JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.248.147.102

161.248.147.102 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 100%: ?

100%

ISP	Pow Pow LLC
Usage Type	Commercial
ASN	AS135918
Domain Name	powpow.vn
Country	🇻🇳 Viet Nam
City	Ho Chi Minh City, Ho Chi Minh City (HCMC)

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.248.147.102

Whois 161.248.147.102

IP Abuse Reports for 161.248.147.102:

This IP address has been reported a total of 128 times from 78 distinct sources. 161.248.147.102 was first reported on April 13th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-05 20:01:30 (3 hours ago)	ICS Labs identified 161.248.147.102 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇺🇸 MPL	2026-06-05 07:05:53 (16 hours ago)	tcp/25 (6 or more attempts)	Port Scan
🇺🇸 LotPhantom	2026-06-04 16:22:42 (1 day ago)	2026-06-04T16:22:38.829373+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-06-04T16:22:38.829373+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=161.248.147.102 DST=157.230.217.55 LEN=52 TOS=0x02 PREC=0x00 TTL=108 ID=22196 DF PROTO=TCP SPT=65178 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 2026-06-04T16:22:41.843547+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=161.248.147.102 DST=157.230.217.55 LEN=52 TOS=0x02 PREC=0x00 TTL=108 ID=22342 DF PROTO=TCP SPT=65178 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 ... show less	Port Scan Hacking
🇺🇸 knock	2026-06-04 05:16:25 (1 day ago)	Knock-Knock honeypot brute-force: SMTP (7 total hits)	Brute-Force
🇬🇧 Joe-Mark	2026-06-03 19:12:31 (2 days ago)	Found romain marcoux malicious outgoing . proto=tcp . spt=60355 . dpt=25 . NFTABLES . (C ... show more Found romain marcoux malicious outgoing . proto=tcp . spt=60355 . dpt=25 . NFTABLES . (CCXXIV) show less	Email Spam
🇩🇪 CK_beats	2026-06-03 11:00:01 (2 days ago)	Blocked by os-abuseipdb on OPNsense firewall KN-FW01; 3 hits, proto=tcp, ports=25	Port Scan Hacking
🇦🇹 keechi	2026-06-02 22:01:08 (3 days ago)	2026-06-01T18:16:47.300525+02:00 nextcloudpi postfix/smtpd[2549732]: NOQUEUE: reject: RCPT from unkn ... show more 2026-06-01T18:16:47.300525+02:00 nextcloudpi postfix/smtpd[2549732]: NOQUEUE: reject: RCPT from unknown[161.248.147.102]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<WIN-CLJ1B0GQ6JP> ... show less	Brute-Force
🇳🇴 tmiland	2026-06-02 12:50:34 (3 days ago)	Suricata Detected 14 attacks from 161.248.147.102.; ET CINS Active Threat Intelligence Poor Reputati ... show more Suricata Detected 14 attacks from 161.248.147.102.; ET CINS Active Threat Intelligence Poor Reputation IP group 216; IP: 161.248.147.102; Ports: 55963; Direction: to_server; Trigger: CINS; Category: Misc Attack; Severity: 2 show less	Brute-Force
🇳🇱 BIV	2026-06-02 11:07:36 (3 days ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:Mailoney,tpot:P0f,tpot:Suricata. Ports: 25. Auto ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:Mailoney,tpot:P0f,tpot:Suricata. Ports: 25. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
Anonymous	2026-06-02 08:21:53 (3 days ago)	2026-06-02T10:21:52.863556+02:00 mx1 postfix/smtpd[1154789]: NOQUEUE: reject: RCPT from unknown[161. ... show more 2026-06-02T10:21:52.863556+02:00 mx1 postfix/smtpd[1154789]: NOQUEUE: reject: RCPT from unknown[161.248.147.102]: 504 5.5.2 <WIN-CLJ1B0GQ6JP>: Helo command rejected: need fully-qualified hostname; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<WIN-CLJ1B0GQ6JP> show less	Email Spam Brute-Force
🇦🇹 keechi	2026-06-01 16:16:49 (4 days ago)	2026-06-01T18:16:47.300525+02:00 nextcloudpi postfix/smtpd[2549732]: NOQUEUE: reject: RCPT from unkn ... show more 2026-06-01T18:16:47.300525+02:00 nextcloudpi postfix/smtpd[2549732]: NOQUEUE: reject: RCPT from unknown[161.248.147.102]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<WIN-CLJ1B0GQ6JP> ... show less	Brute-Force
🇳🇱 Hobby Bob	2026-06-01 04:36:08 (4 days ago)	Jun 1 04:36:08 server postfix/smtpd[1573399]: NOQUEUE: reject: RCPT from unknown[161.248.147.102]: 4 ... show more Jun 1 04:36:08 server postfix/smtpd[1573399]: NOQUEUE: reject: RCPT from unknown[161.248.147.102]: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo= show less	Email Spam
🇩🇪 ITSNF	2026-06-01 01:50:03 (4 days ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=25	Port Scan Hacking
🇩🇪 zupan	2026-06-01 00:41:21 (4 days ago)	Blocked by UFW on vps [25/tcp] \| SPT: 53895 \| TTL: 115 \| LEN: 52 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on vps [25/tcp] \| SPT: 53895 \| TTL: 115 \| LEN: 52 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Email Spam
🇺🇸 knock	2026-05-31 15:56:00 (5 days ago)	Knock-Knock honeypot brute-force: SMTP (6 total hits)	Brute-Force

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 203.154.158.195

🇺🇸 173.255.223.32

🇺🇸 91.230.168.90

🇰🇿 2.134.15.12

🇷🇴 2.57.121.25

🇳🇱 185.242.226.19

🇵🇱 143.20.97.216

🇵🇱 143.20.97.118

🇨🇳 123.145.37.170

🇨🇳 101.35.251.120

🇱🇹 81.30.98.142

🇳🇱 45.148.10.36

🇿🇦 185.132.186.8

🇨🇳 111.126.198.114

🇩🇪 91.99.117.254

🇺🇸 69.175.33.170

🇲🇽 206.135.24.10

🇩🇪 194.88.98.123

🇳🇱 185.226.197.59

🇳🇴 185.12.59.118