This IP address has been reported a total of
21
times from
14 distinct
sources.
103.225.95.253 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[Fri Jun 26 04:16:41.332376 2026] [security2:error] [pid 601004:tid 140397928924864] [client 103.225 ...
show more[Fri Jun 26 04:16:41.332376 2026] [security2:error] [pid 601004:tid 140397928924864] [client 103.225.95.253:50552] ModSecurity: Access denied with code 403 (phase 2). Match of "rx (?i)^[a-z0-9\\\\-._]+$" against "TX:referer-hardening-plugin_domain_name" required. [file "/etc/modsecurity/coreruleset-4.26.0/plugins/referer-hardening-plugin/plugins/referer-hardening-before.conf"] [line "221"] [id "9524170"] [msg "Invalid domain name within Referer header"] [data " google.com, https Matched Data ARGS charset: - Matched Data TX.1: google.com, https found within Content-Type multipart form Matched Data: https://google.com, https://staklim-jatim.bmkg.go.id/Prakicu_Harian_Kota_Malang-v1.html found within TX:referer-hardening-plugin_domain_name: google.com, https request_line = GET /images/Meteorologi/Prakiraan/Prakiraan-Harian/02-Besok-Hari/Kota-Malang/Prakiraan-Harian_Cuaca_Kota_Malang_Besok_Hari.jpg HTTP/1.1 Request URI RAW = /images/Meteorologi/Prakiraan/Prakiraan..."] [severity "CRITICAL"
...
show less
Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ...
show moreAutomated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Opera/8.37.(Windows NT 5.2; zu-ZA) Presto/2.9.177 Version/10.00
show less
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show moreDistributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Bad web bot: Spoofed/obsolete UA (Opera/9.93.(X11; Linux x86_64; el-CY) Presto/2.9.163 Version/12.00 ...
show moreBad web bot: Spoofed/obsolete UA (Opera/9.93.(X11; Linux x86_64; el-CY) Presto/2.9.163 Version/12.00). Mass-scanning WordPress plugin. Coordinated large-scale bot attack.
show less
Fail2Ban: 103.225.95.253 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5 ...
show moreFail2Ban: 103.225.95.253 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
show less
[Askari] | country=BD | Behavior: HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Con ...
show more[Askari] | country=BD | Behavior: HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Concurrent page load during attack
show less
Bad Web Bot
DDoS Attack
Showing 1 to
15
of 21 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ