JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.146.113.246

185.146.113.246 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 20%: ?

20%

ISP	AG Telekom MMC.
Usage Type	Fixed Line ISP
ASN	AS57293
Hostname(s)	nat-pool-185.146.113.246.katv1.net
Domain Name	katv1.az
Country	🇦🇿 Azerbaijan
City	Khirdalan, Abseron

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.146.113.246

Whois 185.146.113.246

IP Abuse Reports for 185.146.113.246:

This IP address has been reported a total of 21 times from 15 distinct sources. 185.146.113.246 was first reported on July 1st 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-27 21:54:14 (10 hours ago)	[Sun Jun 28 04:54:09.843163 2026] [security2:error] [pid 359409:tid 139761618560704] [client 185.146 ... show more [Sun Jun 28 04:54:09.843163 2026] [security2:error] [pid 359409:tid 139761618560704] [client 185.146.113.246:53567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur"] [unique_id "akBGgcrdiBp5G4GRea_2uQABxhc"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[359433] [udrPQ0NncfQ] [akBGgcrdiBp5G4GRea_2uQABxhc] keep_alive=[1] [2026-06-28 04:54:09.843167] [R:akBGgcrdiBp5G4GRea_2uQABxhc ... show less	Email Spam Hacking
🇵🇱 sefinek.net	2026-06-16 12:52:48 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from AZ. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from AZ. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /commands/unmute \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-09 14:45:46 (2 weeks ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇮🇹 A000Z	2026-04-10 09:52:34 (2 months ago)	Fail2Ban: 185.146.113.246 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/ ... show more Fail2Ban: 185.146.113.246 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 show less	Bad Web Bot
🇺🇸 quilla	2026-04-03 03:20:35 (2 months ago)	Botnet infected device observed in honeypot (Vector: TCP)	DDoS Attack
🇺🇸 TPI-Abuse	2026-03-19 08:56:21 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 185.146.113.246 (nat-pool-185.146.113.246.katv1 ... show more (mod_security) mod_security (id:210730) triggered by 185.146.113.246 (nat-pool-185.146.113.246.katv1.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:56:17.209057 2026] [security2:error] [pid 6165:tid 6165] [client 185.146.113.246:53441] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pages4you.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pages4you.com"] [uri "/photos/Thumbs.db"] [unique_id "abu6MXt8zbqLYXTPu2nEFAAAAAE"], referer: https://pages4you.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-03-08 07:04:42 (3 months ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
🇹🇷 rtbh.com.tr	2026-03-04 20:11:53 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇨🇦 polycoda	2026-01-11 12:46:06 (5 months ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇵🇱 sefinek.net	2025-12-31 20:36:36 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from AZ. Action taken: MANAGED_CHALLENGE Protocol: HTTP/3 ... show more Triggered Cloudflare WAF (firewallCustom) from AZ. Action taken: MANAGED_CHALLENGE Protocol: HTTP/3 (GET method) Endpoint: /blocklist-generator/pihole UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.2 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 VHosting	2025-12-24 08:20:03 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-11-24 18:13:59 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-20 06:38:04 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇸🇬 mypatricks	2025-08-31 07:58:44 (9 months ago)	185.146.113.246 \| Port: 29092 \| DNS: nat-pool-185.146.113.246.katv1.net 2025-08-31T15:58:43+08:00 As ... show more 185.146.113.246 \| Port: 29092 \| DNS: nat-pool-185.146.113.246.katv1.net 2025-08-31T15:58:43+08:00 Asia/Baku \| FETCH Sproofing Activity Detetced. \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /?cdde9aeefd8bdf9=343&1754592539 \| Ref: - \| Country: AZ/Azerbaijan/+04:00 IP City: Khirdalan 977afbe52803e8ee-GYD/Baku, Azerbaijan 1 hits/0 secs Robots 2 show less	Web Spam Blog Spam Brute-Force Exploited Host Web App Attack
🇳🇱 exxos	2025-08-01 03:25:16 (10 months ago)	HTTP1.x attacks	DDoS Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇷 179.48.248.245

🇭🇰 150.5.169.176

🇵🇱 146.59.46.9

🇺🇸 107.172.50.134

🇮🇩 103.160.213.66

🇯🇵 43.165.180.54

🇨🇳 42.180.4.166

🇺🇸 34.61.71.230

🇨🇳 223.74.192.33

🇺🇸 216.25.89.140

🇳🇱 193.25.217.247

🇸🇪 178.20.213.223

🇺🇸 173.236.141.65

🇺🇸 173.194.103.169

🇮🇩 103.155.199.212

🇰🇪 102.68.76.201

🇿🇦 102.67.141.165

🇿🇲 102.23.122.235

🇳🇱 94.237.40.60

🇺🇸 71.6.134.235