๐บ๐ธ
TPI-Abuse
2026-07-16 19:48:11
(5 minutes ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:48:03.592649 2026] [security2:error] [pid 28337:tid 28337] [client 43.161.220.57:54614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmexico.co"] [uri "/.env.swp"] [unique_id "alk1c2hSr0moksRjQwittAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:51:10
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:48:44.679657 2026] [security2:error] [pid 32479:tid 32479] [client 43.161.220.57:60390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.forum.kleens-uk.com"] [uri "/.env.dist"] [unique_id "alknjH9xBAVa2C8OUdcXNQAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:15:25
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:15:17.433430 2026] [security2:error] [pid 31900:tid 31900] [client 43.161.220.57:36360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kraftrealestate.kraftrentals.com"] [uri "/old/.env"] [unique_id "alkftUrYNGsrX8AqnuhG0AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-16 17:59:20
(1 hour ago)
Sensitive File Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:42:59
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:42:42.123644 2026] [security2:error] [pid 13236:tid 13321] [client 43.161.220.57:48792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dermatologybriargate.com"] [uri "/.env.old"] [unique_id "alkYEhgj19VxACadNTUewwAAAgo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:23:01
(2 hours ago)
(mod_security) mod_security (id:210730) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:22:53.558264 2026] [security2:error] [pid 8050:tid 8050] [client 43.161.220.57:45196] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||industrialovens.us.daveweisman.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "industrialovens.us.daveweisman.com"] [uri "/config/master.key"] [unique_id "alkTbRff40oDInGJwBBsSwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:54:44
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:54:35.978982 2026] [security2:error] [pid 11670:tid 11670] [client 43.161.220.57:57012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dodojuice.com"] [uri "/.env.old"] [unique_id "alkMywj-_ClyxFLiMjm8SAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-16 16:45:23
(3 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:37:19
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:37:14.431772 2026] [security2:error] [pid 30907:tid 30907] [client 43.161.220.57:60782] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hker.org"] [uri "/.env.staging"] [unique_id "alkIujG-nVsjy02CjZ0f-gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 16:10:05
(3 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:55:45
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:55:41.748289 2026] [security2:error] [pid 11181:tid 11204] [client 43.161.220.57:34704] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globaldental.mcprocapital.com"] [uri "/.env.dev"] [unique_id "alj-_XL3ChtI48MPNkcqQwAAAUw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:11:49
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 43.161.220.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:11:38.887361 2026] [security2:error] [pid 22767:tid 22767] [client 43.161.220.57:41080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dreamhomeappraisalservices.com"] [uri "/.env"] [unique_id "alj0qhNRCVqrp8MV3IVD3QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack