Anonymous
2026-07-02 19:34:28
(13 minutes ago)
44.192.43.19 - - [02/Jul/2026:21:34:25 +0200] "POST //xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 ...
show more
44.192.43.19 - - [02/Jul/2026:21:34:25 +0200] "POST //xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
44.192.43.19 - - [02/Jul/2026:21:34:26 +0200] "POST //xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
44.192.43.19 - - [02/Jul/2026:21:34:26 +0200] "POST //xmlrpc.php HTTP/1.1" 200 591 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
44.192.43.19 - - [02/Jul/2026:21:34:27 +0200] "POST //xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
44.192.43.19 - - [02/Jul/2026:21:34:27 +0200] "POST //xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0
...
show less
Brute-Force
Web App Attack
๐ซ๐ฎ
stinpriza
2026-07-02 19:32:55
(14 minutes ago)
WP Authentication attempt for unknown user
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 19:27:52
(19 minutes ago)
(mod_security) mod_security (id:225170) triggered by 44.192.43.19 (ec2-44-192-43-19.compute-1.amazon ...
show more
(mod_security) mod_security (id:225170) triggered by 44.192.43.19 (ec2-44-192-43-19.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:27:45.525730 2026] [security2:error] [pid 24757:tid 24757] [client 44.192.43.19:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.yggdrasil.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.yggdrasil.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aka7sceiabwyQmSo07GVpwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-02 19:26:34
(21 minutes ago)
(PERMBLOCK) 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.amazonaws.com) has had more th ...
show more
(PERMBLOCK) 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.amazonaws.com) has had more than 4 temp blocks
show less
Hacking
๐ฆ๐น
neo72
2026-07-02 19:23:50
(23 minutes ago)
Detected malicious activity - bulk block
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 19:09:28
(38 minutes ago)
(mod_security) mod_security (id:225170) triggered by 44.192.43.19 (ec2-44-192-43-19.compute-1.amazon ...
show more
(mod_security) mod_security (id:225170) triggered by 44.192.43.19 (ec2-44-192-43-19.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:09:25.068419 2026] [security2:error] [pid 608:tid 608] [client 44.192.43.19:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kirklandhighlands.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kirklandhighlands.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aka3ZbcDyLZxATXt_Yjw9wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-02 18:26:03
(1 hour ago)
Wordfence waf block on restore georgia
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-02 18:08:16
(1 hour ago)
44.192.43.19 - - [02/Jul/2026:20:08:13 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6461 "-" "Mozilla/5.0 ...
show more
44.192.43.19 - - [02/Jul/2026:20:08:13 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6461 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
44.192.43.19 - - [02/Jul/2026:20:08:14 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6474 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
44.192.43.19 - - [02/Jul/2026:20:08:15 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6461 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
show less
Hacking
Web App Attack
๐ฉ๐ช
akasolutions.de
2026-07-02 18:06:58
(1 hour ago)
(wordpress) Failed wordpress login from 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.am ...
show more
(wordpress) Failed wordpress login from 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.amazonaws.com)
show less
Brute-Force
๐ฉ๐ช
rh24
2026-07-02 18:06:14
(1 hour ago)
(wordpress) Failed wordpress login from 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.am ...
show more
(wordpress) Failed wordpress login from 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.amazonaws.com): (CF_ENABLE)
show less
Brute-Force
๐ฆ๐บ
rubixstudios
2026-07-02 18:04:03
(1 hour ago)
Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360
DDoS Attack
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2026-07-02 18:02:09
(1 hour ago)
Bad_requests
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 18:00:05
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 44.192.43.19 (ec2-44-192-43-19.compute-1.amazon ...
show more
(mod_security) mod_security (id:225170) triggered by 44.192.43.19 (ec2-44-192-43-19.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 13:59:58.228291 2026] [security2:error] [pid 10044:tid 10057] [client 44.192.43.19:55201] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.killasgarage.bike|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.killasgarage.bike"] [uri "/wp-json/wp/v2/users/"] [unique_id "akanHq99RDFpeBvHpCczcgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-02 17:51:16
(1 hour ago)
[ThuJul0219:51:11.9053502026][security2:error][pid3276967:tid3277070][client44.192.43.19:0]ModSecuri ...
show more
[ThuJul0219:51:11.9053502026][security2:error][pid3276967:tid3277070][client44.192.43.19:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"studio-portale.ch\"][uri\"/xmlrpc.php\"][unique_id\"akalD9SdFZXmiGCCkM_xygAAAQU\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
maxpower
2026-07-02 17:50:58
(1 hour ago)
(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 44.192.43.19 (US/United States/ec2-44-192-43-1 ...
show more
(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 44.192.43.19 (US/United States/ec2-44-192-43-19.compute-1.amazonaws.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 44.192.43.19 - - [02/Jul/2026:19:50:54 +0200] "GET //wp-json/wp/v2/users/ HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-" host=www.poderedellatorre.it
44.192.43.19 - - [02/Jul/2026:19:50:55 +0200] "POST //xmlrpc.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-" host=www.poderedellatorre.it
44.192.43.19 - - [02/Jul/2026:19:50:56 +0200] "POST //xmlrpc.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-" host=www.poderedellatorre.it
show less
Port Scan