๐ฌ๐ท
setupgr
2026-07-18 03:27:03
(9 hours ago)
(mod_security) mod_security (id:11000010) triggered by 148.113.128.110 (CA/Canada/Quebec/Beauharnois ...
show more
(mod_security) mod_security (id:11000010) triggered by 148.113.128.110 (CA/Canada/Quebec/Beauharnois/-/[AS16276 OVH]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Sat Jul 18 06:26:59.180969 2026] [security2:error] [pid 1108425:tid 1108446] [remote 148.113.128.110:37132] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "AhrefsBot" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "114"] [id "11000010"] [msg "BLOCKED BOT: AhrefsBot on ftiaxtomonosou.gr"] [severity "CRITICAL"] [hostname "ftiaxtomonosou.gr"] [uri "/%CE%B1%CE%BD%CE%B1%CE%BA%CE%B1%CE%AF%CE%BD%CE%B9%CF%83%CE%B7_%CE%B5%CF%80%CE%B1%CE%B3%CE%B3%CE%B5%CE%BB%CE%BC%CE%B1%CF%84%CE%B9%CE%BA%CF%8E%CE%BD_%CF%87%CF%8E%CF%81%CF%89%CE%BD/%CE%B5%CF%80%CE%B9%CF%80%CE%BB%CE%B1-%CE%B3%CF%81%CE%B1%CF%86%CE%B5%CE%AF%CF%89%CE%BD/"] [unique_id "alryg9x611pRzQsQDrRCGAAAEhQ"]
show less
Port Scan
๐ฉ๐ช
ghostwarriors
2026-06-28 14:21:20
(2 weeks ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 07:02:11
(3 weeks ago)
[ns41.kdns.gr] httpd-noisy-crawler-swarm: sites=monastiria.gr; logs=/var/log/httpd/domains/monastiri ...
show more
[ns41.kdns.gr] httpd-noisy-crawler-swarm: sites=monastiria.gr; logs=/var/log/httpd/domains/monastiria.gr.log; samples=crawler=ahrefsbot | window=5m | distinct_ips=120
show less
Hacking
Web App Attack
๐บ๐ธ
etu brutus
2026-06-13 00:14:54
(1 month ago)
148.113.128.110 Blocked by [Attack Vector List]
...
Hacking
Brute-Force
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-06-11 12:11:35
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 148.113.128.110 (proxy-ca014-san110.ahrefs.net) ...
show more
(mod_security) mod_security (id:210730) triggered by 148.113.128.110 (proxy-ca014-san110.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:11:28.100063 2026] [security2:error] [pid 15558:tid 15558] [client 148.113.128.110:51626] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||med-engineering.com|F|2"] [data ".mxku.med-engineering.com.tnw.cs"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "med-engineering.com"] [uri "/gud.mxku.med-engineering.com.tnw.cs"] [unique_id "aiql8NepID4adiO5fRDWGwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-06-08 14:20:25
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
netclix.gr
2026-06-06 01:46:35
(1 month ago)
(bot_qv) Bot Scraping QuickView 148.113.128.110 (CA/Canada/proxy-ca014-san110.ahrefs.net): 1 in the ...
show more
(bot_qv) Bot Scraping QuickView 148.113.128.110 (CA/Canada/proxy-ca014-san110.ahrefs.net): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 148.113.128.110 - - [06/Jun/2026:04:46:34 +0300] "GET /index.php?dispatch=products.quick_view&product_id=7762&prev_url=index.php%3Fdispatch%3Dproducts.bestsellers%26page%3D190&n_items=7837%2C7834%2C7833%2C7832%2C7807%2C7803%2C7802%2C7796%2C7779%2C7776%2C7762%2C7753 HTTP/2.0" 302 0 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
show less
Port Scan
๐ฉ๐ช
ghostwarriors
2026-05-26 02:50:43
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-05-19 07:20:12
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
HandyTreff.de
2026-05-05 10:20:03
(2 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -77.109 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -77.109 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-30 03:11:10
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 148.113.128.110 (proxy-ca014-san110.ahrefs.net) ...
show more
(mod_security) mod_security (id:210730) triggered by 148.113.128.110 (proxy-ca014-san110.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 23:11:06.003510 2026] [security2:error] [pid 10136:tid 10136] [client 148.113.128.110:54038] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.med-engineering.com|F|2"] [data ".wsfki.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/www.wsfki.com"] [unique_id "afLISnvEcbh7bIS6744lAQAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-04-28 06:13:09
(2 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 148.113.128.110 (CA/ ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 148.113.128.110 (CA/Canada/proxy-ca014-san110.ahrefs.net)
show less
Bad Web Bot
๐ฎ๐ช
Jim Keir
2026-04-08 08:15:19
(3 months ago)
2026-04-08 08:15:19 148.113.128.110 Bad bot, blocking Mozilla/5.0
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-07 21:17:40
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 148.113.128.110 (proxy-ca014-san110.ahrefs.net) ...
show more
(mod_security) mod_security (id:210730) triggered by 148.113.128.110 (proxy-ca014-san110.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 17:17:37.156796 2026] [security2:error] [pid 2398105:tid 2398105] [client 148.113.128.110:33834] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Lift Chairs/Thumbs.db"] [unique_id "adV0cRe_rYO2begaEzVU6gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
rtbh.com.tr
2026-03-25 20:12:15
(3 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force