๐จ๐ญ
4server
2026-06-16 11:05:43
(3 weeks ago)
[TueJun1613:05:40.2162162026][security2:error][pid3895581:tid3896062][client79.137.86.214:0]ModSecur ...
show more
[TueJun1613:05:40.2162162026][security2:error][pid3895581:tid3896062][client79.137.86.214:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"filarmonicaagno.ch\"][uri\"/.env\"][unique_id\"ajEuBBcP7h_IoKukGKnUOQAAAQA\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 10:00:32
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:00:27.047114 2026] [security2:error] [pid 21017:tid 21017] [client 79.137.86.214:42870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.peggyannjones.us"] [uri "/.env"] [unique_id "ajEeuwxw07A6A9qxiurl1AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 09:33:43
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 05:33:39.221065 2026] [security2:error] [pid 11092:tid 11092] [client 79.137.86.214:51946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.guthrieclan.us"] [uri "/.env"] [unique_id "ajEYc5LYyVcYJ_wE9K9n5AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 06:50:31
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:50:27.556810 2026] [security2:error] [pid 27636:tid 27636] [client 79.137.86.214:52910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.glassicannex.org"] [uri "/.env"] [unique_id "ajDyM5qNuiAQt2NKL6s_JAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 00:21:32
(3 weeks ago)
Abuse Detected (2)
Brute-Force
Web App Attack
๐ฉ๐ช
Lino Project
2026-06-15 20:15:32
(3 weeks ago)
79.137.86.214 - - [15/Jun/2026:22:15:29 +0200] "GET /.env HTTP/1.1" 403 424 "-" "Mozilla/5.0 (Window ...
show more
79.137.86.214 - - [15/Jun/2026:22:15:29 +0200] "GET /.env HTTP/1.1" 403 424 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 18:19:48
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:19:42.726615 2026] [security2:error] [pid 25712:tid 25712] [client 79.137.86.214:43144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microscope.modelengines.info"] [uri "/.env"] [unique_id "ajBCPjSxqImXzruMuHOHGAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 17:38:02
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 79.137.86.214 (vps-65c17b01.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:37:57.153565 2026] [security2:error] [pid 12810:tid 12810] [client 79.137.86.214:40500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.robhoward.me"] [uri "/.env"] [unique_id "ajA4ddgfaoQazfSyqABQGgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-15 04:29:51
(3 weeks ago)
[MonJun1506:29:48.0926992026][security2:error][pid1430539:tid1430563][client79.137.86.214:0]ModSecur ...
show more
[MonJun1506:29:48.0926992026][security2:error][pid1430539:tid1430563][client79.137.86.214:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"spc-ticino.ch\"][uri\"/.env\"][unique_id\"ai9_vEKNQwoadlM64HvPqwAAAVM\"]
show less
Hacking
Web App Attack
๐ซ๐ท
ingroscart.it
2026-06-15 00:23:19
(3 weeks ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 79.137.86.214 (FR/France ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 79.137.86.214 (FR/France/vps-65c17b01.vps.ovh.net)
show less
Port Scan
๐ง๐ช
voormedia
2026-06-15 00:18:15
(3 weeks ago)
Accessed trap at '/.env'
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-14 16:52:15
(4 weeks ago)
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. O ...
show more
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 3 hits.
show less
Web App Attack
๐ฉ๐ช
iNetWorker
2026-06-14 08:43:43
(4 weeks ago)
trolling for resource vulnerabilities
Web App Attack
๐ง๐ท
Halux
2026-06-14 03:26:44
(4 weeks ago)
79.137.86.214 Probing protected path or service
Web App Attack
๐ง๐ท
vfAcceloReporter
2026-06-14 02:53:37
(4 weeks ago)
79.137.86.214 - - [13/Jun/2026:23:53:36 -0300] "GET /.env HTTP/1.1" 301 169 "https://www.vieirafilho ...
show more
79.137.86.214 - - [13/Jun/2026:23:53:36 -0300] "GET /.env HTTP/1.1" 301 169 "https://www.vieirafilho.ind.br/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0"
...
show less
Brute-Force
Web App Attack
Exploited Host