AbuseIPDB » 103.163.220.153

103.163.220.153 was found in our database!

This IP was reported 59 times. Confidence of Abuse is 36%: ?

36%

ISP	XS Usenet
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	xsusenet.com
Country	Japan
City	Asagaya-minami, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 103.163.220.153

Whois 103.163.220.153

IP Abuse Reports for 103.163.220.153:

This IP address has been reported a total of 59 times from 31 distinct sources. 103.163.220.153 was first reported on March 28th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
ThreatBook.io	2025-03-19 22:10:47 (1 week ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/103.163.220.153 ... show moreThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/103.163.220.153 2025-03-19 00:06:53 /fetch/aHR0cDovL2V4YW1wbGUuY29t 2025-03-19 08:00:00 /es/imageProxy?url=http://browserkernel.baidu.com/newpac31/videoproxy.conf.txt 2025-03-19 00:06:52 /finance/http:/example.com 2025-03-19 08:00:00 /es/api/request/aHR0cDovL2V4YW1wbGUuY29t show less	Web App Attack
ThreatBook.io	2025-03-15 22:14:09 (1 week ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/103.163.220.153 ... show moreThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/103.163.220.153 2025-03-15 21:36:33 /websphere/api/proxy/aHR0cDovL2V4YW1wbGUuY29t 2025-03-15 21:36:33 /web/get-url?url=http://browserkernel.baidu.com/newpac31/videoproxy.conf.txt 2025-03-15 12:06:09 /nagios/api/v1/file?url=http://browserkernel.baidu.com/newpac31/videoproxy.conf.txt 2025-03-15 13:38:42 /zabbix/get/aHR0cDovL2V4YW1wbGUuY29t 2025-03-15 21:36:34 /sphere/http:/example.com 2025-03-15 10:55:48 /nagiosna/nagios/file/download?url=http://browserkernel.baidu.com/newpac31/videoproxy.conf.txt 2025-03-15 12:06:09 /nagios/api/download/file?url=http://browserkernel.baidu.com/newpac31/videoproxy.conf.txt 2025-03-15 13:38:42 /bix/api/debug/aHR0cDovL2V4YW1wbGUuY29t 2025-03-15 21:36:33 /web/http:/example.com 2025-03-15 12:06:09 /nagios/api/proxy-file?url=http://browserkernel.baidu.com/newpac31/videoproxy.conf.txt show less	Web App Attack
rtbh.com.tr	2025-02-17 20:49:44 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
pusathosting.com	2025-02-16 13:10:03 (1 month ago)	2ds22 bruteforce	Brute-Force Web App Attack
screwlooseit.com.au	2025-02-15 16:59:12 (1 month ago)	Blocked by CSF 14 firewall - Rule: WPLOGIN -	Web App Attack
gu-alvareza	2025-02-15 07:05:19 (1 month ago)	Rhinosoft.Servu.Session.Cookie.Buffer.Overflow	Hacking
Anonymous	2025-02-14 23:43:50 (1 month ago)	WordPress Bruteforce on Authentication page	Web App Attack
TPI-Abuse	2025-02-14 22:17:09 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.163.220.153 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:240335) triggered by 103.163.220.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 14 17:17:03.055118 2025] [security2:error] [pid 852:tid 852] [client 103.163.220.153:7737] [client 103.163.220.153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.163.220.153 (+1 hits since last alert)|celebritybikinigossip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celebritybikinigossip.com"] [uri "/xmlrpc.php"] [unique_id "Z6_A3_7a9N9FaNhZRzoPcQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-02-14 13:33:54 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 103.163.220.153 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:225170) triggered by 103.163.220.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 14 08:33:47.406133 2025] [security2:error] [pid 845870:tid 845870] [client 103.163.220.153:38321] [client 103.163.220.153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.aholsniffsglue.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.aholsniffsglue.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z69GO9dpA01KcAQ6q7pm6QAAAAc"], referer: https://ae-tuning.ru//wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
octageeks.com	2025-02-14 05:07:21 (1 month ago)	Wordpress malicious attack:[octawp]	Web App Attack
VHosting	2025-02-14 03:05:12 (1 month ago)	Attempt from 103.163.220.153, reason: FailedCaptchaVerify	DDoS Attack Bad Web Bot
Roderic	2025-02-13 18:28:07 (1 month ago)	(wordpress) Failed wordpress login from 103.163.220.153 (JP/Japan/-)	Brute-Force
Rizzy	2025-02-13 18:19:22 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
screwlooseit.com.au	2025-02-13 12:15:20 (1 month ago)	Blocked by CSF 14 firewall - Rule: WPLOGIN -	Web App Attack
Anonymous	2025-02-13 06:46:13 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩