๐บ๐ธ
TPI-Abuse
2026-07-09 15:24:47
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 204.217.131.53 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 204.217.131.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:24:42.973995 2026] [security2:error] [pid 18253:tid 18253] [client 204.217.131.53:26323] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||HOLGERFELD.com:80|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "holgerfeld.com"] [uri "/mailto:[email protected] "] [unique_id "ak-9Ooa7Vc9cCvNH_VMkOAAAAAA"], referer: http://HOLGERFELD.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
Aaaa Bbbb
2026-06-08 10:04:50
(1 month ago)
DNS Compromise
DNS Poisoning
Fraud Orders
DDoS Attack
FTP Brute-Force
Ping of Death
Phishing
Fraud VoIP
Open Proxy
Web Spam
Email Spam
Blog Spam
VPN IP
Port Scan
Hacking
SQL Injection
Spoofing
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
IoT Targeted
๐ช๐ธ
robotstxt
2026-03-24 17:48:41
(3 months ago)
204.217.131.53 - - [24/Mar/2026:17:48:20 +0000] "GET /mailto:[email protected] HTTP/1.1" 404 18537 "http ...
show more
204.217.131.53 - - [24/Mar/2026:17:48:20 +0000] "GET /mailto:[email protected] HTTP/1.1" 404 18537 "https://ccoo.app" rt="0.358" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" "-" h="ccoo.app" sn="ccoo.app" ru="/mailto:[email protected] " u="/index.php" ucs="-" ua="unix:/var/run/php/ccooapp82.sock" us="404" uct="0.000" urt="0.358"
204.217.131.53 - - [24/Mar/2026:17:48:23 +0000] "GET /mailto:[email protected] HTTP/1.1" 404 18537 "https://ccoo.app" rt="0.369" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" "-" h="ccoo.app" sn="ccoo.app" ru="/mailto:[email protected] " u="/index.php" ucs="-" ua="unix:/var/run/php/ccooapp82.sock" us="404" uct="0.000" urt="0.369"
204.217.131.53 - - [24/Mar/2026:17:48:26 +0000] "GET /mailto:[email protected] HTTP/1.1" 404 18537 "https://ccoo.app" rt="0.359" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrom
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-24 15:41:35
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 204.217.131.53 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 204.217.131.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 10:41:30.606739 2026] [security2:error] [pid 29912:tid 29912] [client 204.217.131.53:50391] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||CapitalSwissCorp.com:80|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capitalswisscorp.com"] [uri "/mailto:[email protected] "] [unique_id "aZ3GqvvpNUCcf3ejyAIDpQAAAAY"], referer: http://CapitalSwissCorp.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
threewalls.co.uk
2026-02-09 06:29:37
(5 months ago)
Triggered bot honeypot on thegardenrange.co.uk. Ignored nofollow and disallow directives.
Fraud Orders
FTP Brute-Force
Brute-Force
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-01-05 19:14:19
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 204.217.131.53 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 204.217.131.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 14:14:15.085929 2026] [security2:error] [pid 10998:tid 10998] [client 204.217.131.53:42427] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.holgerfeld.com:80|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.holgerfeld.com"] [uri "/mailto:[email protected] "] [unique_id "aVwNh_kfJP9XN25ruYAu9wAAAAc"], referer: http://www.holgerfeld.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2025-12-12 18:45:55
(6 months ago)
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-45.204.217.131.53.web-spamm ...
show more
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-45.204.217.131.53.web-spammers.v2.rbl.imunify.com._v4 succeeded.
show less
Web App Attack
๐ฉ๐ช
SCHAPPY
2025-12-01 01:37:43
(7 months ago)
Critical web app attack detected. Illegal Accept header: charset parameter
Web App Attack
๐ฌ๐ง
Steve
2025-11-24 13:04:02
(7 months ago)
Forum Spam
Web Spam
๐ฌ๐ง
Steve
2025-07-10 04:04:04
(1 year ago)
Forum Spam
Web Spam
๐ฎ๐ฉ
BPS-StatisticsIndonesia
2025-04-06 07:13:46
(1 year ago)
WP Login Scan Activities
Web App Attack
Anonymous
2025-02-26 04:04:08
(1 year ago)
wordpress-trap
Web App Attack