JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.146.169.42

103.146.169.42 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 39%: ?

39%

ISP	Institut Seni Budaya Indonesia Bandung
Usage Type	Commercial
ASN	AS139939
Domain Name	isbi.ac.id
Country	🇮🇩 Indonesia
City	Bandung, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.146.169.42

Whois 103.146.169.42

IP Abuse Reports for 103.146.169.42:

This IP address has been reported a total of 29 times from 17 distinct sources. 103.146.169.42 was first reported on April 24th 2021, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-21 05:24:13 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 01:24:06.784689 2026] [security2:error] [pid 24440:tid 24440] [client 103.146.169.42:64743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.146.169.42 (+1 hits since last alert)\|ssion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "ag6W9tXw3OaxzhXuNB5GJwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-20 08:26:23 (3 weeks ago)	Attac	Brute-Force
🇩🇪 rh24	2026-05-20 04:17:16 (3 weeks ago)	(wordpress) Failed wordpress login from 103.146.169.42 (ID/Indonesia/-): (CF_ENABLE)	Brute-Force
Anonymous	2026-05-19 09:05:02 (3 weeks ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (119/60 min)'; Requests=119	Port Scan
Anonymous	2026-05-19 02:25:02 (3 weeks ago)	[redacted] 103.146.169.42 - - [19/May/2026:04:24:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 103.146.169.42 - - [19/May/2026:04:24:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.3; http://site67667100.com" [redacted] 103.146.169.42 - - [19/May/2026:04:24:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site84865938.com" [redacted] 103.146.169.42 - - [19/May/2026:04:24:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" [redacted] 103.146.169.42 - - [19/May/2026:04:24:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 103.146.169.42 - - [19/May/2026:04:25:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" ... show less	Hacking Web App Attack
🇫🇷 Kenshin869	2026-05-18 08:41:43 (3 weeks ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-05-18 05:09:26 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 01:09:18.528304 2026] [security2:error] [pid 13318:tid 13318] [client 103.146.169.42:52495] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.146.169.42 (+1 hits since last alert)\|deborahbein.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "deborahbein.com"] [uri "/xmlrpc.php"] [unique_id "agqe_rcsqgLFyIdiD5zV7AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 02:35:23 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 22:35:18.331069 2026] [security2:error] [pid 13973:tid 13978] [client 103.146.169.42:54728] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.146.169.42 (+1 hits since last alert)\|nordicatrio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicatrio.com"] [uri "/xmlrpc.php"] [unique_id "agp65sG5cRUiYjhi-asPVQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Paulo Henrique dos Santos Nichio	2026-05-12 03:00:29 (1 month ago)	(ls_brute) LiteSpeed Brute Force Attack 103.146.169.42 (ID/Indonesia/-): 3 in the last 600 secs; Por ... show more (ls_brute) LiteSpeed Brute Force Attack 103.146.169.42 (ID/Indonesia/-): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-12 00:00:05.200733 [WARN] [3663422] [T0] [103.146.169.42:51914-2#APVH_www.povosdomar.com.br:443] Brute force detected for IP [103.146.169.42], throttle. 2026-05-12 00:00:16.202430 [WARN] [3663422] [T0] [103.146.169.42:51914-3#APVH_www.povosdomar.com.br:443] Brute force detected for IP [103.146.169.42], throttle. 2026-05-12 00:00:26.112410 [WARN] [3663422] [T0] [103.146.169.42:51914-4#APVH_www.povosdomar.com.br:443] Brute force detected for IP [103.146.169.42], throttle. show less	Port Scan
🇨🇦 Paulo Henrique dos Santos Nichio	2026-05-11 04:13:27 (1 month ago)	(ls_brute) LiteSpeed Brute Force Attack 103.146.169.42 (ID/Indonesia/-): 3 in the last 600 secs; Por ... show more (ls_brute) LiteSpeed Brute Force Attack 103.146.169.42 (ID/Indonesia/-): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-11 01:12:58.004188 [WARN] [3405552] [T0] [103.146.169.42:60485-1#APVH_www.liderescompropositos.com.br:443] Brute force detected for IP [103.146.169.42], throttle. 2026-05-11 01:13:09.011999 [WARN] [3405552] [T0] [103.146.169.42:60485-2#APVH_www.liderescompropositos.com.br:443] Brute force detected for IP [103.146.169.42], throttle. 2026-05-11 01:13:19.023640 [WARN] [3405552] [T0] [103.146.169.42:60485-3#APVH_www.liderescompropositos.com.br:443] Brute force detected for IP [103.146.169.42], throttle. show less	Port Scan
🇩🇪 LRob.fr	2026-05-07 06:15:07 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 06:22:29 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 02:22:23.936722 2026] [security2:error] [pid 22150:tid 22157] [client 103.146.169.42:59509] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.146.169.42 (+1 hits since last alert)\|gabegabel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gabegabel.com"] [uri "/xmlrpc.php"] [unique_id "afreH4QWwYhzaMjcWHrikgAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 02:56:06 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 22:56:01.789050 2026] [security2:error] [pid 29187:tid 29187] [client 103.146.169.42:51963] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.146.169.42 (+1 hits since last alert)\|eta-mct.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eta-mct.com"] [uri "/xmlrpc.php"] [unique_id "afqtwSs-fg4o_a6RPlWMkQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-05 07:06:47 (1 month ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 04:48:51 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.146.169.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 00:48:43.281161 2026] [security2:error] [pid 2610467:tid 2610467] [client 103.146.169.42:64201] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.146.169.42 (+1 hits since last alert)\|4115thewestford.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "4115thewestford.com"] [uri "/xmlrpc.php"] [unique_id "aexHq3XjAutvwQGovks8PwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.37.174.62

🇺🇸 205.210.31.106

🇨🇳 180.76.98.88

🇨🇳 113.239.23.247

🇫🇷 85.217.140.34

🇺🇸 64.62.197.127

🇳🇱 45.148.10.240

🇷🇴 2.57.122.238

🇺🇸 2600:1f14:af5:6702:282b:1367:c7f6:b356

🇰🇷 211.46.188.16

🇨🇱 179.57.170.71

🇬🇧 172.70.160.149

🇮🇳 165.140.164.99

🇮🇳 117.247.23.131

🇳🇱 45.148.10.152

🇺🇸 45.33.84.20

🇬🇧 35.203.211.248

🇮🇳 4.224.59.75

🇨🇳 192.144.218.190

🇺🇸 162.216.150.101