๐ง๐ช
Saec
2026-07-02 08:30:13
(2 hours ago)
Jarvis auto-ban: CF honeypot path /wp-login.php (1ร on saec.me)
Port Scan
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-23 20:10:35
(1 week ago)
Web App Attack
Web App Attack
Anonymous
2026-06-12 11:00:55
(2 weeks ago)
2026-06-12T13:00:54.353960+02:00 zanati wp(www.sahpa.co.za)[1288643]: Blocked authentication attempt ...
show more
2026-06-12T13:00:54.353960+02:00 zanati wp(www.sahpa.co.za)[1288643]: Blocked authentication attempt for LisaNcube from 194.99.26.35
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-07 18:56:10
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 14:56:05.533520 2026] [security2:error] [pid 2070:tid 2070] [client 194.99.26.35:23555] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gulftelecom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gulftelecom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afzgRSBitsKDTna9nTQTcQAAAAo"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-27 11:39:34
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 07:39:29.021404 2026] [security2:error] [pid 7576:tid 7576] [client 194.99.26.35:24393] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||saimedo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saimedo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae9K8f_RRhchSIde6j7L7AAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-04-13 10:51:00
(2 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-12 14:06:18
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 10:06:11.144015 2026] [security2:error] [pid 2500815:tid 2500815] [client 194.99.26.35:50205] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brennanarchitecture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brennanarchitecture.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adum0zkUmpBPjKByOoR0dwAAAAs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
wil.com
2025-03-28 08:44:09
(1 year ago)
GlobalProtect login attempts with user daoconnor.
VPN IP
Brute-Force
๐ธ๐ช
OnTheEdge
2025-03-14 17:43:12
(1 year ago)
Password spraying. Multiple unauthorized login attempts
Hacking
Web App Attack
๐จ๐ฟ
lp
2025-03-05 11:50:34
(1 year ago)
Unauthorized VPN login attempts: 2 attempts were recorded from 194.99.26.35
2025-03-05T12:12:25+01:0 ...
show more
Unauthorized VPN login attempts: 2 attempts were recorded from 194.99.26.35
2025-03-05T12:12:25+01:00 vpn Access-Reject 'rolland' station: 194.99.26.35 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
2025-03-05T12:37:13+01:00 vpn Access-Reject 'probes' station: 194.99.26.35 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-03-02 02:49:58
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.26.35
2025-03-02T02:41:39+01:0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.26.35
2025-03-02T02:41:39+01:00 vpn Access-Reject 'anader' station: 194.99.26.35 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-02-28 07:21:43
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.26.35
2025-02-28T07:56:40+01:0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.26.35
2025-02-28T07:56:40+01:00 vpn Access-Reject 'elicit' station: 194.99.26.35 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
Anonymous
2024-07-20 01:31:18
(1 year ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2024-06-01 12:03:59
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 01 08:03:55.094388 2024] [security2:error] [pid 22734] [client 194.99.26.35:36745] [client 194.99.26.35] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thebumans.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thebumans.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlsOKy4b2xdCB1z2FSdLYgAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-05-28 03:07:53
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.26.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 27 23:07:45.356911 2024] [security2:error] [pid 13931:tid 47013707654912] [client 194.99.26.35:48339] [client 194.99.26.35] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dibble.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dibble.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlVKgefMTBXOgfQ39ydzcAAAAEs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack