JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.85.149.149

103.85.149.149 was found in our database!

This IP was reported 172 times. Confidence of Abuse is 70%: ?

70%

ISP	PT iForte Global Internet
Usage Type	Fixed Line ISP
ASN	AS17995
Hostname(s)	149.149.85.103.ipt.iforte.net.id.149.85.103.in-addr.arpa
Domain Name	iforte.net.id
Country	🇮🇩 Indonesia
City	Batu, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.85.149.149

Whois 103.85.149.149

IP Abuse Reports for 103.85.149.149:

This IP address has been reported a total of 172 times from 67 distinct sources. 103.85.149.149 was first reported on February 20th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-10 01:37:16 (3 hours ago)	Honeypot hit: SMB traffic on port 445	IoT Targeted
🇬🇧 Birdo	2026-06-09 01:00:56 (1 day ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
🇩🇪 AS213449.net	2026-06-08 02:17:10 (2 days ago)	06/08/2026-04:17:03.665613 src=103.85.149.149 dst=89.144.63.106:1433 proto=6 msg=ET SCAN Suspicious ... show more 06/08/2026-04:17:03.665613 src=103.85.149.149 dst=89.144.63.106:1433 proto=6 msg=ET SCAN Suspicious inbound to MSSQL port 1433 show less	SQL Injection
🇩🇪 Yachiyo Runami	2026-06-04 02:36:39 (6 days ago)	Port Scan on Honeypot \| Ports: 445/SMB \| Proto: TCP(1) \| Flags: all SYN \| TTL: 110 \| Len: 52B \| Win: ... show more Port Scan on Honeypot \| Ports: 445/SMB \| Proto: TCP(1) \| Flags: all SYN \| TTL: 110 \| Len: 52B \| Win: 8192(1) \| rDNS: 149.149.85.103.ipt.iforte.net.id.149.85.103.in-addr.arpa \| F2B/ufw-honeypot@2026-06-04T02:36:38Z show less	Port Scan Hacking
🇩🇪 IP Analyzer	2026-05-28 20:00:32 (1 week ago)	Unauthorized connection attempt from IP address 103.85.149.149 on Port 445(SMB)	Port Scan
🇩🇪 nitrix	2026-05-25 04:12:45 (2 weeks ago)	SYN scanning detected on port 445	Port Scan
🇳🇱 knock	2026-05-21 10:45:41 (2 weeks ago)	Knock-Knock honeypot brute-force: SMB (1 total hits)	Brute-Force
🇬🇧 Birdo	2026-05-21 02:39:45 (2 weeks ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
🇬🇧 gbzret4d	2026-05-21 01:48:38 (2 weeks ago)	Honeypot [uk-production01]: SMB traffic on port 445	Hacking
🇷🇺 Agrohim	2026-05-20 16:38:45 (2 weeks ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇩🇪 iNetWorker	2026-05-20 07:00:59 (2 weeks ago)	firewall-block, port(s): 445/tcp	Port Scan
🇫🇷 sthoyer.de	2026-05-11 19:13:00 (4 weeks ago)	May 11 21:12:58 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more May 11 21:12:58 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=103.85.149.149 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=67 DF PROTO=TCP SPT=53830 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇱🇹 NotACaptcha	2026-05-11 07:45:55 (4 weeks ago)	Unauthorised access (May 11 10:45) SRC=103.85.149.149 LEN=52 TTL=98 ID=4443 DF TCP DPT=445 WINDOW=81 ... show more Unauthorised access (May 11 10:45) SRC=103.85.149.149 LEN=52 TTL=98 ID=4443 DF TCP DPT=445 WINDOW=8192 SYN show less	Port Scan
🇬🇧 PeravixGroup	2026-05-09 11:02:39 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 Birdo	2026-05-08 11:43:17 (1 month ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking

Showing 1 to 15 of 172 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 103.71.20.231

🇺🇸 71.6.232.29

🇨🇳 220.203.28.200

🇨🇦 212.104.215.20

🇱🇹 194.165.16.167

🇺🇸 172.236.228.208

🇺🇸 172.234.199.93

🇵🇰 110.93.224.226

🇮🇳 103.70.40.36

🇺🇸 71.6.240.223

🇩🇪 69.5.169.165

🇫🇷 51.68.236.71

🇲🇾 49.124.205.169

🇨🇳 49.64.178.43

🇳🇱 45.148.10.157

🇰🇷 43.164.129.84

🇺🇸 23.137.105.206

🇺🇸 20.168.108.224

🇬🇧 194.50.235.143

🇬🇧 193.163.125.23