This IP address has been reported a total of
28
times from
21 distinct
sources.
212.237.122.106 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 | Attack Signatur ...
show moreBotnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 | Attack Signature Blocked: /wishlist/index/add/product/297/form_key/dzhXXz1S4VmlleRB/ | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gec...
show less
Hacking
Bad Web Bot
Web App Attack
Anonymous
host-ipset-guard auto-report; server=server.osotir.org; rule=httpd-storefront-action-burst; count=17 ...
show morehost-ipset-guard auto-report; server=server.osotir.org; rule=httpd-storefront-action-burst; count=17/15; duration=72h; scope=server.osotir.org; country=IQ; sites=osotir.org; samples=burst_window=1m | distinct_ips=17 | action_types=2
show less
Fail2Ban: 212.237.122.106 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/ ...
show moreFail2Ban: 212.237.122.106 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
show less
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
Anonymous
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.29 is noted in report tim ...
show moreAttempted brute force login to web vpn 1 time(s); last attempt for 2025.12.29 is noted in report timestamp
show less
(mod_security) mod_security (id:210350) triggered by 212.237.122.106 (-): 1 in the last 300 secs; Po ...
show more(mod_security) mod_security (id:210350) triggered by 212.237.122.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 18 08:20:06.714165 2025] [security2:error] [pid 4725:tid 4725] [client 212.237.122.106:23635] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.deerchristmascards.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.deerchristmascards.com"] [uri "/"] [unique_id "aUP_hpXwGNmI3DPYbZG9oAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.13 is noted in report tim ...
show moreAttempted brute force login to web vpn 1 time(s); last attempt for 2025.12.13 is noted in report timestamp
show less