๐บ๐ธ
TPI-Abuse
2026-05-06 14:23:03
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 149.88.20.98 (unn-149-88-20-98.datapacket.com): ...
show more
(mod_security) mod_security (id:210730) triggered by 149.88.20.98 (unn-149-88-20-98.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 10:22:57.226852 2026] [security2:error] [pid 27971:tid 27971] [client 149.88.20.98:58920] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||idodat.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "idodat.com"] [uri "/index.php.OLD"] [unique_id "aftOwanC3ztBPl33SXh-pwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐น
jcsnlistas
2026-03-27 15:17:00
(3 months ago)
webscan
Brute-Force
Web App Attack
๐ณ๐ฑ
Savvii
2025-11-17 06:35:27
(7 months ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2025-11-16 18:05:35
(8 months ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
๐ฌ๐ง
Globe2
2025-11-16 14:36:23
(8 months ago)
ModSec - Multiple 403s within a short period of time [server: H3]
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-16 09:48:59
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 149.88.20.98 (unn-149-88-20-98.datapacket.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 149.88.20.98 (unn-149-88-20-98.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 04:48:52.438960 2025] [security2:error] [pid 6269:tid 6269] [client 149.88.20.98:33494] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.maprada92.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.maprada92.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aRmeBCl1mxLeWc-s2N0ftgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
John Chrys.
2025-11-16 07:28:48
(8 months ago)
149.88.20.98 - - [16/Nov/2025:09:27:32 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 ...
show more
149.88.20.98 - - [16/Nov/2025:09:27:32 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
149.88.20.98 - - [16/Nov/2025:09:27:32 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
149.88.20.98 - - [16/Nov/2025:09:28:45 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
149.88.20.98 - - [16/Nov/2025:09:28:46 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
149.88.20.98 - - [16/Nov/2025:09:28:46 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
agenciahypelab.com.br
2025-11-15 21:59:44
(8 months ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐ฉ๐ช
rh24
2025-11-15 18:27:10
(8 months ago)
(wordpress) Failed wordpress login from 149.88.20.98 (PT/Portugal/unn-149-88-20-98.datapacket.com): ...
show more
(wordpress) Failed wordpress login from 149.88.20.98 (PT/Portugal/unn-149-88-20-98.datapacket.com): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
mnsf
2025-11-15 17:05:30
(8 months ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
Anonymous
2025-11-15 15:15:38
(8 months ago)
(wordpress) Failed wordpress login from 149.88.20.98 (PT/Portugal/Lisbon/Lisbon/unn-149-88-20-98.dat ...
show more
(wordpress) Failed wordpress login from 149.88.20.98 (PT/Portugal/Lisbon/Lisbon/unn-149-88-20-98.datapacket.com/[redacted])
show less
Brute-Force
๐ง๐ช
cmbplf
2025-11-15 14:57:59
(8 months ago)
9.593 POST requests in 1 hour (1w1d4h)
Brute-Force
Bad Web Bot
Anonymous
2025-11-15 12:39:57
(8 months ago)
(wordpress) Failed wordpress login from 149.88.20.98 (PT/Portugal/unn-149-88-20-98.datapacket.com)
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-15 12:36:59
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 149.88.20.98 (unn-149-88-20-98.datapacket.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 149.88.20.98 (unn-149-88-20-98.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 07:36:50.606747 2025] [security2:error] [pid 3183690:tid 3183690] [client 149.88.20.98:41958] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mcbrearty.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mcbrearty.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aRhz4s0m_ewzeDcbV7ry8wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
exxos
2025-09-19 15:03:01
(9 months ago)
Attacks with Bad user agents
Hacking