๐ณ๐ฑ
homeshowdomain.nl
2026-07-02 21:59:26
(17 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-01.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-07-02 11:00:28
(1 day ago)
64.83.70.71 - - [02/Jul/2026:13:00:27 +0200] "GET /.git/HEAD HTTP/1.1" 404 446 "-" "Mozilla/5.0 (Mac ...
show more
64.83.70.71 - - [02/Jul/2026:13:00:27 +0200] "GET /.git/HEAD HTTP/1.1" 404 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
64.83.70.71 - - [02/Jul/2026:13:00:27 +0200] "GET /.git/HEAD HTTP/1.1" 404 249 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
64.83.70.71 - - [02/Jul/2026:13:00:27 +0200] "GET /.env HTTP/1.1" 404 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
64.83.70.71 - - [02/Jul/2026:13:00:27 +0200] "GET /.env HTTP/1.1" 404 249 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
64.83.70.71 - - [02/Jul/2026:13:00:27 +0200] "GET /.env.local HTTP/1.1" 404 446 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:59:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:59:40.911712 2026] [security2:error] [pid 31997:tid 32097] [client 64.83.70.71:36122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "julianositalianrestaurant.com.ceol.us"] [uri "/.git/HEAD"] [unique_id "akY2jLKD-Oig04Pqns3gLQAAAM4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:51:55
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:51:48.382850 2026] [security2:error] [pid 2864:tid 2864] [client 64.83.70.71:50972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knuf.fritsknuf.com"] [uri "/.git/HEAD"] [unique_id "akYmpOu1yNJCr7PNsze3sAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:35:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:34:59.734648 2026] [security2:error] [pid 17736:tid 17736] [client 64.83.70.71:53710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lobstersupplier.wholesalelivelobsters.com"] [uri "/.git/HEAD"] [unique_id "akYis12rBgxw4MrW1own8gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
largo-it.net
2026-07-02 06:50:54
(1 day ago)
Jul 2 08:50:48 vps-9f3cdc33 haproxy[1111595]: 64.83.70.71:52878 [02/Jul/2026:08:50:48.262] www_fron ...
show more
Jul 2 08:50:48 vps-9f3cdc33 haproxy[1111595]: 64.83.70.71:52878 [02/Jul/2026:08:50:48.262] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/53/64 404 3252 - - ---- 63/8/0/0/0 0/0 "GET /env HTTP/1.1"
Jul 2 08:50:49 vps-9f3cdc33 haproxy[1111595]: 64.83.70.71:40790 [02/Jul/2026:08:50:49.835] www_frontend~ finance_cluster/finance1_test1_https 0/0/10/46/56 404 3252 - - ---- 76/21/4/4/0 0/0 "GET /config.json HTTP/1.1"
Jul 2 08:50:49 vps-9f3cdc33 haproxy[1111595]: 64.83.70.71:40778 [02/Jul/2026:08:50:49.834] www_frontend~ finance_cluster/finance1_test1_https 0/0/10/55/65 404 3252 - - ---- 76/21/3/3/0 0/0 "GET /api/.env HTTP/1.1"
Jul 2 08:50:49 vps-9f3cdc33 haproxy[1111595]: 64.83.70.71:40816 [02/Jul/2026:08:50:49.835] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/58/69 404 3252 - - ---- 76/21/2/2/0 0/0 "GET /js/config.js HTTP/1.1"
Jul 2 08:50:49 vps-9f3cdc33 haproxy[1111595]: 64.83.70.71:40760 [02/Jul/2026:08:50:49.845] www_frontend~ finance_cluster/finance1_test1_ht
...
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 06:41:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:41:41.912830 2026] [security2:error] [pid 18350:tid 18353] [client 64.83.70.71:39340] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jupitermaturin.com.venezuelaguia.com"] [uri "/.git/HEAD"] [unique_id "akYIJf0_24VPBuhY8rkPtAAAAUE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-07-02 06:38:41
(1 day ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-02 06:30:01
(1 day ago)
ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
Anonymous
2026-07-02 05:31:49
(1 day ago)
(caddyscan) Scanner path probe from 64.83.70.71 (US/United States/-): 5 in the last 3600 secs; Ports ...
show more
(caddyscan) Scanner path probe from 64.83.70.71 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 64.83.70.71 - - [02/Jul/2026:05:31:47 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 64.83.70.71 - - [02/Jul/2026:05:31:47 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 64.83.70.71 - - [02/Jul/2026:05:31:47 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 64.83.70.71 - - [02/Jul/2026:05:31:47 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 64.83.70.71 - - [02/Jul/2026:05:31:47 +0000] "GET /.env.production HTTP/1.1"
show less
Port Scan
๐ณ๐ฑ
Site.eu
2026-07-02 05:18:19
(1 day ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
ghostwarriors
2026-07-02 04:50:06
(1 day ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-02 04:45:02
(1 day ago)
ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ฉ๐ช
big-cloud.nl
2026-07-02 04:36:25
(1 day ago)
Try to access /.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 04:32:23
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 64.83.70.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:32:18.744258 2026] [security2:error] [pid 32713:tid 32713] [client 64.83.70.71:45156] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livelovebee.liddlesports.com"] [uri "/.git/HEAD"] [unique_id "akXp0kee7-kicI7GTv1X9wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack