AbuseIPDB » 146.103.3.248
146.103.3.248
This IP was reported 7 times. Confidence of
Abuse
is 0% : ?
ISP
Brander Group Inc
Usage Type
Data Center/Web Hosting/Transit
ASN
AS20738
Domain Name
brandergroup.net
Country
๐ฌ๐ง
United Kingdom of Great Britain and Northern Ireland
City
London, England
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 146.103.3.248 :
This IP address has been reported a total of
7
times from
6 distinct
sources.
146.103.3.248 was first reported on
November 20th 2024 , and the most recent report was
1 month ago
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ณ๐ฑ
Roderic
2026-05-05 14:06:24
(1 month ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted])
Bad Web Bot
๐ต๐ฑ
cheatmaster.store
2026-02-25 23:28:59
(3 months ago)
Automated report: This IP address has been identified as an active public open proxy.
Classification ...
show more
Automated report: This IP address has been identified as an active public open proxy.
Classification: Open Proxy | Spoofing | VPN/Anonymizer | Bad Web Bot.
Country: United Kingdom
Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic.
Reported by automated threat intelligence pipeline. Do not whitelist without manual verification.
show less
Web Spam
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-27 02:36:42
(4 months ago)
(mod_security) mod_security (id:221260) triggered by 146.103.3.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:221260) triggered by 146.103.3.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:35:14.377633 2026] [security2:error] [pid 1914:tid 1924] [client 146.103.3.248:41225] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||webdisk.kettlehill.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.com"] [uri "/cgi-bin/status/status.cgi"] [unique_id "aXgkYsPq0E0MroPkyLy2-QAAAAQ"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-01-24 09:20:04
(4 months ago)
| Shellshock attack detected
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 07:37:38
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 146.103.3.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.103.3.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 02:37:29.596878 2026] [security2:error] [pid 2123:tid 2123] [client 146.103.3.248:60381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/css../.git/config"] [unique_id "aWs8OYh93DEPPdFKFyAckwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
nyuuzyou
2024-12-14 03:40:11
(1 year ago)
Intensive scraping: /web?s=%22Powered%20by%20INDEXU%20Deluxe%22%20next&scraper=mwmbl. User-Agent: Mo ...
show more
Intensive scraping: /web?s=%22Powered%20by%20INDEXU%20Deluxe%22%20next&scraper=mwmbl. User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0.
show less
Bad Web Bot
๐บ๐ธ
TheMadBeaker
2024-11-20 17:44:23
(1 year ago)
Fail2Ban Ban Triggered
HTTP Attempted Bot Registration
Web Spam
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: