.] [403 GET Request: March 31, 2026 5:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 3.139.242.79 Host Name: scan.visionheight.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 3.139.242.79 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:12 a.m.] [403 GET Request: March 31, 2026 5:15 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 3.139.242.79 Host Name: scan.visionheight.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 3.139.242.79 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:24 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:28 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:33 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:38 a.m.] [403 GET Request: March 31, 2026 5:40 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.63.83.113 Host Name: 20.63.83.113 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.83.113 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:40 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 5:41 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 211.21.61.225 Host Name: 211-21-61-225.hinet-ip.hinet.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 211.21.61.225 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:41 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:48 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:50 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:51 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:51 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:53 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 5:58 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 178.33.162.49 Host Name: gregal.limit.es SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 178.33.162.49 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:03 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:05 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:08 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:13 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:20 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:23 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:31 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:38 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:40 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:40 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:44 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:48 a.m.] [403 GET Request: March 31, 2026 6:48 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.91.240.203 Host Name: 20.91.240.203 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.91.240.203 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:50 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:56 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:00 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:03 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:10 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:14 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:16 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:23 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 7:24 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.47.233 Host Name: mail.espinoza.dev SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.47.233 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:32 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 7:35 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.247.170.82 Host Name: static.170.247.185-na.connectafibra.cat SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.247.170.82 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:42 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 7:46 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.59.141 Host Name: mail.investmentpulse.ltd SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.59.141 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (iPad; CPU OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:47 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 7:50 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 211.21.61.245 Host Name: 211-21-61-245.hinet-ip.hinet.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 211.21.61.245 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:50 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:53 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:04 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:05 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:10 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:15 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 8:18 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 211.21.61.224 Host Name: 211-21-61-224.hinet-ip.hinet.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 211.21.61.224 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 [Login Form - POST Request Logged: März 31, 2026 - 8:19 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 20.163.27.0 Host Name: 20.163.27.0 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.163.27.0 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 OPR/123.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:26 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 8:26 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 46.21.198.186 Host Name: rt-prem-out.magic.fr SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 46.21.198.186 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:33 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:38 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:39 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 8:41 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 103.110.84.178 Host Name: 103.110.84.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 103.110.84.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:143.0) Gecko/20100101 Firefox/143.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:41 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:44 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:50 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 8:54 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 195.154.174.40 Host Name: 195-154-174-40.rev.poneytelecom.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 195.154.174.40 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 OPR/120.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:55 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:57 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:00 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:03 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:06 a.m.] [403 GET Request: March 31, 2026 9:07 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.213.160.162 Host Name: 20.213.160.162 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.213.160.162 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/core-plugin/include.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:16 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 9:17 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 142.132.158.170 Host Name: server12.mediapartner.cz SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 142.132.158.170 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 OPR/122.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:22 a.m.] [403 GET Request: March 31, 2026 9:26 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 152.232.73.179 Host Name: 152.232.73.179 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 152.232.73.179 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /skifahren-hochschwarzwald-alpen/ QUERY_STRING: HTTP_USER_AGENT: python-requests/2.32.5 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:32 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:36 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:44 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:45 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 9:49 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 35.226.125.165 Host Name: 165.125.226.35.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 35.226.125.165 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:142.0) Gecko/20100101 Firefox/142.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:50 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 9:54 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 137.184.64.22 Host Name: 137.184.64.22 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 137.184.64.22 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:54 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:10 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:12 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:15 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:20 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 10:21 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.199.223.27 Host Name: 185.199.223.27 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.199.223.27 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:25 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:30 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:37 a.m.] [403 GET Request: March 31, 2026 10:38 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 185.193.157.187 Host Name: 185.193.157.187 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.193.157.187 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://www.pureoutdoor.de/ QUERY_STRING: url=https://www.pureoutdoor.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:43 a.m.] [403 GET Request: March 31, 2026 10:44 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.138 Host Name: 205.210.31.138 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.138 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:48 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:51 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:54 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:05 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 11:08 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 149.202.76.92 Host Name: ns3014026.ip-149-202-76.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 149.202.76.92 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:145.0) Gecko/20100101 Firefox/145.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:08 a.m.] [405 HEAD Request: March 31, 2026 11:09 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 35.206.91.106 Host Name: 106.91.206.35.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 35.206.91.106 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: scalaj-http/2.4.2 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:10 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:13 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:13 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:15 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:32 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:36 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:41 a.m.] [Login Form - POST Request Logged: März 31, 2026 - 11:41 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 141.94.139.189 Host Name: ns31420023.ip-141-94-139.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 141.94.139.189 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 OPR/122.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:45 a.m.] [403 GET Request: March 31, 2026 11:46 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 158.158.112.113 Host Name: 158.158.112.113 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 158.158.112.113 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:47 a.m.] [403 GET Request: March 31, 2026 11:48 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 158.158.112.113 Host Name: 158.158.112.113 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 158.158.112.113 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/theme-compat/chosen.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:48 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:50 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:51 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:53 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:54 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:55 a.m.] [403 GET Request: March 31, 2026 11:55 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 168.144.43.47 Host Name: 168.144.43.47 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 168.144.43.47 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /skifahren-hochschwarzwald-alpen/license.txt QUERY_STRING: HTTP_USER_AGENT: python-requests/2.27.1 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:56 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:57 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:01 p.m.] [403 GET Request: March 31, 2026 12:02 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 172.161.1.56 Host Name: 172.161.1.56 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.161.1.56 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:02 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:04 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:05 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:11 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:13 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 12:13 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 178.62.28.91 Host Name: 178.62.28.91 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 178.62.28.91 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 OPR/124.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:21 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:23 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:26 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:27 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:37 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:42 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:45 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:47 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 12:48 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 213.202.252.119 Host Name: hapi.tdc-trading.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 213.202.252.119 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:48 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 12:52 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 217.125.100.230 Host Name: 230.red-217-125-100.staticip.rima-tde.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 217.125.100.230 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:141.0) Gecko/20100101 Firefox/141.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:55 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 12:56 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:01 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:04 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:08 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:11 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:15 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:17 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:22 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:25 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:26 p.m.] [403 GET Request: March 31, 2026 1:26 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 40.69.66.178 Host Name: 40.69.66.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 40.69.66.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:31 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:34 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:36 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:41 p.m.] [403 GET Request: March 31, 2026 1:41 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:42 p.m.] [403 GET Request: March 31, 2026 1:42 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/core-plugin/include.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 1:42 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/index.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 1:43 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 1:43 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/ QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 1:43 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/index.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:46 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:48 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:51 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:56 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 1:59 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:01 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:07 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:11 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:12 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:21 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:24 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:25 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:27 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 2:27 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 107.180.249.30 Host Name: dp-5c7f0412fa.dreamhostps.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 107.180.249.30 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:143.0) Gecko/20100101 Firefox/143.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:29 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:30 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:35 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:40 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:45 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:50 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 2:55 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:00 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 3:05 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 152.42.226.162 Host Name: 152.42.226.162 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 152.42.226.162 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:141.0) Gecko/20100101 Firefox/141.0 [Login Form - POST Request Logged: März 31, 2026 - 3:05 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.199.223.39 Host Name: 185.199.223.39 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.199.223.39 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Edg/142.0.0.0 [Login Form - POST Request Logged: März 31, 2026 - 3:09 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 116.202.13.21 Host Name: static.21.13.202.116.clients.your-server.de SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 116.202.13.21 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 Edg/141.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:09 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:11 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 3:13 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 137.184.25.215 Host Name: 137.184.25.215 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 137.184.25.215 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:143.0) Gecko/20100101 Firefox/143.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:13 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:15 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:20 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:24 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:30 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 3:32 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 5.196.202.32 Host Name: srv1-web.mach2com.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 5.196.202.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 Edg/141.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:34 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:37 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:43 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:45 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 3:46 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.33.216.33 Host Name: web33.rgfi.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.33.216.33 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 OPR/123.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:46 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:49 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 3:50 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 54.38.241.153 Host Name: vps-90c32817.vps.ovh.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 54.38.241.153 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 OPR/123.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:56 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 3:58 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:00 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:09 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:14 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:17 p.m.] [403 GET Request: March 31, 2026 4:17 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.205.39.97 Host Name: 4.205.39.97 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.205.39.97 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/apikey/apikey.php?test=hello QUERY_STRING: test=hello HTTP_USER_AGENT: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:19 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 4:19 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 205.185.123.125 Host Name: 205.185.123.125 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.185.123.125 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:20 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 4:21 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 47.244.90.157 Host Name: 47.244.90.157 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 47.244.90.157 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 [Login Form - POST Request Logged: März 31, 2026 - 4:21 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 47.244.90.157 Host Name: 47.244.90.157 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 47.244.90.157 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:21 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:24 p.m.] [403 GET Request: March 31, 2026 4:25 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 100.27.153.9 Host Name: 100-27-153-9.crawl.amazonbot.amazon SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 100.27.153.9 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-json/oembed/1.0/embed?format=xml&url=https://www.pureoutdoor.de/tipps/badeponcho-sup-surfen-kaltwasser-praktisch/ QUERY_STRING: format=xml&url=https://www.pureoutdoor.de/tipps/badeponcho-sup-surfen-kaltwasser-praktisch/ HTTP_USER_AGENT: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:25 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 4:28 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 59.125.102.226 Host Name: 59-125-102-226.hinet-ip.hinet.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 59.125.102.226 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:28 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:33 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:36 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:41 p.m.] [403 GET Request: March 31, 2026 4:41 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 2.58.56.116 Host Name: 2.58.56.116.powered.by.rdp.sh SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 2.58.56.116 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/txets.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:43 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:47 p.m.] [403 GET Request: March 31, 2026 4:47 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 16.176.145.208 Host Name: ec2-16-176-145-208.ap-southeast-2.compute.amazonaws.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 16.176.145.208 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://www.pureoutdoor.de/ QUERY_STRING: url=https://www.pureoutdoor.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:48 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:50 p.m.] [403 GET Request: March 31, 2026 4:50 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 4.193.168.228 Host Name: 4.193.168.228 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.193.168.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/de_fb_uploads/b.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 4:50 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 4.193.168.228 Host Name: 4.193.168.228 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.193.168.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/output.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 4:50 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.193.168.228 Host Name: 4.193.168.228 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.193.168.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/WordPressCore/cong.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:53 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 4:56 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.47.233 Host Name: mail.espinoza.dev SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.47.233 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:56 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 4:58 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 5:00 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 163.61.60.30 Host Name: 163.61.60.30 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 163.61.60.30 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 OPR/122.0.0.0 [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/new/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/new/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 11; moto g31) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.96 Mobile Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:01 p.m.] [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/old/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/old/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.90 Safari/537.36 [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/wordpress/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/wordpress/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0 [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0 [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/blog/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/blog/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 13; Nokia G42 5G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.41 Mobile Safari/537.36 [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/backup/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/backup/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 14; SM-A146P) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/25.0 Chrome/123.0.6312.120 Mobile Safari/537.36 [405 HEAD Request: March 31, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.174.47.48 Host Name: 48.47.174.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.174.47.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://rhs-hochschwarzwald.de/wp/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/wp/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 12; TECNO CK6n) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.50 Mobile Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:08 p.m.] [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /new/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 13; Nokia G42 5G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.41 Mobile Safari/537.36 [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /blog/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 14; SM-A146P) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/25.0 Chrome/123.0.6312.120 Mobile Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:09 p.m.] [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /wp/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.76 Safari/537.36 [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0 [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /wordpress/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 14; RMX3842) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.44 Mobile Safari/537.36 [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /old/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 12; Redmi Note 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.112 Mobile Safari/537.36 [405 HEAD Request: March 31, 2026 5:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.145.70.133 Host Name: 133.70.145.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.145.70.133 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /backup/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.90 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:13 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:14 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 5:16 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 151.252.48.20 Host Name: mail.dienstleistungsserver.de SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 151.252.48.20 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:145.0) Gecko/20100101 Firefox/145.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:16 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:18 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:21 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:23 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:28 p.m.] [403 GET Request: March 31, 2026 5:28 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Login Form - POST Request Logged: März 31, 2026 - 5:28 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 194.182.64.134 Host Name: host134-64-182-194.serverdedicati.aruba.it SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 194.182.64.134 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 OPR/124.0.0.0 [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/seoplugins/index.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/classwithtostring.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/file.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/dummyyummy/wp-signup.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/chosen.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-admin/install.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/link.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: March 31, 2026 5:29 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 74.235.238.88 Host Name: 74.235.238.88 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.235.238.88 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/plugins.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:30 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:35 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:37 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:40 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:41 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:42 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:47 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:55 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 5:57 p.m.] [405 HEAD Request: March 31, 2026 5:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.74.69.228 Host Name: 228.69.74.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.74.69.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://www.rhs-hochschwarzwald.de/blog/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/blog/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15 [405 HEAD Request: March 31, 2026 5:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.74.69.228 Host Name: 228.69.74.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.74.69.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://www.rhs-hochschwarzwald.de/backup/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/backup/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.141 Safari/537.36 [405 HEAD Request: March 31, 2026 5:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.74.69.228 Host Name: 228.69.74.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.74.69.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://www.rhs-hochschwarzwald.de/old/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/old/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 11; RMX2195) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.210 Mobile Safari/537.36 OPR/75.2.3995.72468 [405 HEAD Request: March 31, 2026 5:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.74.69.228 Host Name: 228.69.74.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.74.69.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://www.rhs-hochschwarzwald.de/wp/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/wp/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 13; Nokia G42 5G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.41 Mobile Safari/537.36 [405 HEAD Request: March 31, 2026 5:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.74.69.228 Host Name: 228.69.74.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.74.69.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://www.rhs-hochschwarzwald.de/new/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/new/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.70 Safari/537.36 Vivaldi/6.7.3200.25 [405 HEAD Request: March 31, 2026 5:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 34.74.69.228 Host Name: 228.69.74.34.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 34.74.69.228 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: http://www.rhs-hochschwarzwald.de/wordpress/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/wordpress/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:02 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:03 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 6:06 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 164.132.207.73 Host Name: ns3076650.ip-164-132-207.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 164.132.207.73 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:142.0) Gecko/20100101 Firefox/142.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:12 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:17 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:22 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:26 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:28 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:33 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:41 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:43 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:47 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:49 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 6:53 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 172.176.155.194 Host Name: 172.176.155.194 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.176.155.194 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 Edg/141.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:56 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 6:57 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:09 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:14 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:24 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:27 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:28 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:34 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:35 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:42 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 7:44 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 37.59.29.177 Host Name: ns31629342.ip-37-59-29.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 37.59.29.177 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:140.0) Gecko/20100101 Firefox/140.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:44 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:47 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:49 p.m.] [403 GET Request: March 31, 2026 7:52 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.151.2.242 Host Name: 20.151.2.242 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.151.2.242 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:54 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:57 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 7:59 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:04 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:09 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:14 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:22 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 8:24 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.59.141 Host Name: mail.investmentpulse.ltd SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.59.141 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:24 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:27 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:31 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:35 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:37 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:42 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:43 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:44 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:46 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:50 p.m.] [403 GET Request: March 31, 2026 8:51 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 23.101.4.52 Host Name: 23.101.4.52 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 23.101.4.52 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/admin.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:51 p.m.] [403 GET Request: March 31, 2026 8:51 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 23.101.4.52 Host Name: 23.101.4.52 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 23.101.4.52 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 8:51 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 23.101.4.52 Host Name: 23.101.4.52 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 23.101.4.52 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:52 p.m.] [403 GET Request: March 31, 2026 8:52 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.205.39.97 Host Name: 4.205.39.97 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.205.39.97 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/apikey/apikey.php?test=hello QUERY_STRING: test=hello HTTP_USER_AGENT: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:55 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 8:59 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 217.125.100.230 Host Name: 230.red-217-125-100.staticip.rima-tde.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 217.125.100.230 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 OPR/123.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 8:59 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:01 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:11 p.m.] [403 GET Request: March 31, 2026 9:13 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 51.38.104.194 Host Name: ip194.ip-51-38-104.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 51.38.104.194 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/one_images_usder/oned_images_user.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 9:13 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 51.38.104.194 Host Name: ip194.ip-51-38-104.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 51.38.104.194 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/one_images_user/one_images_user.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:13 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:16 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:21 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:24 p.m.] [403 GET Request: March 31, 2026 9:24 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 45.92.1.112 Host Name: 45.92.1.112.powered.by.rdp.sh SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.92.1.112 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/txets.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:26 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:31 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:37 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:40 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:43 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 9:43 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 194.233.81.119 Host Name: vmi1494154.contaboserver.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 194.233.81.119 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Edg/142.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:47 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:49 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:54 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:55 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 9:58 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 78.47.73.194 Host Name: www404.your-server.de SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 78.47.73.194 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; rv:143.0) Gecko/20100101 Firefox/143.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 9:58 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:00 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:03 p.m.] [403 GET Request: March 31, 2026 10:05 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 172.213.216.93 Host Name: 172.213.216.93 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.213.216.93 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:05 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:07 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:13 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:16 p.m.] [403 GET Request: March 31, 2026 10:16 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.198.86.98 Host Name: 20.198.86.98 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.198.86.98 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 10:16 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.198.86.98 Host Name: 20.198.86.98 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.198.86.98 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/admin.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 10:17 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.198.86.98 Host Name: 20.198.86.98 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.198.86.98 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/yanierin/akcc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: March 31, 2026 10:17 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.198.86.98 Host Name: 20.198.86.98 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.198.86.98 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/index.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:18 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:20 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:23 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:28 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:29 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 10:33 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.199.223.93 Host Name: onyx-nlc-5-9-3.krystal-hosting.katapult.cloud SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.199.223.93 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 OPR/121.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:33 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 10:37 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 104.37.191.206 Host Name: vps3019579.trouble-free.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 104.37.191.206 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:37 p.m.] [403 GET Request: March 31, 2026 10:40 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 18.232.11.247 Host Name: 18-232-11-247.crawl.amazonbot.amazon SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 18.232.11.247 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-json/oembed/1.0/embed?url=https://www.pureoutdoor.de/tipps/badeponcho-sup-surfen-kaltwasser-praktisch/ QUERY_STRING: url=https://www.pureoutdoor.de/tipps/badeponcho-sup-surfen-kaltwasser-praktisch/ HTTP_USER_AGENT: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) Chrome/119.0.6045.214 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:40 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:42 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 10:44 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 137.74.192.205 Host Name: vps-cb8c64ab.vps.ovh.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 137.74.192.205 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 [Login Form - POST Request Logged: März 31, 2026 - 10:46 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 217.61.143.66 Host Name: webserver-66.grupoinova.es SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 217.61.143.66 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:46 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:49 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:51 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 10:52 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.97.166.219 Host Name: onion.www.prd SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.97.166.219 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.0.0 [403 GET Request: March 31, 2026 10:52 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.19.190.161 Host Name: 20.19.190.161 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.19.190.161 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 10:57 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:02 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:07 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:08 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:11 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:17 p.m.] [403 GET Request: March 31, 2026 11:19 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 74.248.134.58 Host Name: 74.248.134.58 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 74.248.134.58 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:22 p.m.] [Login Form - POST Request Logged: März 31, 2026 - 11:25 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 23.98.148.92 Host Name: 23.98.148.92 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 23.98.148.92 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:25 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:26 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:36 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:37 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:41 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:42 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:47 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:51 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:56 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:58 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | März 31, 2026 - 11:59 p.m.] [403 GET Request: March 31, 2026 11:59 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 45.154.98.90 Host Name: 45.154.98.90.powered.by.rdp.sh SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.154.98.90 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/postnews.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 7.0; SM-G892A) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.107 Mobile Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:04 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:10 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:15 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 152.53.103.233 Host Name: v2202409230783285824.bestsrv.de SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 152.53.103.233 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; rv:141.0) Gecko/20100101 Firefox/141.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:15 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:20 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:23 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:29 a.m.] [403 GET Request: April 1, 2026 12:29 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.13 Host Name: 205.210.31.13 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.13 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://www.rhs-hochschwarzwald.de/ REQUEST_URI: /skifahren-hochschwarzwald-alpen/ QUERY_STRING: HTTP_USER_AGENT: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:31 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:32 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.37 Host Name: 45.131.195.37 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.37 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:34 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:39 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:40 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:45 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:49 a.m.] [403 GET Request: April 1, 2026 12:51 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.19.190.161 Host Name: 20.19.190.161 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.19.190.161 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:51 a.m.] [403 GET Request: April 1, 2026 12:51 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 13.74.146.113 Host Name: 13.74.146.113 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 13.74.146.113 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 12:52 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:52 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:52 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.39 Host Name: 45.131.195.39 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.39 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Login Form - POST Request Logged: April 1, 2026 - 12:55 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 15.235.163.7 Host Name: vps-3a3608f7.vps.ovh.ca SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 15.235.163.7 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:55 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:56 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:07 a.m.] [403 GET Request: April 1, 2026 1:09 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Login Form - POST Request Logged: April 1, 2026 - 1:09 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 143.198.154.102 Host Name: www.belltcg.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 143.198.154.102 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:10 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:12 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:18 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 1:20 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.22 Host Name: 45.131.195.22 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.22 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:20 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:24 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:25 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:28 a.m.] [403 GET Request: April 1, 2026 1:32 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.143 Host Name: 198.235.24.143 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.143 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /skifahren-hochschwarzwald-alpen/ QUERY_STRING: HTTP_USER_AGENT: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:32 a.m.] [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=1 QUERY_STRING: author=1 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=2 QUERY_STRING: author=2 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=3 QUERY_STRING: author=3 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=4 QUERY_STRING: author=4 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=5 QUERY_STRING: author=5 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=6 QUERY_STRING: author=6 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=7 QUERY_STRING: author=7 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=8 QUERY_STRING: author=8 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=9 QUERY_STRING: author=9 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=10 QUERY_STRING: author=10 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=11 QUERY_STRING: author=11 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=12 QUERY_STRING: author=12 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=13 QUERY_STRING: author=13 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=14 QUERY_STRING: author=14 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:33 a.m.] [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=15 QUERY_STRING: author=15 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=16 QUERY_STRING: author=16 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=17 QUERY_STRING: author=17 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=18 QUERY_STRING: author=18 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=19 QUERY_STRING: author=19 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [403 GET Request: April 1, 2026 1:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 14.18.106.132 Host Name: 14.18.106.132 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 14.18.106.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /?author=20 QUERY_STRING: author=20 HTTP_USER_AGENT: Apache-HttpClient/4.5.2 (Java/1.8.0_161) [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:39 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:42 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:48 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 1:49 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.51 Host Name: 45.131.195.51 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.51 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:53 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 1:58 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 163.61.60.30 Host Name: 163.61.60.30 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 163.61.60.30 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:03 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:05 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:08 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:08 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 217.61.143.66 Host Name: webserver-66.grupoinova.es SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 217.61.143.66 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0 [Login Form - POST Request Logged: April 1, 2026 - 2:11 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 15.207.37.86 Host Name: ec2-15-207-37-86.ap-south-1.compute.amazonaws.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 15.207.37.86 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Edg/137.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:13 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:17 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.42 Host Name: 45.131.195.42 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.42 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:23 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:26 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 91.245.210.195 Host Name: 195-access-210.uralmicro.ru SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 91.245.210.195 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:28 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:28 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 54.38.195.241 Host Name: ns3122826.serverplugs.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 54.38.195.241 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:30 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:33 a.m.] [403 GET Request: April 1, 2026 2:33 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:34 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:36 a.m.] [403 GET Request: April 1, 2026 2:36 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-content/uploads/2021/02/index.php QUERY_STRING: HTTP_USER_AGENT: [Login Form - POST Request Logged: April 1, 2026 - 2:37 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 146.59.232.195 Host Name: vps-c916d573.vps.ovh.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 146.59.232.195 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 Edg/141.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:37 a.m.] [403 GET Request: April 1, 2026 2:37 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.63.96.180 Host Name: 20.63.96.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.63.96.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/pwnd/as.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:38 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:42 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:43 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.243.11.191 Host Name: rw0bbf.webhosting.systems SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.243.11.191 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:142.0) Gecko/20100101 Firefox/142.0 [Login Form - POST Request Logged: April 1, 2026 - 2:43 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.243.11.191 Host Name: rw0bbf.webhosting.systems SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.243.11.191 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:142.0) Gecko/20100101 Firefox/142.0 [Login Form - POST Request Logged: April 1, 2026 - 2:46 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.26 Host Name: 45.131.195.26 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.26 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:50 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:52 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 51.210.190.32 Host Name: 51.210.190.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 51.210.190.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:56 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:03 a.m.] [403 GET Request: April 1, 2026 3:05 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:05 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:08 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:13 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 3:14 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.23 Host Name: 45.131.195.23 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.23 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:18 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:23 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:28 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:33 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:36 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:38 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 3:43 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.246 Host Name: 45.131.195.246 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.246 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:48 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:55 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 3:58 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 84.201.130.79 Host Name: 84.201.130.79 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 84.201.130.79 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 OPR/122.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:58 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:01 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:11 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 4:12 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.35 Host Name: 45.131.195.35 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.35 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:12 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 4:12 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 90.156.142.31 Host Name: gen312.hs.shared.masterhost.ru SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 90.156.142.31 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.0.0 [Login Form - POST Request Logged: April 1, 2026 - 4:16 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.87.221.196 Host Name: 45-87-221-196.ne.smart-dns.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.87.221.196 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:141.0) Gecko/20100101 Firefox/141.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:18 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 4:19 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 202.157.175.19 Host Name: avbtp01.avbt.com.sg.175.157.202.in-addr.arpa SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 202.157.175.19 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Edg/137.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:22 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:24 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:32 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 4:33 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.227.163.112 Host Name: srve112.controlvps.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.227.163.112 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 OPR/120.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:36 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:38 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:40 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 4:41 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.15 Host Name: 45.131.195.15 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.15 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:42 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:48 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:55 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:57 a.m.] [403 GET Request: April 1, 2026 4:57 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:58 a.m.] [403 GET Request: April 1, 2026 4:59 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/seoplugins/index.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:59 a.m.] [403 GET Request: April 1, 2026 4:59 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/classwithtostring.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 4:59 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/file.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 5:00 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/dummyyummy/wp-signup.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 5:00 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/chosen.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:00 a.m.] [403 GET Request: April 1, 2026 5:00 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-admin/install.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 5:00 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/link.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 5:00 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/plugins.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:01 a.m.] [403 GET Request: April 1, 2026 5:02 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.116.48.67 Host Name: 20.116.48.67 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.116.48.67 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/index.php?p= QUERY_STRING: p= HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:06 a.m.] [405 HEAD Request: April 1, 2026 5:06 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 44.243.143.179 Host Name: ec2-44-243-143-179.us-west-2.compute.amazonaws.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 44.243.143.179 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: /gasthaus-urzoo QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:07 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:11 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 5:11 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.45 Host Name: 45.131.195.45 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.45 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:12 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:16 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:22 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 5:26 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 161.35.214.249 Host Name: 161.35.214.249 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 161.35.214.249 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:32 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:34 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:40 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 5:40 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.34 Host Name: 45.131.195.34 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.34 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:42 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:47 a.m.] [403 GET Request: April 1, 2026 5:49 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 45.94.31.15 Host Name: 45.94.31.15 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.94.31.15 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/fix/up.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36 [403 GET Request: April 1, 2026 5:49 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 45.94.31.15 Host Name: 45.94.31.15 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.94.31.15 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/apikey/apikey.php?test=hello QUERY_STRING: test=hello HTTP_USER_AGENT: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:54 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:59 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:04 a.m.] [403 GET Request: April 1, 2026 6:04 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 6:04 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/admin.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:05 a.m.] [403 GET Request: April 1, 2026 6:05 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/yanierin/akcc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 6:05 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/index.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:08 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:09 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 6:11 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.30 Host Name: 45.131.195.30 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.30 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:15 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:26 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 6:29 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 161.35.214.249 Host Name: 161.35.214.249 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 161.35.214.249 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 OPR/120.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:42 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 6:42 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.23 Host Name: 45.131.195.23 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.23 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:43 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:45 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:53 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:56 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 6:57 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:02 a.m.] [403 GET Request: April 1, 2026 7:05 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.216.179.254 Host Name: 20.216.179.254 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.216.179.254 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:05 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:06 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 7:07 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 148.230.84.182 Host Name: srv1041736.hstgr.cloud SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 148.230.84.182 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:08 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:09 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:12 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 7:15 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.3 Host Name: 45.131.195.3 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.3 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:22 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:33 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:34 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:38 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:41 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:44 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 7:49 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.17 Host Name: 45.131.195.17 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.17 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:50 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 7:50 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 85.214.232.59 Host Name: h2955905.stratoserver.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 85.214.232.59 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Login Form - POST Request Logged: April 1, 2026 - 7:51 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 149.202.83.206 Host Name: ns3019395.ip-149-202-83.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 149.202.83.206 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:53 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:55 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 7:57 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:09 a.m.] [403 GET Request: April 1, 2026 8:09 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 149.102.225.177 Host Name: unn-149-102-225-177.datapacket.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 149.102.225.177 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://www.pureoutdoor.de/ QUERY_STRING: url=https://www.pureoutdoor.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:11 a.m.] [403 GET Request: April 1, 2026 8:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.144 Host Name: 172.70.243.144 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.144 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/logs/HEAD QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 8:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.144 Host Name: 172.70.243.144 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.144 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/index QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 8:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.242.236 Host Name: 172.70.242.236 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.242.236 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/refs/heads/master QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 8:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.242.236 Host Name: 172.70.242.236 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.242.236 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/refs/heads/main QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 8:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.144 Host Name: 172.70.243.144 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.144 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/HEAD QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 8:12 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 172.70.243.144 Host Name: 172.70.243.144 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.70.243.144 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/config QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:12 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:13 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:14 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:16 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:21 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 8:24 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 147.182.243.3 Host Name: 147.182.243.3 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 147.182.243.3 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:24 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 8:24 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.50 Host Name: 45.131.195.50 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.50 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:26 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 8:28 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 161.35.214.249 Host Name: 161.35.214.249 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 161.35.214.249 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:28 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:31 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 8:33 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.82.122.124 Host Name: f93.online-web.space SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.82.122.124 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:33 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:40 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:41 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:43 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 8:44 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 51.75.54.138 Host Name: ns31131834.ip-51-75-54.eu SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 51.75.54.138 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 [Login Form - POST Request Logged: April 1, 2026 - 8:47 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 20.212.251.69 Host Name: 20.212.251.69 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.212.251.69 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Login Form - POST Request Logged: April 1, 2026 - 8:47 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 20.212.251.69 Host Name: 20.212.251.69 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.212.251.69 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:48 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:53 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 8:57 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.16 Host Name: 45.131.195.16 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.16 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:57 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 8:59 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:07 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 9:09 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 205.185.123.125 Host Name: 205.185.123.125 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.185.123.125 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:09 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:12 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 9:14 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 161.35.214.249 Host Name: 161.35.214.249 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 161.35.214.249 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:19 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:22 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:29 a.m.] [403 GET Request: April 1, 2026 9:29 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 9:29 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/admin.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 9:30 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/yanierin/akcc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 9:30 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.205.1.146 Host Name: 20.205.1.146 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.205.1.146 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/index.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:30 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 9:30 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.15 Host Name: 45.131.195.15 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.15 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:32 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 9:34 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 128.199.223.38 Host Name: 128.199.223.38 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 128.199.223.38 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:34 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:39 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:42 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:52 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 9:57 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:01 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 10:04 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.246 Host Name: 45.131.195.246 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.246 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:04 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:06 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:08 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 10:09 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 85.8.130.37 Host Name: 85.8.130.37 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 85.8.130.37 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:11 a.m.] [403 GET Request: April 1, 2026 10:13 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:13 a.m.] [403 GET Request: April 1, 2026 10:13 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/wp-conflg.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:13 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/cgi-bin/about.php7 QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:15 a.m.] [403 GET Request: April 1, 2026 10:15 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/wp-help/index.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:15 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/manager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:16 a.m.] [403 GET Request: April 1, 2026 10:16 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/wp.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:16 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2024/index.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:16 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.220.232.240 Host Name: 20.220.232.240 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.220.232.240 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/theme-compat/wp-conflg.php/wp-content/plugins/google-seo-rank/install.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:17 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:21 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:26 a.m.] [403 GET Request: April 1, 2026 10:27 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.203.215.185 Host Name: 20.203.215.185 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.203.215.185 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:27 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:28 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:28 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:29 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:30 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:31 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:35 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 10:37 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.48 Host Name: 45.131.195.48 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.48 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:37 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:39 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:41 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 10:42 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 80.211.229.185 Host Name: host185-229-211-80.serverdedicati.aruba.it SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 80.211.229.185 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:42 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:44 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:47 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:51 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:53 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:55 a.m.] [403 GET Request: April 1, 2026 10:55 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:55 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/wp-conflg.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:55 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/cgi-bin/about.php7 QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:56 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/wp-help/index.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:56 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/manager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:56 a.m.] [403 GET Request: April 1, 2026 10:56 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/wp.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:56 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2024/index.php QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 10:56 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.204.200.32 Host Name: 4.204.200.32 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.204.200.32 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/theme-compat/wp-conflg.php/wp-content/plugins/google-seo-rank/install.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 10:58 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 11:00 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 217.71.205.58 Host Name: suve2.suvestudio.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 217.71.205.58 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:00 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:01 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:02 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:05 a.m.] [403 GET Request: April 1, 2026 11:06 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 192.159.99.178 Host Name: 192.159.99.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 192.159.99.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://www.pureoutdoor.de/ QUERY_STRING: url=https://www.pureoutdoor.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:09 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 11:10 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 45.131.195.19 Host Name: 45.131.195.19 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.131.195.19 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:10 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:11 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:12 a.m.] [405 HEAD Request: April 1, 2026 11:14 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 35.209.126.113 Host Name: 113.126.209.35.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 35.209.126.113 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: scalaj-http/2.4.2 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:14 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:15 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 11:18 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 173.239.254.247 Host Name: 173.239.254.247 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 173.239.254.247 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:18 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:20 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:24 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:25 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 11:26 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 149.202.183.73 Host Name: 149.202.183.73 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 149.202.183.73 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:26 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:28 a.m.] [403 GET Request: April 1, 2026 11:28 am] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 129.212.229.119 Host Name: 129.212.229.119 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 129.212.229.119 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /skifahren-hochschwarzwald-alpen/wp-includes/id3/license.txt/blog//wp-json/oembed/1.0/embed?url=https://www.pureoutdoor.de/skifahren-hochschwarzwald-alpen/wp-includes/id3/license.txt/blog/ QUERY_STRING: url=https://www.pureoutdoor.de/skifahren-hochschwarzwald-alpen/wp-includes/id3/license.txt/blog/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:30 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:33 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:35 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:40 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:45 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:46 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:49 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:51 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:55 a.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 11:59 a.m.] [Login Form - POST Request Logged: April 1, 2026 - 11:59 a.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 157.230.98.69 Host Name: epic-moser.157-230-98-69.plesk.page SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 157.230.98.69 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:04 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:07 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:09 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:10 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:13 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 185.79.30.50 Host Name: vps1.sieinformatica.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.79.30.50 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Edg/137.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:13 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:17 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:19 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:24 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.47.233 Host Name: mail.espinoza.dev SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.47.233 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:24 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:25 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 173.239.254.242 Host Name: 173.239.254.242 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 173.239.254.242 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:25 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:27 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:27 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 79.137.80.80 Host Name: 79.137.80.80 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 79.137.80.80 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 OPR/119.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:29 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:33 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:34 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:35 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:38 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 161.97.166.122 Host Name: vmi2709689.contaboserver.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 161.97.166.122 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:38 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:41 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 152.228.135.83 Host Name: rdd-informatique.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 152.228.135.83 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 OPR/121.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:41 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:44 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 12:47 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 152.53.103.233 Host Name: v2202409230783285824.bestsrv.de SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 152.53.103.233 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:49 p.m.] [403 GET Request: April 1, 2026 12:53 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:53 p.m.] [403 GET Request: April 1, 2026 12:54 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/core-plugin/include.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:54 p.m.] [403 GET Request: April 1, 2026 12:54 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/index.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:55 p.m.] [403 GET Request: April 1, 2026 12:55 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 12:56 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/ QUERY_STRING: HTTP_USER_AGENT: [403 GET Request: April 1, 2026 12:56 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.48.232.178 Host Name: 20.48.232.178 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.48.232.178 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/index.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 12:58 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:07 p.m.] [403 GET Request: April 1, 2026 1:08 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 35.233.157.147 Host Name: 147.157.233.35.bc.googleusercontent.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 35.233.157.147 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /.git/config QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:08 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:13 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 1:15 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 172.176.155.194 Host Name: 172.176.155.194 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 172.176.155.194 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:17 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:23 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:24 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:28 p.m.] [403 GET Request: April 1, 2026 1:31 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 4.232.189.50 Host Name: 4.232.189.50 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.232.189.50 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:31 p.m.] [403 GET Request: April 1, 2026 1:32 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 4.232.189.50 Host Name: 4.232.189.50 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.232.189.50 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/theme-compat/chosen.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:32 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 1:32 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 193.19.109.78 Host Name: 193.19.109.78 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 193.19.109.78 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:33 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:34 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:42 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:47 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:49 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 1:57 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:02 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:03 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 211.169.178.4 Host Name: 211.169.178.4 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 211.169.178.4 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 OPR/120.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:06 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:08 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:11 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:12 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:14 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 51.75.233.102 Host Name: dedi3231121.eu.tuservidoronline.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 51.75.233.102 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.43 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 OPR/124.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:14 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:15 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:18 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:23 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:29 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:32 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 217.71.205.58 Host Name: suve2.suvestudio.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 217.71.205.58 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:35 p.m.] [403 GET Request: April 1, 2026 2:35 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 45.154.98.131 Host Name: 45.154.98.131.powered.by.rdp.sh SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.154.98.131 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/fix/up.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36 [403 GET Request: April 1, 2026 2:35 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 45.154.98.131 Host Name: 45.154.98.131.powered.by.rdp.sh SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 45.154.98.131 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/apikey/apikey.php?test=hello QUERY_STRING: test=hello HTTP_USER_AGENT: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:36 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:40 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:44 p.m.] [403 GET Request: April 1, 2026 2:48 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 158.158.51.236 Host Name: 158.158.51.236 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 158.158.51.236 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:48 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 2:48 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 173.239.254.249 Host Name: 173.239.254.249 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 173.239.254.249 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:49 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:54 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:58 p.m.] [403 GET Request: April 1, 2026 2:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.200.222.0 Host Name: 20.200.222.0 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.200.222.0 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 2:58 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.200.222.0 Host Name: 20.200.222.0 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.200.222.0 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/admin.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 2:59 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.200.222.0 Host Name: 20.200.222.0 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.200.222.0 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/yanierin/akcc.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [403 GET Request: April 1, 2026 2:59 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: UAEGWR-HPRA Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/ REMOTE_ADDR: 20.200.222.0 Host Name: 20.200.222.0 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.200.222.0 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/index.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 2:59 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 3:03 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 209.141.59.141 Host Name: mail.investmentpulse.ltd SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 209.141.59.141 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:03 p.m.] [403 GET Request: April 1, 2026 3:07 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 146.70.178.116 Host Name: 146.70.178.116 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 146.70.178.116 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/ QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:07 p.m.] [403 GET Request: April 1, 2026 3:07 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 146.70.178.116 Host Name: 146.70.178.116 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 146.70.178.116 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/ QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:08 p.m.] [403 GET Request: April 1, 2026 3:09 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 146.70.178.116 Host Name: 146.70.178.116 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 146.70.178.116 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-includes/theme-compat/ QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:09 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:14 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:19 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:21 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:22 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:24 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:26 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:27 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 3:31 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 104.37.174.183 Host Name: tebbenscamper.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 104.37.174.183 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:141.0) Gecko/20100101 Firefox/141.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:31 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 3:32 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 163.61.60.30 Host Name: 163.61.60.30 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 163.61.60.30 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:32 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:34 p.m.] [403 GET Request: April 1, 2026 3:34 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 20.238.36.81 Host Name: 20.238.36.81 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.238.36.81 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/hellopress/wp_filemanager.php QUERY_STRING: HTTP_USER_AGENT: [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:40 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:43 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:48 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:53 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:57 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 3:58 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:02 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:04 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:08 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:11 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:13 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:15 p.m.] [Login Form - POST Request Logged: April 1, 2026 - 4:15 p.m.] BPS Pro: 17.5 WP: 6.9.4 CAPTCHA Entered: BOT/HUMAN: Most Likely a SpamBot REMOTE_ADDR: 173.239.254.248 Host Name: 173.239.254.248 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 173.239.254.248 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:18 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:23 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:27 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:28 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:33 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:38 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:39 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:43 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:46 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:46 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:48 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:50 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:52 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 4:58 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:01 p.m.] [403 GET Request: April 1, 2026 5:01 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 2.58.56.120 Host Name: 2.58.56.120.powered.by.rdp.sh SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 2.58.56.120 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /cgi-bin/postnews.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 7.0; SM-G892A) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.107 Mobile Safari/537.36 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:03 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:08 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:12 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:17 p.m.] [405 HEAD Request: April 1, 2026 5:22 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 185.242.3.19 Host Name: 185.242.3.19 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.242.3.19 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: python-requests/2.32.4 [405 HEAD Request: April 1, 2026 5:22 pm] BPS Pro: 17.5 WP: 6.9.4 Event Code: BFHS-HEAD - HEAD Request Blocked Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 185.242.3.19 Host Name: 185.242.3.19 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 185.242.3.19 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: HEAD HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: python-requests/2.32.4 [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:22 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:27 p.m.] [Internal Usage: AFS Cron: ARQ FS File Exists: ARQ Cron was not turned On | April 1, 2026 - 5:30 p.m.]