πΊπΈ
TPI-Abuse
2026-07-02 11:32:30
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:32:25.981165 2026] [security2:error] [pid 9109:tid 9109] [client 120.230.23.207:11406] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.paintriver.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.paintriver.com"] [uri "/"] [unique_id "akZMSRKo11X94MAkv2hbnAAAAAo"], referer: http://www.paintriver.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 04:51:46
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:51:42.457071 2026] [security2:error] [pid 1003:tid 1003] [client 120.230.23.207:11372] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||ic1.biz|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ic1.biz"] [uri "/index.html"] [unique_id "akXuXmY7X3f9GBdbyBl3iQAAAAk"], referer: http://ic1.biz/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 21:57:44
(2 weeks ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 17:57:38.962741 2026] [security2:error] [pid 24729:tid 24729] [client 120.230.23.207:10343] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||aokatheists.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "aokatheists.org"] [uri "/index.html"] [unique_id "ajxS0v6No6b5DWRWh-wV_AAAAAM"], referer: http://aokatheists.org/index.html
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-24 21:12:44
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 17:12:39.793442 2026] [security2:error] [pid 8575:tid 8575] [client 120.230.23.207:4588] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.sparler.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sparler.com"] [uri "/"] [unique_id "ahNpxy8RuOM_SSUCfPLREgAAABU"], referer: http://www.sparler.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-23 05:06:20
(3 months ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 01:06:12.486006 2026] [security2:error] [pid 9438:tid 9438] [client 120.230.23.207:12758] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||marilynmonroebookstore.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "marilynmonroebookstore.com"] [uri "/"] [unique_id "acDKRIe9B6_Hog-3WWGZwAAAAAQ"], referer: http://marilynmonroebookstore.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-22 03:01:40
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 22:01:33.812097 2026] [security2:error] [pid 7717:tid 7717] [client 120.230.23.207:13055] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||richardhellis-sculptor.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "richardhellis-sculptor.com"] [uri "/"] [unique_id "aZpxjU60ZgYKjy7PX4idywAAAAI"], referer: http://richardhellis-sculptor.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π³
ThreatBook.io
2025-03-28 00:01:03
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.207
2025-03 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.207
2025-03-27 06:13:31 /robots.txt
show less
Web App Attack
π¨π³
ThreatBook.io
2025-03-22 00:21:06
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.207
2025-03 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.207
2025-03-21 05:18:45 /
show less
Web App Attack
π¨π³
ThreatBook.io
2025-03-16 23:47:24
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.207
2025-03 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.207
2025-03-16 07:42:39 /robots.txt
show less
Web App Attack