๐ง๐ช
cmbplf
2026-07-08 16:38:45
(17 hours ago)
5.487 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
๐บ๐ธ
mnsf
2026-07-08 16:06:29
(17 hours ago)
Abuse Detected (9)
Brute-Force
Web App Attack
๐ฉ๐ช
IVski
2026-07-08 15:59:31
(17 hours ago)
IVski WAF | WordPress scanner detected - probing wp-content, xmlrpc or wp-login
Port Scan
Brute-Force
Web App Attack
๐ฆ๐น
nomzamo
2026-07-08 15:56:18
(17 hours ago)
Fail2Ban reported: nginx-noscript
Brute-Force
๐ฉ๐ช
neckaralb-admin.de
2026-07-08 15:52:55
(17 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
Lunix
2026-07-08 15:42:05
(17 hours ago)
Brute-Force
Web App Attack
Anonymous
2026-07-08 15:41:46
(17 hours ago)
35.196.235.167 - - [08/Jul/2026:17:41:45 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 440 ...
show more
35.196.235.167 - - [08/Jul/2026:17:41:45 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.196.235.167 - - [08/Jul/2026:17:41:45 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 291 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.196.235.167 - - [08/Jul/2026:17:41:46 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.196.235.167 - - [08/Jul/2026:17:41:46 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 291 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.196.235.167 - - [08/Jul/2026:17:41:46 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 44
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-08 15:35:37
(18 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐จ๐ญ
zynex
2026-07-08 15:34:23
(18 hours ago)
URL Probing: /2019/wp-includes/wlwmanifest.xml
Web App Attack
Anonymous
2026-07-08 15:31:11
(18 hours ago)
(wordpress) Failed wordpress login from 35.196.235.167 (US/United States/167.235.196.35.bc.googleuse ...
show more
(wordpress) Failed wordpress login from 35.196.235.167 (US/United States/167.235.196.35.bc.googleusercontent.com)
show less
Brute-Force
Anonymous
2026-07-08 15:30:00
(18 hours ago)
[redacted] 35.196.235.167 - - [08/Jul/2026:17:29:52 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" ...
show more
[redacted] 35.196.235.167 - - [08/Jul/2026:17:29:52 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 35.196.235.167 - - [08/Jul/2026:17:29:53 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 35.196.235.167 - - [08/Jul/2026:17:29:54 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 35.196.235.167 - - [08/Jul/2026:17:29:54 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 35.196.235.167 - - [08/Jul/2026:17:29:55 +0200] "POST //xmlrpc.php HTTP/1
...
show less
Hacking
Web App Attack
๐ต๐พ
armandosaucedo.me
2026-07-08 15:25:48
(18 hours ago)
Threat Intelligence via ARMTI, Web Attack: GET //wp-includes/wlwmanifest.xml
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-07-08 15:23:18
(18 hours ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-08 15:19:41
(18 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.196.235.167 (167.235.196.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 35.196.235.167 (167.235.196.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:19:33.725289 2026] [security2:error] [pid 26686:tid 26748] [client 35.196.235.167:58583] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ethicmark.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ethicmark.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak5qhVtw3epGTySCpTD21AAAAJI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-08 15:11:39
(18 hours ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. O ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 19 hits.
show less
Brute-Force
Web App Attack