AbuseIPDB » 103.148.152.161
103.148.152.161
This IP was reported 9 times. Confidence of
Abuse
is 25% : ?
ISP
ESTO MEDIA Private Limited
Usage Type
Fixed Line ISP
ASN
AS135817
Domain Name
esto.network
Country
๐ฎ๐ณ
India
City
Delhi, Delhi
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 103.148.152.161 :
This IP address has been reported a total of
9
times from
6 distinct
sources.
103.148.152.161 was first reported on
April 6th 2026 , and the most recent report was
1 week ago
Old Reports:
The most recent abuse report for this IP address is from
1 week ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฌ๐ง
PeravixGroup
2026-06-09 05:46:12
(1 week ago)
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ...
show more
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud
show less
Hacking
Exploited Host
๐ฌ๐ง
PeravixGroup
2026-06-06 06:56:09
(1 week ago)
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ...
show more
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud
show less
Hacking
Exploited Host
๐น๐ผ
kk_it_man
2026-06-04 05:00:05
(2 weeks ago)
honey catch
Port Scan
๐ฌ๐ง
PeravixGroup
2026-06-03 08:23:55
(2 weeks ago)
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ...
show more
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud
show less
Hacking
Exploited Host
๐ฎ๐ฉ
hermawan
2026-05-28 07:12:01
(3 weeks ago)
[Thu May 28 14:11:52.509989 2026] [security2:error] [pid 514745:tid 139852229084864] [client 103.148 ...
show more
[Thu May 28 14:11:52.509989 2026] [security2:error] [pid 514745:tid 139852229084864] [client 103.148.152.161:39897] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "815"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /pdfjs/web/viewer.mjs HTTP/2.0 Request URI RAW = /pdfjs/web/viewer.mjs Request Basename = viewer.mjs"] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/pdfjs/web/viewer.mjs"] [un
...
show less
Email Spam
Hacking
๐จ๐ณ
ThreatBook.io
2026-05-14 22:47:21
(1 month ago)
ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/103.148.152.161
SSH
2026-05-03 05:32:31
(1 month ago)
Unauthorized connection attempt on Port 23
Port Scan
Hacking
Exploited Host
๐ฌ๐ง
PeravixGroup
2026-04-29 04:31:57
(1 month ago)
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ...
show more
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud
show less
Hacking
Exploited Host
๐ณ๐ฑ
EGP Abuse Dept
2026-04-06 07:25:46
(2 months ago)
Unsolicited connection to port 445
Port Scan
Hacking
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: