๐ฌ๐ง
consul.to
2026-07-01 15:44:51
(8 minutes ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-01 15:09:06
(44 minutes ago)
trolling for resource vulnerabilities
Web App Attack
Anonymous
2026-07-01 14:47:26
(1 hour ago)
36.40.69.35 - - [01/Jul/2026:22:47:25 +0800] "GET /.env.development HTTP/1.1" 404 196 "-" "Mozilla/5 ...
show more
36.40.69.35 - - [01/Jul/2026:22:47:25 +0800] "GET /.env.development HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 14:02:48
(1 hour ago)
36.40.69.35 - - [01/Jul/2026:16:02:47 +0200] "GET /.env HTTP/1.1" 404 11810 "-" "Mozilla/5.0 (Window ...
show more
36.40.69.35 - - [01/Jul/2026:16:02:47 +0200] "GET /.env HTTP/1.1" 404 11810 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-01 12:54:33
(2 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-01 12:46:39
(3 hours ago)
Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 11:59:51
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.40.69.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.69.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 07:59:43.528345 2026] [security2:error] [pid 8648:tid 8648] [client 36.40.69.35:33244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web136.dnchosting.com"] [uri "/.env.old"] [unique_id "akUBLwmcFCZnxSEkS81zXQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
gadix
2026-07-01 09:16:53
(6 hours ago)
[01/Jul/2026:11:16:49.738092 +0200] akTbAUk4lalLW0FUcoDHjAAAAAA 36.40.69.35 35350 127.0.0.1 7081
[01 ...
show more
[01/Jul/2026:11:16:49.738092 +0200] akTbAUk4lalLW0FUcoDHjAAAAAA 36.40.69.35 35350 127.0.0.1 7081
[01/Jul/2026:11:16:51.149500 +0200] akTbAxlZTqeR0D0tKYSn_QAAAAM 36.40.69.35 35360 127.0.0.1 7081
[01/Jul/2026:11:16:51.551006 +0200] akTbA_yWYHDGLxbgggTqcAAAAAo 36.40.69.35 35366 127.0.0.1 7081
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:59:18
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.40.69.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.69.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:59:13.750348 2026] [security2:error] [pid 32481:tid 32481] [client 36.40.69.35:51645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.perissos.mx.kevinfranz.com"] [uri "/.env.development"] [unique_id "akTW4cmgwdSSU-Uix0VjwwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:36:34
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.40.69.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.69.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:36:30.522476 2026] [security2:error] [pid 9705:tid 9705] [client 36.40.69.35:34790] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bookonline.lakewoodranchhairsalon.com"] [uri "/.env"] [unique_id "akTRjvG09lqHKicxUl2ViwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
alecj.com
2026-07-01 07:48:38
(8 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐ฌ๐ง
Axel
2026-07-01 06:44:02
(9 hours ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /client/.env ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /client/.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ฆ
URAN Publishing Service
2026-07-01 03:41:47
(12 hours ago)
36.40.69.35 - - [01/Jul/2026:06:41:45 +0300] "GET /storage/framework/.env HTTP/1.1" 404 731 "-" "Moz ...
show more
36.40.69.35 - - [01/Jul/2026:06:41:45 +0300] "GET /storage/framework/.env HTTP/1.1" 404 731 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
36.40.69.35 - - [01/Jul/2026:06:41:45 +0300] "GET /laravel/.env HTTP/1.1" 404 731 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Web App Attack
๐ฉ๐ช
webanyone
2026-07-01 02:45:42
(13 hours ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
Anonymous
2026-07-01 01:59:13
(13 hours ago)
36.40.69.35 - - [01/Jul/2026:01:59:12 +0000] "GET /.env.test HTTP/1.1" 403 12340 "-" "Mozilla/5.0 (W ...
show more
36.40.69.35 - - [01/Jul/2026:01:59:12 +0000] "GET /.env.test HTTP/1.1" 403 12340 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Bad Web Bot
Web App Attack