JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.153.210.70

103.153.210.70 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 24%: ?

24%

ISP	IDEA TEC LTD
Usage Type	Fixed Line ISP
ASN	AS140962
Domain Name	ideatacbd.com
Country	🇧🇩 Bangladesh
City	Dhaka, Dhaka Division

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.153.210.70

Whois 103.153.210.70

IP Abuse Reports for 103.153.210.70:

This IP address has been reported a total of 28 times from 22 distinct sources. 103.153.210.70 was first reported on December 18th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Marcin Stepien	2026-05-31 01:26:00 (1 week ago)	Hit honeypot endpoint /.env. Automated scanner/bot detected.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 02:38:46 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 103.153.210.70 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.153.210.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 22:38:32.726475 2026] [security2:error] [pid 21377:tid 21377] [client 103.153.210.70:59449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.10"] [uri "/.env"] [unique_id "afVjqK_G3R7Q2tgVBKoYpgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 knock	2026-05-01 16:51:39 (1 month ago)	Knock-Knock honeypot brute-force: proto8 (2 total hits)	Brute-Force
🇩🇪 ManagedStack	2026-05-01 16:45:01 (1 month ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
🇩🇪 yangfan	2026-04-25 18:20:57 (1 month ago)	UFW Blocked [80/TCP] Source: 103.153.210.70:57237 TTL: 117 Lenth: 52 TOS: 0x00	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 16:52:02 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 103.153.210.70 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.153.210.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 12:51:49.042997 2026] [security2:error] [pid 7790:tid 7790] [client 103.153.210.70:61060] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.54"] [uri "/.env"] [unique_id "aezxJf8qm6MrVRr1G7c2qwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-04-25 08:27:17 (1 month ago)	Probing for exploits 103.153.210.70 - - [25/Apr/2026:10:26:57 +0200] "GET /.env HTTP/1.1" 422 0 "-" ... show more Probing for exploits 103.153.210.70 - - [25/Apr/2026:10:26:57 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 103.153.210.70 - - [25/Apr/2026:10:26:57 +0200] "GET /wp-content/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Hacking Web App Attack
Anonymous	2026-04-25 08:07:19 (1 month ago)	103.153.210.70 - - [25/Apr/2026:10:07:19 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macin ... show more 103.153.210.70 - - [25/Apr/2026:10:07:19 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Web App Attack
🇺🇸 kosada.com	2026-03-26 23:12:06 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇫🇷 Thaliruth	2026-03-24 04:35:34 (2 months ago)	[24/Mar/2026:05:35:34.274076 +0100] acIUlkbajKSiemKa3cYzAwAAAA0 103.153.210.70 44142 127.0.0.1 7080 ... show more [24/Mar/2026:05:35:34.274076 +0100] acIUlkbajKSiemKa3cYzAwAAAA0 103.153.210.70 44142 127.0.0.1 7080 ... show less	Hacking
🇫🇷 Security_Whaller	2026-03-20 09:02:02 (2 months ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
🇬🇧 Axel	2026-03-20 02:43:23 (2 months ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
Anonymous	2026-03-05 06:48:52 (3 months ago)	2026-03-05T06:48:51.657568+00:00 caddy caddy[81692]: {"level":"info","ts":1772693331.657209,"logger" ... show more 2026-03-05T06:48:51.657568+00:00 caddy caddy[81692]: {"level":"info","ts":1772693331.657209,"logger":"http.log.access","msg":"handled request","request":{"remote_ip":"103.153.210.70","remote_port":"60645","client_ip":"103.153.210.70","proto":"HTTP/1.1","method":"GET","host":"142.132.232.19","uri":"/.env","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"]}},"bytes_read":0,"user_id":"","duration":0.00007764,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://142.132.232.19/.env"],"Content-Type":[]}} ... show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-03-04 05:00:32 (3 months ago)	Access to sensitive configuration files detected.. Threat Score: 5.2/10 (MEDIUM). Confidence: 40%. C ... show more Access to sensitive configuration files detected.. Threat Score: 5.2/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 2.9/10 (Low). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-03-04 03:58:55 (3 months ago)	[WAZUH] Access to sensitive configuration files detected.	Hacking Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 51.15.59.186

🇨🇳 203.76.241.18

🇬🇧 193.163.125.245

🇺🇸 147.185.132.61

🇵🇪 45.189.108.34

🇨🇳 39.74.61.240

🇮🇳 4.213.160.153

🇹🇼 198.235.24.69

🇨🇳 183.217.4.48

🇺🇸 157.245.118.253

🇺🇸 91.230.168.131

🇫🇮 65.21.184.112

🇮🇷 5.237.108.187

🇷🇴 193.32.162.13

🇷🇺 178.185.136.57

🇺🇸 172.191.132.202

🇫🇷 172.69.222.157

🇺🇬 102.203.209.252

🇱🇹 81.30.98.144

🇺🇸 76.37.7.1