๐บ๐ธ
TPI-Abuse
2026-07-08 04:56:03
(2 days ago)
(mod_security) mod_security (id:210831) triggered by 103.197.168.53 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 103.197.168.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 00:55:59.162427 2026] [security2:error] [pid 31543:tid 31543] [client 103.197.168.53:37125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||backstore.com|F|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/"] [unique_id "ak3YX4OahtQb_1f8mQNC4AAAAAg"], referer: https://kingslot96.godaddysites.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-06-20 06:22:26
(2 weeks ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /genshin-stella-mod | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0.1 Safari/605.1.15 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ต๐ฑ
sefinek.net
2026-06-15 08:54:06
(3 weeks ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /genshin-stella-mod | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Safari/605.1.15 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ช๐ธ
el-brujo
2026-06-14 11:55:20
(3 weeks ago)
Cloudflare WAF: Request Path: /register2.html Request Query: Host: foro.elhacker.net userAgent: Moz ...
show more
Cloudflare WAF: Request Path: /register2.html Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallCustom ASN Description: HT Country: US Method: POST Timestamp: 2026-06-14T11:55:20Z ruleId: 5012d84c6d9f467499149a3cd38d0b9d. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
๐ต๐ฑ
sefinek.net
2026-06-09 05:18:08
(1 month ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /genshin-stella-mod | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.3.1 Safari/605.1.15 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
LRob
2026-06-09 01:30:03
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ธ๐ฎ
administrator
2026-06-01 22:14:07
(1 month ago)
2026-05-31 00:19:12,715 fail2ban.actions [264721]: NOTICE [apache-fakegooglebot] Ban 103.197 ...
show more
2026-05-31 00:19:12,715 fail2ban.actions [264721]: NOTICE [apache-fakegooglebot] Ban 103.197.168.53
2026-06-02 00:03:15,757 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 103.197.168.53
...
show less
Bad Web Bot
Web Spam
Email Spam
Blog Spam
Port Scan
Brute-Force
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-27 09:15:30
(1 month ago)
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-15.103.197.168.53.web-spamm ...
show more
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-15.103.197.168.53.web-spammers.v2.rbl.imunify.com._v4 succeeded.
show less
Web App Attack
๐ต๐ฑ
sefinek.net
2026-05-24 17:11:17
(1 month ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /genshin-stella-mod | UA: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
LRob
2026-05-21 00:00:15
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-05-19 10:30:02
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-19 05:20:58
(1 month ago)
IM360 WAF: Old style account creation and modification in Joomla! MV:registration
Web App Attack
๐ฉ๐ช
LRob
2026-05-15 11:00:03
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
mind5t0rm
2026-05-14 16:57:07
(1 month ago)
(WPLOGIN,XMLRPC) Login failure/trigger from 103.197.168.53 (HK/Hong Kong/-): 3 in the last 3600 secs ...
show more
(WPLOGIN,XMLRPC) Login failure/trigger from 103.197.168.53 (HK/Hong Kong/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 103.197.168.53 - - [14/May/2026:23:56:49 +0700] "GET /wp-login.php HTTP/2.0" 200 2702 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36"
103.197.168.53 - - [14/May/2026:23:56:50 +0700] "GET /wp-login.php HTTP/2.0" 200 2702 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36"
103.197.168.53 - - [14/May/2026:23:57:05 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/6.3.89"
show less
Port Scan
๐ต๐ฑ
sefinek.net
2026-05-14 09:27:18
(1 month ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /genshin-stella-mod | UA: Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot