๐จ๐ญ
Zdenฤk Svancar
2026-07-05 19:52:34
(19 hours ago)
51.104.52.151 - - [05/Jul/2026:19:52:15 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (X11; L ...
show more
51.104.52.151 - - [05/Jul/2026:19:52:15 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
51.104.52.151 - - [05/Jul/2026:19:52:33 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 05:52:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 01:52:00.712573 2026] [security2:error] [pid 13732:tid 13825] [client 51.104.52.151:51103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totalservicesandmorellc.com"] [uri "/.env"] [unique_id "aknxAPN93uoEXvjFYigbqwAAAEs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-04 20:38:07
(1 day ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
k3rn3l109
2026-07-04 18:44:09
(1 day ago)
Sentinel honeypot: cf-waf-auto hit on sentinelmdm.com UA=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit ...
show more
Sentinel honeypot: cf-waf-auto hit on sentinelmdm.com UA=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 15:35:55
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:35:48.696289 2026] [security2:error] [pid 21268:tid 21268] [client 51.104.52.151:64137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elizabethkwon.com"] [uri "/.env"] [unique_id "akkoVAZ2un6OVQvSxNOSjQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 01:02:40
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:02:33.884019 2026] [security2:error] [pid 32238:tid 32238] [client 51.104.52.151:54465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galvanizetm.com"] [uri "/.env"] [unique_id "akhbqaAisjclWxaBsieLJQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:23:30
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:23:24.882882 2026] [security2:error] [pid 10796:tid 10796] [client 51.104.52.151:59486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ohioprocleaners.com"] [uri "/.env"] [unique_id "akg2XBAk9rDhi9hhWgWNDQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:11:57
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:11:50.599848 2026] [security2:error] [pid 17125:tid 17125] [client 51.104.52.151:56768] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apenglishexamprep.com"] [uri "/.env"] [unique_id "akftVtdoWkmai-NIlEfiKwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
securejdprop
2026-07-03 15:06:12
(3 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access. WAF block: crowdsecurit ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access. WAF block: crowdsecurity/vpatch-env-access from 51.104.52.151 (172.22.0.5)
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2026-05-21 17:05:09
(1 month ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 11:32:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 07:32:11.221175 2026] [security2:error] [pid 32135:tid 32135] [client 51.104.52.151:56339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lahamcustomwoods.com"] [uri "/.env"] [unique_id "ag7tOwAKtkRvVFuOogQSbgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-19 06:00:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 51.104.52.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 01:59:55.144036 2026] [security2:error] [pid 4488:tid 4488] [client 51.104.52.151:61791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pagescigars.com"] [uri "/.env"] [unique_id "agv8W61Ox6g2ynvW7HMdtwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-05-19 02:05:22
(1 month ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐ซ๐ท
Nexia
2026-05-18 23:02:58
(1 month ago)
[SENTINEL-HQ] Sentinel detected Critical Trap on /.env
Web App Attack
Anonymous
2026-05-18 22:46:39
(1 month ago)
"GET /.env HTTP/1.1"
Hacking
Web App Attack