๐บ๐ธ
TPI-Abuse
2026-07-05 14:39:50
(4 days ago)
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:39:45.261248 2026] [security2:error] [pid 29214:tid 29214] [client 123.130.83.220:1498] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||candlecrawler.trade|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "candlecrawler.trade"] [uri "/"] [unique_id "akpssd8_3SQzt96jQYjRJgAAAAI"], referer: http://candlecrawler.trade/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:48:17
(6 days ago)
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:48:12.978547 2026] [security2:error] [pid 29322:tid 29322] [client 123.130.83.220:10219] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||sailingcharterburma.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sailingcharterburma.com"] [uri "/"] [unique_id "akguHHN23HgdgAO1KujHUAAAABI"], referer: http://sailingcharterburma.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:36:45
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:36:37.421029 2026] [security2:error] [pid 29538:tid 29538] [client 123.130.83.220:10515] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.buanamegah.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.buanamegah.com"] [uri "/"] [unique_id "akd0ldQFOzQ5LcfaWpv5gAAAABA"], referer: http://www.buanamegah.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 02:22:00
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 123.130.83.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:21:55.293552 2026] [security2:error] [pid 24374:tid 24374] [client 123.130.83.220:10442] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||harveyalperin.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "harveyalperin.com"] [uri "/"] [unique_id "akXLQ60S9clfPEjHKP0BCgAAAAM"], referer: http://harveyalperin.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-09-05 00:18:18
(10 months ago)
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/123.130.83.220
2025-09-0 ...
show more
ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/123.130.83.220
2025-09-04 05:50:54 /config.json
show less
Web App Attack