AbuseIPDB » 103.46.8.131
103.46.8.131
This IP was reported 4 times. Confidence of
Abuse
is 0% : ?
ISP
PT Jaringanku Sarana Nusantara Malang
Usage Type
Fixed Line ISP
ASN
AS64300
Domain Name
jsn-malang.net
Country
๐ฎ๐ฉ
Indonesia
City
Wirotaman, East Java
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 103.46.8.131 :
This IP address has been reported a total of
4
times from
1 distinct
source.
103.46.8.131 was first reported on
July 17th 2024 , and the most recent report was
4 months ago
Old Reports:
The most recent abuse report for this IP address is from
4 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฎ๐ฉ
hermawan
2026-01-16 02:01:03
(4 months ago)
[Fri Jan 16 09:01:02.861937 2026] [security2:error] [pid 219387:tid 140201751140032] [client 103.46. ...
show more
[Fri Jan 16 09:01:02.861937 2026] [security2:error] [pid 219387:tid 140201751140032] [client 103.46.8.131:50375] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.22.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "189"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: ?id= found within SERVER_NAME: staklim-jatim.bmkg.go.id request_line = GET /index.php/component/content/article?id=1212%3Aprakiraan-cuaca-lamongan HTTP/2.0 Request URI RAW = /index.php/component/content/article?id=1212%3Aprakiraan-cuaca-lamongan Request Basename = article"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/component/content/article"] [unique_id "aWmb3sNmTdgEtrpY66gx3wAAQAA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[219388] [P3mgtrfCb0c] [aWmb3sNmTdgEtrpY66gx3wAAQA
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2024-08-16 10:55:38
(1 year ago)
[Fri Aug 16 15:25:54.207648 2024] [security2:error] [pid 825471:tid 131124575602240] [client 103.46. ...
show more
[Fri Aug 16 15:25:54.207648 2024] [security2:error] [pid 825471:tid 131124575602240] [client 103.46.8.131:48604] [client 103.46.8.131] ModSecurity: Access denied with code 403 (phase 4). Match of "pmFromFile sql-errors.data" against "RESPONSE_BODY" required. [file "/etc/modsecurity/coreruleset-4.5.0/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"] [line "56"] [id "951100"] [data "Matched Data: / found within RESPONSE_BODY: request_line = GET /TableFilter/system-v167.css HTTP/2.0"] [ver "OWASP_CRS/4.5.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "OWASP_CRS"] [tag "capec/1000/118/116/54"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/TableFilter/system-v167.css"] [unique_id "Zr8NEh1gD_iEAjxBGmqWgQAAowM"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[825475] [ga8StYiQm/Y] [Zr8NEh1gD_iEAjxBGmqWgQAAowM] keep_alive=[1] [2024-08-16 15:25:54.207652] [R:Zr8NEh1gD_iEAjxBGmqWgQAAowM] UA:'Mozilla/5.0 (Linux; Android 10; K) Apple
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2024-08-10 01:58:20
(1 year ago)
[Sat Aug 10 08:50:54.557323 2024] [security2:error] [pid 1622562:tid 134775413147200] [client 103.46 ...
show more
[Sat Aug 10 08:50:54.557323 2024] [security2:error] [pid 1622562:tid 134775413147200] [client 103.46.8.131:50148] [client 103.46.8.131] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.*?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].*?[\\"'`]|(?:\\\\r?\\\\n)?\\\\z|[^\\"'`]+)|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]*?from|(?:alter|(?:(?:cre|trunc|upd)at|renam)e|d(?:e(?:lete|sc)|rop)|(?:inser|selec)t|load)[\\\\s\\\\x0b]*?\\\\([\\\\s\\\\x0b]*?space[\\\\s\\\\x0b]*?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2147"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/125.0.6422.186 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2024-07-17 15:25:53
(1 year ago)
[Wed Jul 17 22:24:49.111486 2024] [security2:error] [pid 2128156:tid 123272349877824] [client 103.46 ...
show more
[Wed Jul 17 22:24:49.111486 2024] [security2:error] [pid 2128156:tid 123272349877824] [client 103.46.8.131:51888] [client 103.46.8.131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Mai" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "38"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Mai found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 OcIdWebView ({\\x22os\\x22:\\x22iOS\\x22,\\x22appVersion\\x22:\\x226.0.240623.1789990\\x22,\\x22app\\x22:\\x22com.google.Gmail\\x22,\\x22osVersion\\x22:\\x2216.0\\x22,\\x22style\\x22:2,\\x22isDarkTheme\\x22:true,\\x22libraryVersion\\x22:\\x221.23.10.0\\x22,\\x22isBoldFont\\x22:false,\\x22zoom\\x22:0.86363636363636365,\\x22isHighContrast\\x22:false}) request_line = GET..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id
...
show less
Hacking
Web App Attack
Showing 1 to
4
of 4 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: