JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.89.152.4

103.89.152.4 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 32%: ?

32%

ISP	Mobin Net
Usage Type	Fixed Line ISP
ASN	AS136479
Domain Name	mobinnet.af
Country	🇦🇫 Afghanistan
City	Kandahar, Kandahar

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.89.152.4

Whois 103.89.152.4

IP Abuse Reports for 103.89.152.4:

This IP address has been reported a total of 132 times from 29 distinct sources. 103.89.152.4 was first reported on December 24th 2020, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 hghosting	2026-06-05 05:21:02 (5 days ago)	CrowdSec auto-report: crowdsecurity/suricata-major-severity — 1 events	Brute-Force SSH
🇫🇷 Version Net	2026-06-04 18:42:26 (6 days ago)	IPS Detection: JAWS.DVR.CCTV.Shell.Unauthenticated.Command.Execution	Hacking
🇺🇸 xmission.com	2026-06-03 20:31:57 (6 days ago)	Blocked by UFW (TCP on 80) Source port: 31954 TTL: 43 Packet length: 44 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 31954 TTL: 43 Packet length: 44 TOS: 0x00 This report (for 103.89.152.4) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2026-06-03 10:59:29 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 3f99e09e-d450-49c0-a2ce-b3198b9521cc	DDoS Attack
🇩🇪 evilazrael.de	2026-03-17 06:18:29 (2 months ago)	Mail sent to address hacked/leaked from Gamigo	Email Spam
🇺🇸 matt	2026-03-04 00:05:35 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇺🇸 matt	2026-03-02 21:04:27 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇩🇪 IP Analyzer	2024-07-23 09:30:31 (1 year ago)	Unauthorized connection attempt from IP address 103.89.152.4 on Port 445(SMB)	Port Scan
🇪🇸 didevi	2023-11-09 09:21:17 (2 years ago)	Attempted Email Brute Force Attack	Brute-Force
🇷🇸 Smel	2023-11-07 16:04:22 (2 years ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇿🇦 IrisFlower	2023-04-17 04:24:35 (3 years ago)	Unauthorized connection attempt detected from IP address 103.89.152.4 to port 8080 [J]	Port Scan Hacking
🇷🇸 Smel	2023-04-16 18:33:20 (3 years ago)	Unauthorized Probe/Connection, Hack -	Port Scan Hacking
🇨🇳 ThreatBook.io	2023-04-14 23:44:56 (3 years ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/103.89.152.4 202 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/103.89.152.4 2023-04-14 00:18:48 ["enable","system","shell","sh","cat /proc/mounts; /bin/busybox TEYDJ"] show less	Brute-Force
🇿🇦 IrisFlower	2023-04-08 20:23:01 (3 years ago)	Unauthorized connection attempt detected from IP address 103.89.152.4 to port 8080 [J]	Port Scan Hacking

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 2a09:bac1:31a0:8::247:10f

🇳🇱 217.60.195.25

🇸🇬 34.142.205.252

🇭🇰 165.154.41.97

🇺🇸 135.232.208.155

🇮🇳 122.170.115.173

🇺🇸 107.197.183.81

🇺🇸 103.219.170.37

🇰🇪 102.206.97.46

🇱🇹 77.90.185.91

🇺🇸 45.156.129.137

🇭🇰 42.200.78.166

🇰🇷 1.177.63.16

🇷🇴 193.46.255.86

🇺🇸 162.216.16.86

🇮🇳 152.52.236.122

🇳🇱 45.142.193.35

🇿🇲 41.63.63.211

🇨🇳 14.103.117.88

🇳🇱 134.122.48.159