JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.46.68.119

202.46.68.119 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 39%: ?

39%

ISP	PT Indonesia Comnets Plus
Usage Type	Fixed Line ISP
ASN	AS9341
Domain Name	iconpln.net.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.46.68.119

Whois 202.46.68.119

IP Abuse Reports for 202.46.68.119:

This IP address has been reported a total of 9 times from 8 distinct sources. 202.46.68.119 was first reported on August 22nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-03 11:16:20 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇯🇵 VXG-NET	2026-06-03 11:03:56 (1 day ago)	port=80, indicator_type=code-execution	Hacking
Anonymous	2026-06-03 09:51:42 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-06-03 09:46:36 (1 day ago)	tcp/80	Port Scan
🇺🇸 Cyber Crusader	2026-06-03 03:06:41 (1 day ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇨🇦 Read.Team	2026-02-17 21:10:58 (3 months ago)	DDoS attack source: UDP PPS Flood targeting 37.59.144.156. Detected via automated PCAP analysis. Rep ... show more DDoS attack source: UDP PPS Flood targeting 37.59.144.156. Detected via automated PCAP analysis. Report ref: 82rnatnakx show less	DDoS Attack
🇨🇦 Largnet SOC	2026-01-16 05:36:37 (4 months ago)	202.46.68.119 triggered Icarus honeypot on port 23. Check us out on github.	Port Scan Hacking
🇮🇩 hermawan	2025-10-07 02:56:36 (7 months ago)	[Tue Oct 07 09:55:50.129729 2025] [security2:error] [pid 405287:tid 140449537746624] [client 202.46. ... show more [Tue Oct 07 09:55:50.129729 2025] [security2:error] [pid 405287:tid 140449537746624] [client 202.46.68.119:38980] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2129"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/140.0.7339.207 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 14; RMX3771 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-08-22 15:15:48 (9 months ago)	[Fri Aug 22 22:12:36.502806 2025] [security2:error] [pid 785243:tid 139823590348480] [client 202.46. ... show more [Fri Aug 22 22:12:36.502806 2025] [security2:error] [pid 785243:tid 139823590348480] [client 202.46.68.119:50667] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2129"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Mobile/15E148 OcIdWebView ({\\x22isBoldFont\\x22:false,\\x22osVersion\\x22:\\x2218.5\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac ... show less	Hacking Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 199.202.232.227

🇦🇪 198.38.94.14

🇲🇿 197.218.62.69

🇻🇳 171.244.141.86

🇦🇪 132.243.121.237

🇨🇳 112.32.79.123

🇮🇩 103.168.137.74

🇷🇴 80.94.92.184

🇺🇸 66.132.186.134

🇺🇸 64.227.49.223

🇮🇪 54.170.242.105

🇨🇳 222.128.15.127

🇫🇮 196.244.192.13

🇪🇹 196.191.54.48

🇺🇸 195.184.76.33

🇧🇬 193.24.211.107

🇻🇳 180.93.36.16

🇺🇸 166.62.118.171

🇷🇴 92.118.39.74

🇪🇹 196.189.16.196