JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.163.220.102

103.163.220.102 was found in our database!

This IP was reported 191 times. Confidence of Abuse is 50%: ?

50%

ISP	XS Usenet
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	xsusenet.com
Country	🇯🇵 Japan
City	Asagaya-minami, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.163.220.102

Whois 103.163.220.102

IP Abuse Reports for 103.163.220.102:

This IP address has been reported a total of 191 times from 85 distinct sources. 103.163.220.102 was first reported on October 7th 2022, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-23 20:25:11 (5 days ago)	Aggressive web search of vulnerable pages: /wp-admin/includes/config.php /wp-includes/common.php /wp ... show more Aggressive web search of vulnerable pages: /wp-admin/includes/config.php /wp-includes/common.php /wp-includes/images/wp-load.php /wp-includes/j ... show less	Web App Attack
🇬🇧 consul.to	2026-06-23 18:19:20 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇿 ddw	2026-06-23 16:40:29 (5 days ago)	Access Violation Attempts - Multiple 403 Forbidden responses.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 09:29:40 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 103.163.220.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 103.163.220.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 05:29:34.251853 2026] [security2:error] [pid 26056:tid 26078] [client 103.163.220.102:34099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.managementlaw.property-management-companies-chicago.com"] [uri "/wp-includes/wp-config.php"] [unique_id "ajpR_hglRFPODIoT9qBVowAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 middelkoopcc	2026-06-10 20:20:05 (2 weeks ago)	2026-06-10 22:15:41 [remote 103.163.220.102:37919] AH01276: Cannot serve directory /<redacted>/wp-ad ... show more 2026-06-10 22:15:41 [remote 103.163.220.102:37919] AH01276: Cannot serve directory /<redacted>/wp-admin/css/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive, referer: <redacted> && 2026-06-10 22:15:44 [remote 103.163.220.102:37919] AH01276: Cannot serve directory /<redacted>/wp-content/uploads/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive, referer: <redacted> && 2026-06-10 22:15:53 [remote 103.163.220.102:37919] AH01276: Cannot serve directory /<redacted>/wp-admin/js/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive, referer: <redacted> && 78 more within 20 minutes show less	Web App Attack
🇫🇷 solution.it	2026-06-10 20:09:51 (2 weeks ago)	[Wed Jun 10 22:09:50.972875 2026] [php7:error] [pid 2698095:tid 2698095] [client 103.163.220.102:326 ... show more [Wed Jun 10 22:09:50.972875 2026] [php7:error] [pid 2698095:tid 2698095] [client 103.163.220.102:32621] script '/var/www/html/blog.solution.it/wp-includes/users.php' not found or unable to stat, referer: http://blog.solution.it/wp-includes/users.php show less	Web App Attack
🇫🇷 Octopuce	2026-06-05 20:01:27 (3 weeks ago)	Aggressive web search of vulnerable pages: /wp-includes/home.php /cgi-bin/cgi-bin/cgi-bin/upload.php ... show more Aggressive web search of vulnerable pages: /wp-includes/home.php /cgi-bin/cgi-bin/cgi-bin/upload.php /cgi-bin/cgi-bin/panel.php /wp-includes/js ... show less	Web App Attack
🇺🇸 Jason Howell	2026-06-05 07:11:56 (3 weeks ago)	103.163.220.102 - - [05/Jun/2026:02:11:46 -0500] "GET /wp-includes/Requests/src/Exception/wp-login.p ... show more 103.163.220.102 - - [05/Jun/2026:02:11:46 -0500] "GET /wp-includes/Requests/src/Exception/wp-login.php HTTP/1.1" 301 370 "http://devilsglenstorage.com/wp-includes/Requests/src/Exception/wp-login.php" "Go-http-client/1.1" 103.163.220.102 - - [05/Jun/2026:02:11:48 -0500] "GET /wp-includes/sodium_compat/src/Core/wp-login.php HTTP/1.1" 301 370 "http://devilsglenstorage.com/wp-includes/sodium_compat/src/Core/wp-login.php" "Go-http-client/1.1" 103.163.220.102 - - [05/Jun/2026:02:11:51 -0500] "GET /wp-includes/sitemaps/wp-login.php HTTP/1.1" 301 356 "http://devilsglenstorage.com/wp-includes/sitemaps/wp-login.php" "Go-http-client/1.1" 103.163.220.102 - - [05/Jun/2026:02:11:54 -0500] "GET /wp-includes/blocks/pullquote/wp-login.php HTTP/1.1" 301 364 "http://devilsglenstorage.com/wp-includes/blocks/pullquote/wp-login.php" "Go-http-client/1.1" 103.163.220.102 - - [05/Jun/2026:02:11:56 -0500] "GET /wp-includes/blocks/query-title/wp-login.php HTTP/1.1" 301 366 "http://devilsglenstorage.com/wp-includ ... show less	Web App Attack
🇨🇭 backslash	2026-06-04 21:48:00 (3 weeks ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 ghostwarriors	2026-05-31 04:20:30 (4 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-28 06:50:07 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-08 03:15:52 (1 month ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin	Web App Attack
🇧🇷 Halux	2026-05-02 06:26:55 (1 month ago)	103.163.220.102 Probing protected path or service	Web App Attack
🇺🇸 mnsf	2026-05-01 19:05:14 (1 month ago)	Too many Status 40X (11)	Brute-Force Web App Attack
Anonymous	2026-05-01 17:18:56 (1 month ago)	103.163.220.102 - - [01/May/2026:19:18:52 +0200] "GET /wp-content/plugins/dummyyummy/wp-signup.php H ... show more 103.163.220.102 - - [01/May/2026:19:18:52 +0200] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.0" 404 62101 "-" "Go-http-client/1.1" 103.163.220.102 - - [01/May/2026:19:18:53 +0200] "GET /wp-content/plugins/dummyyummy/wp-signup.php HTTP/1.1" 404 14517 "-" "Go-http-client/1.1" 103.163.220.102 - - [01/May/2026:19:18:53 +0200] "GET /wp-content/plugins/dzs-zoomsounds/1877.php HTTP/1.0" 404 62101 "-" "Go-http-client/1.1" 103.163.220.102 - - [01/May/2026:19:18:54 +0200] "GET /wp-content/plugins/dzs-zoomsounds/1877.php HTTP/1.1" 404 14517 "-" "Go-http-client/1.1" 103.163.220.102 - - [01/May/2026:19:18:55 +0200] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.0" 404 62101 "-" "Go-http-client/1.1" ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 191 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 201.46.124.0

🇦🇷 186.122.89.3

🇺🇸 96.78.175.41

🇷🇺 91.219.148.124

🇺🇸 66.132.186.127

🇧🇷 43.164.194.33

🇺🇸 2602:feda:f39d:886f:b2c1:b03b:f042:ad6c

🇰🇷 211.228.218.47

🇺🇸 172.171.244.250

🇰🇷 121.135.119.71

🇳🇱 45.148.10.151

🇺🇿 213.230.127.104

🇺🇸 74.104.162.110

🇺🇸 74.7.227.144

🇺🇸 67.205.146.5

🇺🇸 47.251.45.2

🇭🇰 43.132.150.89

🇨🇷 201.202.14.248

🇮🇳 185.100.212.141

🇻🇳 160.191.244.158