This IP address has been reported a total of
12
times from
8 distinct
sources.
36.40.86.106 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[TueJun3008:44:05.4212432026][security2:error][pid4036579:tid4036682][client36.40.86.106:0]ModSecuri ...
show more[TueJun3008:44:05.4212432026][security2:error][pid4036579:tid4036682][client36.40.86.106:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(\?:/\(\?:\^\|/\)\\\\\\\\.\(env\|git\|svn\|hg\|DS_Store\)\|/\(\?:wp-config\|\\\\\\\\.htaccess\|\\\\\\\\.htpasswd\)\|\\\\\\\\.\(\?:sql\|bak\|old\|log\)\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"www.distributori-automatici-sigarette-ticino.ch.136-243-54-122.cpanel.site\"][uri\"/.env.old\"][unique_id\"akNltUXP1Ngs8_q9zGeEoQAAAMU\"]
show less
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show moreAuto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
Anonymous
36.40.86.106 - - [26/Jun/2026:15:21:07 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows ...
show more36.40.86.106 - - [26/Jun/2026:15:21:07 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less