๐บ๐ธ
TPI-Abuse
2026-06-29 03:14:18
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:14:10.795891 2026] [security2:error] [pid 16301:tid 16317] [client 120.230.23.252:8382] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||unitedonegroup.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "unitedonegroup.com"] [uri "/"] [unique_id "akHjAsO4sKmafUnFrGdmmwAAAM4"], referer: http://unitedonegroup.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 20:47:33
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 16:47:28.555384 2026] [security2:error] [pid 29282:tid 29282] [client 120.230.23.252:2221] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||woosterclassof64.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "woosterclassof64.com"] [uri "/"] [unique_id "ajmfYF7Q4zUr2V4mo908JgAAAAk"], referer: http://woosterclassof64.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 21:23:01
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 17:22:10.411014 2026] [security2:error] [pid 20107:tid 20133] [client 120.230.23.252:12923] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.chriskovac.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.chriskovac.com"] [uri "/"] [unique_id "ah34AsGKN6FDnmYbyoSG3QAAABI"], referer: http://www.chriskovac.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 20:29:22
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:29:13.669387 2026] [security2:error] [pid 22552:tid 22552] [client 120.230.23.252:4529] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||angeltarrac.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "angeltarrac.com"] [uri "/"] [unique_id "ag4ZmZBeMc0dkOpvu7QJLQAAABM"], referer: http://angeltarrac.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-18 20:16:54
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 16:16:47.649757 2026] [security2:error] [pid 1875:tid 1918] [client 120.230.23.252:3096] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tvpin.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tvpin.com"] [uri "/index.cgi"] [unique_id "agtzr0bywyMjBVGBRgKvzAAAAg4"], referer: http://tvpin.com/index.cgi
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-05-06 00:37:38
(1 month ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.230.23.252
2026-05-05 1 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.230.23.252
2026-05-05 10:27:56 /config.json
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-03-31 23:24:28
(3 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.230.23.252
2026-03-31 0 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.230.23.252
2026-03-31 01:46:15 /robots.txt
2026-03-31 09:49:59 /config.json
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-25 01:12:15
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 20:12:11.086428 2026] [security2:error] [pid 16446:tid 16446] [client 120.230.23.252:11144] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||suretrap.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "suretrap.com"] [uri "/"] [unique_id "aZ5Ma82FCNWHWRZR6hA0DgAAAAY"], referer: http://suretrap.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 21:35:51
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 16:35:46.212221 2026] [security2:error] [pid 32213:tid 32213] [client 120.230.23.252:18828] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||agilesallc.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "agilesallc.net"] [uri "/"] [unique_id "aZjTsrbcgX0_44rfJDUz-QAAAAA"], referer: https://agilesallc.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 23:22:45
(4 months ago)
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.23.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 18:22:41.527958 2026] [security2:error] [pid 21800:tid 21800] [client 120.230.23.252:6845] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||meridianranchdrc.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "meridianranchdrc.org"] [uri "/"] [unique_id "aZebQUKCDzlpN60db8g9CQAAABA"], referer: https://meridianranchdrc.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-10-10 23:10:05
(8 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.230.23.252
2025-10-10 0 ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.230.23.252
2025-10-10 02:43:48 /config.json
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-06-01 23:39:23
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-06 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-06-01 16:33:07 /favicon.ico
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-05-06 23:53:31
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-05 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-05-06 12:55:19 /
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-05-01 23:57:12
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-05 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-05-01 04:00:19 /guard.html
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-04-01 00:29:12
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-03 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.230.23.252
2025-03-31 05:47:01 /explore/projects?non_archived=true&page=1&sort=latest_activity_desc
show less
Web App Attack