๐ง๐ช
cmbplf
2026-07-08 16:40:05
(3 hours ago)
4.815 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-07-08 16:18:19
(3 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-08 16:09:33
(3 hours ago)
[redacted] 136.64.248.27 - - [08/Jul/2026:18:09:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" " ...
show more
[redacted] 136.64.248.27 - - [08/Jul/2026:18:09:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 136.64.248.27 - - [08/Jul/2026:18:09:13 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 136.64.248.27 - - [08/Jul/2026:18:09:15 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 136.64.248.27 - - [08/Jul/2026:18:09:17 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 136.64.248.27 - - [08/Jul/2026:18:09:20 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) A
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 16:08:20
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 136.64.248.27 (27.248.64.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.64.248.27 (27.248.64.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 12:08:14.477652 2026] [security2:error] [pid 15278:tid 15278] [client 136.64.248.27:52515] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fixmyland.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fixmyland.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak517j63APL6oOgGHW5C4wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-08 16:06:34
(3 hours ago)
Abuse Detected (10)
Brute-Force
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-08 16:03:46
(3 hours ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-07-08 15:59:33
(4 hours ago)
[ns31.kdns.gr] httpd-xmlrpc-post: sites=www.chicnessnow.com; logs=/var/log/httpd/domains/chicnessnow ...
show more
[ns31.kdns.gr] httpd-xmlrpc-post: sites=www.chicnessnow.com; logs=/var/log/httpd/domains/chicnessnow.com.log; samples=//xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-08 15:46:34
(4 hours ago)
136.64.248.27 - - [08/Jul/2026:11:46:33 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1 ...
show more
136.64.248.27 - - [08/Jul/2026:11:46:33 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 22747 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:11:46:33 -0400] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 22737 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:11:46:33 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 22712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:11:46:34 -0400] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 22718 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:11:46:34 -0400] "GET //2019/wp-includes/wlwmani
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐พ
lns.bz
2026-07-08 15:41:57
(4 hours ago)
Too many 404 requests [BY]
Web App Attack
Anonymous
2026-07-08 15:30:07
(4 hours ago)
IP banned by Fail2Ban in jail wordpress
Web App Attack
Brute-Force
Bad Web Bot
Anonymous
2026-07-08 15:29:53
(4 hours ago)
136.64.248.27 - - [08/Jul/2026:17:29:51 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 " ...
show more
136.64.248.27 - - [08/Jul/2026:17:29:51 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:17:29:52 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:17:29:52 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:17:29:53 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.64.248.27 - - [08/Jul/2026:17:29:53 +0200] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-08 15:29:02
(4 hours ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ท๐บ
DZBOT
2026-07-08 15:27:37
(4 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฌ๐ท
setupgr
2026-07-08 15:27:34
(4 hours ago)
(XMLRPC) WP XMLRPC Attack 136.64.248.27 (US/United States/Iowa/Council Bluffs/-/[AS396982 GOOGLE-CLO ...
show more
(XMLRPC) WP XMLRPC Attack 136.64.248.27 (US/United States/Iowa/Council Bluffs/-/[AS396982 GOOGLE-CLOUD-PLATFORM]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 136.64.248.27 - - [08/Jul/2026:18:27:15 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 301 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
show less
Port Scan
๐ซ๐ท
dynamix
2026-07-08 15:26:58
(4 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack