AbuseIPDB » 168.235.203.253

168.235.203.253 was found in our database!

This IP was reported 119 times. Confidence of Abuse is 26%: ?

26%

ISP	Meteverse Limited.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS54994
Domain Name	meteversecloud.com
Country	United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 168.235.203.253

Whois 168.235.203.253

IP Abuse Reports for 168.235.203.253:

This IP address has been reported a total of 119 times from 14 distinct sources. 168.235.203.253 was first reported on November 20th 2021, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
ThreatBook.io	2025-05-07 22:35:34 (2 months ago)	ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/168.235.203.253 2025-0 ... show moreThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/168.235.203.253 2025-05-07 18:38:29 /cc.gif show less	Web App Attack
ThreatBook.io	2025-05-06 22:36:58 (2 months ago)	ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/168.235.203.253 2025-0 ... show moreThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/168.235.203.253 2025-05-06 15:49:29 /cc.gif show less	Web App Attack
hermawan	2025-05-05 11:39:43 (2 months ago)	[Mon May 05 18:38:24.667094 2025] [security2:error] [pid 855116:tid 139974972262080] [client 168.235 ... show more[Mon May 05 18:38:24.667094 2025] [security2:error] [pid 855116:tid 139974972262080] [client 168.235.203.253:10622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.13.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /index.php/normal-klimatologi/198-normal-awal-musim/normal-awal-musim-kemarau/normal-awal-musim-kemarau-propinsi-jawa-timur HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/normal-klimatologi/198-normal-awal-musim/normal-awal-musim-kemarau/normal-awal-musim-kemarau-propinsi-jawa-timur"] [unique_id "aBijMBrJ9YcbyJkaLWWFiwAAAJM"], referer https://www.google.co.id/ [staklim-malang.info] [staklim-malang.info] top=[855187] [Wa4O8 ... show less	Hacking Web App Attack
hermawan	2025-05-01 12:48:40 (2 months ago)	[Thu May 01 19:48:40.180763 2025] [security2:error] [pid 194343:tid 139727686362816] [client 168.235 ... show more[Thu May 01 19:48:40.180763 2025] [security2:error] [pid 194343:tid 139727686362816] [client 168.235.203.253:58546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.13.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /index.php/normal-klimatologi/197-normal-awal-musim/normal-awal-musim-hujan/normal-awal-musim-hujan-propinsi-jawa-timur HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/normal-klimatologi/197-normal-awal-musim/normal-awal-musim-hujan/normal-awal-musim-hujan-propinsi-jawa-timur"] [unique_id "aBNtqNGyIDnvBCnQMbl1wAAAAIA"], referer https://www.google.co.id/search?q=prediksi+hujan+jawa+timur&client=ucweb-b-bookmark&sca_esv=5c6a9 ... show less	Hacking Web App Attack
Anonymous	2025-04-29 06:17:40 (2 months ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
hermawan	2025-04-27 11:10:53 (2 months ago)	[Sun Apr 27 18:09:58.993743 2025] [security2:error] [pid 986254:tid 140550011332288] [client 168.235 ... show more[Sun Apr 27 18:09:58.993743 2025] [security2:error] [pid 986254:tid 140550011332288] [client 168.235.203.253:34530] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.13.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini"] [unique_id "aA4QhkaoKgxxs90Z2vK7zgAAAIU"], referer https://www.google.co.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[986311] [EhGpm/hjJmA] [aA4QhkaoKgxxs90Z2vK7zgAAAIU] keep_alive=[0] [2025-04-27 18:09:58.993760] [R:aA4QhkaoKgxxs90Z2vK7zgAAAI ... show less	Hacking Web App Attack
Anonymous	2025-04-24 21:52:02 (2 months ago)	Excessive connections to http/https ports	DDoS Attack
Anonymous	2025-04-23 16:52:02 (2 months ago)	Excessive connections to http/https ports	DDoS Attack
hermawan	2025-04-18 12:22:16 (3 months ago)	[Fri Apr 18 19:22:15.495227 2025] [security2:error] [pid 817058:tid 139683577181888] [client 168.235 ... show more[Fri Apr 18 19:22:15.495227 2025] [security2:error] [pid 817058:tid 139683577181888] [client 168.235.203.253:27202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /index.php/profil/meteorologi/list-all-categories/536-konferensi-pers/555561790-rilis-prediksi-musim-kemarau-tahun-2025-provinsi-jawa-timur HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/536-konferensi-pers/555561790-rilis-prediksi-musim-kemarau-tahun-2025-provinsi-jawa-timur"] [unique_id "aAJD975N_w7z0cBgEZBJrQAAABc"], referer https://www.google.co.id/ [staklim-jatim.bmkg.go.id] ... show less	Hacking Web App Attack
hermawan	2025-04-11 11:13:24 (3 months ago)	[Fri Apr 11 18:12:01.621944 2025] [security2:error] [pid 3348:tid 140554465695424] [client 168.235.2 ... show more[Fri Apr 11 18:12:01.621944 2025] [security2:error] [pid 3348:tid 140554465695424] [client 168.235.203.253:31628] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini"] [unique_id "Z_j5AR524neb8wj5LmNaUAAAAFw"], referer https://staklim-jatim.bmkg.go.id/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[3498] [YzmDxaaDUng] [Z_j5AR524neb8wj5LmNaUAAAAFw] keep_alive ... show less	Hacking Web App Attack
Anonymous	2025-04-08 12:52:02 (3 months ago)	Excessive connections to http/https ports	DDoS Attack
Anonymous	2025-04-06 11:52:02 (3 months ago)	Excessive connections to http/https ports	DDoS Attack
hermawan	2025-04-05 04:17:39 (3 months ago)	[Sat Apr 05 11:15:52.841936 2025] [security2:error] [pid 183412:tid 140418578638528] [client 168.235 ... show more[Sat Apr 05 11:15:52.841936 2025] [security2:error] [pid 183412:tid 140418578638528] [client 168.235.203.253:39598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /index.php/prakiraan-musim/4311-prakiraan-musim-kemarau/prakiraan-awal-musim-kemarau/prakiraan-awal-musim-kemarau-di-propinsi-jawa-timur/prediksi-6-bulanan-awal-musim-kemarau-tahun-2025-zona-musim-di-provinsi-jawa-timur/555561823-prediksi-6-bulanan-awal-musim-kemarau-tahun-2025-zona-musim-di-provinsi-jawa-timur HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-musim/4311-prakiraan-musim-kemarau/prakiraan-awal-m ... show less	Hacking Web App Attack
Anonymous	2025-04-03 17:52:02 (3 months ago)	Excessive connections to http/https ports	DDoS Attack
hermawan	2025-03-30 11:27:33 (3 months ago)	[Sun Mar 30 18:27:02.813626 2025] [security2:error] [pid 1325676:tid 139628690523840] [client 168.23 ... show more[Sun Mar 30 18:27:02.813626 2025] [security2:error] [pid 1325676:tid 139628690523840] [client 168.235.203.253:30030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "349"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /b/bulananmalangbatu.pdf HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/b/bulananmalangbatu.pdf"] [unique_id "Z-kqhpeMO_HWThH3Qm0QdAAAAJA"], referer https://www.google.co.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1325744] [JhUhlVUffAA] [Z-kqhpeMO_HWThH3Qm0QdAAAAJA] keep_alive=[0] [2025-03-30 18:27:02.813632] [R:Z-kqhpeMO_HWThH3Qm0QdAAAAJA] UA:'Mozilla/5.0 (Linux; U; Android 8.1.0; en-US; SM-J710F Build/M1A ... show less	Hacking Web App Attack

Showing 16 to 30 of 119 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

185.141.132.26

206.168.34.128

187.212.35.121

101.204.209.141

92.118.39.81

5.129.225.138

221.159.58.235

195.141.89.124

85.208.96.207

120.48.2.63

159.192.36.9

199.45.155.105

45.61.187.220

64.62.156.150

52.0.105.244

113.120.58.148

104.28.156.67

45.115.155.157

103.13.206.28

154.221.29.240