JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.146.203.11

103.146.203.11 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 29%: ?

29%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	PT Cloud Hosting Indonesia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136052
Domain Name	cloudhost.web.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.146.203.11

Whois 103.146.203.11

IP Abuse Reports for 103.146.203.11:

This IP address has been reported a total of 88 times from 44 distinct sources. 103.146.203.11 was first reported on March 11th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-18 06:45:04 (4 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 Kotiacat_one	2026-05-25 12:44:20 (3 weeks ago)	2026-05-25T15:44:19.684094+03:00 kotiacat.nexus sshd-session[8679]: Invalid user admin from 103.146. ... show more 2026-05-25T15:44:19.684094+03:00 kotiacat.nexus sshd-session[8679]: Invalid user admin from 103.146.203.11 port 38966 ... show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-05-25 06:08:46 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 02:08:39.695735 2026] [security2:error] [pid 22018:tid 22018] [client 103.146.203.11:54318] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|internationalservicetravel.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "internationalservicetravel.com"] [uri "/cpanel/"] [unique_id "ahPnZ6bTk9oUxsWh9G-3TAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 ICS Labs	2026-05-21 15:06:12 (3 weeks ago)	ICS Labs identified 103.146.203.11 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇷🇴 Fn4ticHz	2026-05-10 11:49:39 (1 month ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
Anonymous	2026-05-06 01:00:07 (1 month ago)	2026-05-05 19:00:01,988 fail2ban.actions [3625835]: NOTICE [tor] Ban 103.146.203.11 2026-05- ... show more 2026-05-05 19:00:01,988 fail2ban.actions [3625835]: NOTICE [tor] Ban 103.146.203.11 2026-05-05 21:00:05,224 fail2ban.actions [3625835]: NOTICE [tor] Ban 103.146.203.11 2026-05-05 23:00:06,388 fail2ban.actions [3625835]: NOTICE [tor] Ban 103.146.203.11 2026-05-06 01:00:52,433 fail2ban.actions [3625835]: NOTICE [tor] Ban 103.146.203.11 2026-05-06 04:00:02,666 fail2ban.actions [3625835]: NOTICE [tor] Ban 103.146.203.11 show less	Brute-Force
🇨🇿 ddw	2026-05-03 09:31:20 (1 month ago)	WordPress XMLRPC.PHP Access Attempt.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 00:55:31 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 20:55:25.071910 2026] [security2:error] [pid 23741:tid 23741] [client 103.146.203.11:60236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.greed.ee"] [uri "/.git/config"] [unique_id "ae1ifUuL-A2rtYrDh8hIsQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-24 18:00:06 (1 month ago)	2026-04-24 11:00:07,022 fail2ban.actions [7718]: NOTICE [tor] Ban 103.146.203.11 2026-04-24 ... show more 2026-04-24 11:00:07,022 fail2ban.actions [7718]: NOTICE [tor] Ban 103.146.203.11 2026-04-24 14:00:02,714 fail2ban.actions [7718]: NOTICE [tor] Ban 103.146.203.11 2026-04-24 16:00:24,126 fail2ban.actions [7718]: NOTICE [tor] Ban 103.146.203.11 2026-04-24 18:01:02,135 fail2ban.actions [7718]: NOTICE [tor] Ban 103.146.203.11 2026-04-24 21:00:03,223 fail2ban.actions [7718]: NOTICE [tor] Ban 103.146.203.11 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-19 00:32:39 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:32:33.230832 2026] [security2:error] [pid 3816606:tid 3816606] [client 103.146.203.11:43230] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.stinnetthomeinspection.com"] [uri "/.git/config"] [unique_id "aeQiodS7AxXn0YT-mPOxagAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 12:03:35 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 08:03:31.244589 2026] [security2:error] [pid 2368509:tid 2368509] [client 103.146.203.11:50020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.boat-registration-croatia.com"] [uri "/.git/config"] [unique_id "aeDQE3UHeId0mRHbuWUzfgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-13 08:23:04 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 04:22:57.608194 2026] [security2:error] [pid 251208:tid 251232] [client 103.146.203.11:45770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bacalodge.com"] [uri "/.git/config"] [unique_id "adyn4foqrEbycT1km7GPtwAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-06 12:36:34 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 08:36:27.345738 2026] [security2:error] [pid 19392:tid 19392] [client 103.146.203.11:44684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.register-yacht-france.com"] [uri "/.git/config"] [unique_id "adOoy1FvRJD1qpqjMplBrAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-05 08:17:57 (2 months ago)		Web Spam
🇺🇸 TPI-Abuse	2026-03-31 10:53:21 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.146.203.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 06:53:13.733683 2026] [security2:error] [pid 12603:tid 12603] [client 103.146.203.11:47336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pinetreedistrict.rimaine.org"] [uri "/.git/config"] [unique_id "acunmdTlM5twJksJBqpy4gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 81.30.98.144

🇺🇸 192.185.4.109

🇧🇷 187.17.228.218

🇯🇵 168.138.213.115

🇸🇪 155.4.244.169

🇺🇸 154.83.197.11

🇮🇳 152.32.158.219

🇺🇸 45.58.52.17

🇧🇷 179.83.134.101

🇺🇸 170.253.206.5

🇺🇸 162.216.150.6

🇨🇳 120.198.138.185

🇨🇳 116.179.32.235

🇰🇭 110.235.250.5

🇮🇩 103.89.78.39

🇭🇰 38.76.160.193

🇳🇱 5.61.209.224

🇨🇳 218.11.1.2

🇺🇸 200.71.127.105

🇧🇩 182.48.80.240