wilderness - 5:02 am on Dec 14, 2012 (gmt 0)
Since, I have Allow All in this newly attacked site, then I have to Deny From aaa.bbb.ccc.ddd *again* for each of his attempts.
Denying to specific Class D IP, rather than the hosts entire IP range is a bad practice.
A solution is to use the SetEnvIfNoCase Referer (mod_setenvif; Apache)
In the log example you provided I see four potential words:
You'll also need to set an environment variable (env=), then add that variable word you select onto the end of SetEnvIfNoCase Referer line.