๐ฏ๐ต
S.O.B.A. Dev.
2026-07-10 12:20:08
(4 days ago)
Web vulnerability scanning
Brute-Force
Web Spam
Web App Attack
๐จ๐ญ
backslash
2026-07-10 12:06:00
(4 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
mnsf
2026-07-10 12:05:08
(4 days ago)
Abuse Detected (10)
Brute-Force
Web App Attack
Anonymous
2026-07-10 12:02:07
(4 days ago)
[redacted] 34.73.145.104 - - [10/Jul/2026:14:02:00 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" " ...
show more
[redacted] 34.73.145.104 - - [10/Jul/2026:14:02:00 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:14:02:01 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:14:02:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:14:02:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:14:02:03 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 12:01:07
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 34.73.145.104 (104.145.73.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.73.145.104 (104.145.73.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 08:01:01.089332 2026] [security2:error] [pid 4360:tid 4360] [client 34.73.145.104:64608] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dpcfab.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dpcfab.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alDe_eCi9jKlGuSwyEsCiwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
raph
2026-07-10 11:57:44
(4 days ago)
[Wordpress] crawler /wp-admin/*, /wp-content/*, etc.
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-07-10 11:46:02
(4 days ago)
ipoac.nl:443 34.73.145.104 - - [10/Jul/2026:13:46:01 +0200] ipoac.nl "GET //wp-includes/wlwmanifest. ...
show more
ipoac.nl:443 34.73.145.104 - - [10/Jul/2026:13:46:01 +0200] ipoac.nl "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 2012 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
show less
Bad Web Bot
Anonymous
2026-07-10 11:42:19
(4 days ago)
[redacted] 34.73.145.104 - - [10/Jul/2026:13:42:07 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" " ...
show more
[redacted] 34.73.145.104 - - [10/Jul/2026:13:42:07 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:13:42:08 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:13:42:09 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:13:42:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.73.145.104 - - [10/Jul/2026:13:42:12 +0200] "POST //xm
...
show less
Hacking
Web App Attack
๐ฎ๐น
VHosting
2026-07-10 11:35:04
(4 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ช๐ธ
pipeline.es
2026-07-10 11:30:58
(4 days ago)
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: qua ...
show more
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: qualodestino.pt 34.73.145.104 - - [10/Jul/2026:13:29:23 +0200] \"GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1\" 404 21348 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36\" GEOIP_COUNTRY_CODE=US | ASN: GOOGLE-CLOUD-PLATFORM | Country: US
show less
Port Scan
Web App Attack
Anonymous
2026-07-10 11:26:13
(4 days ago)
34.73.145.104 - - [10/Jul/2026:13:26:11 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 4974 ...
show more
34.73.145.104 - - [10/Jul/2026:13:26:11 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 4974 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.73.145.104 - - [10/Jul/2026:13:26:12 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4989 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.73.145.104 - - [10/Jul/2026:13:26:12 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4986 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.73.145.104 - - [10/Jul/2026:13:26:12 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 5004 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.73.145.104 - - [10/Jul/2026:13:26:13 +0200] "GET /website/wp-includes/wlwmanifest.xml HTTP
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
mondor.ro
2026-07-10 11:24:44
(4 days ago)
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.73.145.104, Reason: ...
show more
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.73.145.104, Reason:[(manifest) WordPress wlwmanifest.xml Attack 34.73.145.104 (US/United States/104.145.73.34.bc.googleusercontent.com): 10 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:
show less
Port Scan
๐จ๐ญ
Origon
2026-07-10 11:24:37
(4 days ago)
http-probing - IP: 34.73.145.104 - time="2026-07-10T13:24:37+02:00" level=info msg="(555f66b4f6a745 ...
show more
http-probing - IP: 34.73.145.104 - time="2026-07-10T13:24:37+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.73.145.104 (US/396982) : 4h ban on Ip 34.73.145.104" module=db
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 11:22:49
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 34.73.145.104 (104.145.73.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.73.145.104 (104.145.73.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 07:22:42.319884 2026] [security2:error] [pid 14820:tid 14820] [client 34.73.145.104:65097] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oliver.pattenden.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oliver.pattenden.com"] [uri "/web/wp-json/wp/v2/users/"] [unique_id "alDWAsd_oA8UGPrppH1aGwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 11:21:02
(4 days ago)
PSCSERV WPSCAN 34.73.145.104
Bad Web Bot
Web App Attack