๐บ๐ธ
TPI-Abuse
2026-07-04 19:32:13
(1 day ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 15:32:09.530712 2026] [security2:error] [pid 30307:tid 30307] [client 120.82.83.91:5619] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||palmerattaway.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "palmerattaway.com"] [uri "/"] [unique_id "aklfudmlKwCM8A7sYlUFWgAAAAU"], referer: http://palmerattaway.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 05:57:01
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:56:53.531823 2026] [security2:error] [pid 14965:tid 14965] [client 120.82.83.91:53832] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||marijuanajoint.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "marijuanajoint.com"] [uri "/"] [unique_id "akigpaRQ2WNwyxCAbTrwKgAAAB0"], referer: http://marijuanajoint.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:43:17
(6 days ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:43:10.354939 2026] [security2:error] [pid 7516:tid 7516] [client 120.82.83.91:49200] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.mapleleaf-marketing.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mapleleaf-marketing.com"] [uri "/"] [unique_id "akNlfpTPC4v2WZzezkG9MQAAAAM"], referer: http://www.mapleleaf-marketing.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 00:51:25
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:51:21.380136 2026] [security2:error] [pid 11495:tid 11495] [client 120.82.83.91:51854] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||lmv.us|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "lmv.us"] [uri "/"] [unique_id "akHBiQEicGzC_E5RZphtWgAAAAQ"], referer: http://lmv.us/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 10:05:17
(3 weeks ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:05:06.268095 2026] [security2:error] [pid 31331:tid 31331] [client 120.82.83.91:8528] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.atmaharg.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.atmaharg.com"] [uri "/"] [unique_id "ai580mqzdlo_NFCMN3gtsQAAAAA"], referer: http://www.atmaharg.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 15:28:39
(3 weeks ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:28:30.996692 2026] [security2:error] [pid 22726:tid 22726] [client 120.82.83.91:11058] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.captechtraining.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.captechtraining.com"] [uri "/"] [unique_id "airUHuJEUxH-yC6ZAv5VPgAAABc"], referer: http://www.captechtraining.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 10:10:47
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 06:10:43.379996 2026] [security2:error] [pid 30762:tid 30762] [client 120.82.83.91:64783] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||metalgecko.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "metalgecko.com"] [uri "/"] [unique_id "ahAro_JMzkTxVjfMLc3NxwAAAE0"], referer: http://metalgecko.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 20:56:41
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 16:56:36.420993 2026] [security2:error] [pid 18671:tid 18671] [client 120.82.83.91:61874] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.tataylor.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.tataylor.net"] [uri "/"] [unique_id "ag9xhL0fl9aguf8mSZ5yfgAAAA4"], referer: http://www.tataylor.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-05-14 23:03:39
(1 month ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.82.83.91
2026-05-14 15: ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.82.83.91
2026-05-14 15:13:43 /
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-13 23:50:15
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 13 19:50:08.212143 2026] [security2:error] [pid 8141:tid 8141] [client 120.82.83.91:19828] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||markthwaite.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "markthwaite.com"] [uri "/"] [unique_id "agUOMMpvgNmaZPR4uuUHpQAAAAw"], referer: http://markthwaite.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-05-09 23:08:30
(1 month ago)
ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.83.91
2026-05- ...
show more
ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.83.91
2026-05-09 19:58:43 /config.json
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-10-06 22:48:56
(8 months ago)
ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/120.82.83.91
2025- ...
show more
ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/120.82.83.91
2025-10-06 10:36:57 /explore/projects?non_archived=true&page=1&sort=latest_activity_desc
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-05-05 23:23:36
(1 year ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.82.83.91
2025-05-05 05: ...
show more
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.82.83.91
2025-05-05 05:32:12 /
show less
Web App Attack
๐ฟ๐ฆ
IrisFlower
2023-05-18 23:55:02
(3 years ago)
Unauthorized connection attempt detected from IP address 120.82.83.91 to port 443 [J]
Port Scan
Hacking