JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.163.220.195

103.163.220.195 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 38%: ?

38%

ISP	XS Usenet
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	xsusenet.com
Country	🇯🇵 Japan
City	Asagaya-minami, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.163.220.195

Whois 103.163.220.195

IP Abuse Reports for 103.163.220.195:

This IP address has been reported a total of 177 times from 81 distinct sources. 103.163.220.195 was first reported on March 17th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 ki3	2026-06-21 17:28:51 (1 week ago)	Fail2Ban: Web App Attacks and Forum Spam 103.163.220.195 1782062930(JST)	Web Spam Bad Web Bot Web App Attack
Anonymous	2026-06-21 01:47:08 (1 week ago)	103.163.220.195 - - [21/Jun/2026:03:47:04 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://fem ... show more 103.163.220.195 - - [21/Jun/2026:03:47:04 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" 103.163.220.195 - - [21/Jun/2026:03:47:05 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.3124.85" 103.163.220.195 - - [21/Jun/2026:03:47:05 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.3124.85" 103.163.220.195 - - [21/Jun/2026:03:47:06 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136 ... show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-16 22:08:20 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-14 12:38:33 (2 weeks ago)	Banned by Fail2Ban on server	Web App Attack
Anonymous	2026-06-12 10:07:17 (2 weeks ago)	[ns65.kdns.gr] httpd-suspicious-path: sites=hatzifotis.gr; logs=/var/log/httpd/domains/hatzifotis.gr ... show more [ns65.kdns.gr] httpd-suspicious-path: sites=hatzifotis.gr; logs=/var/log/httpd/domains/hatzifotis.gr.log; samples=/wp-content/plugins/wp-duplicate-page/config.php \| /wp-content/plugins/wp-settings.php \| /wp-content/languages/plugins/load.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-11 12:30:42 (2 weeks ago)	(y4) Failed scan -byebye- from 103.163.220.195 (JP/Japan/-): (CF_ENABLE)	Hacking
🇳🇱 Site.eu	2026-06-09 09:46:52 (2 weeks ago)	Excessive 404/403 errors	Brute-Force
Anonymous	2026-06-09 04:23:59 (2 weeks ago)	103.163.220.195 - - [09/Jun/2026:06:23:56 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://fem ... show more 103.163.220.195 - - [09/Jun/2026:06:23:56 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 OPR/120.0.0.0" 103.163.220.195 - - [09/Jun/2026:06:23:56 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36" 103.163.220.195 - - [09/Jun/2026:06:23:57 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/138.0" 103.163.220.195 - - [09/Jun/2026:06:23:58 +0200] "POST /wp-login.php HTTP/1.1" 200 7226 "https://femmestylista.co.bw/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.3124.85" 103.163.220.195 - - [09/Jun/2 ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-03 09:31:57 (1 month ago)	(mod_security) mod_security (id:240000) triggered by 103.163.220.195 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240000) triggered by 103.163.220.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 05:31:52.826655 2026] [security2:error] [pid 32759:tid 32759] [client 103.163.220.195:57049] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|homeschoolwv.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "homeschoolwv.com"] [uri "/images/stories/themes.php"] [unique_id "afcWCKBW89J7yFNgFMvhxgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-04-26 22:04:00 (2 months ago)	ThreatBook Intelligence: Scanner,Dynamic IP more details on https://threatbook.io/ip/103.163.220.195 ... show more ThreatBook Intelligence: Scanner,Dynamic IP more details on https://threatbook.io/ip/103.163.220.195 2026-04-26 12:32:11 /lianruan/ConfigManage/devInfo.htm?act=checkIPExists 2026-04-26 12:32:21 /api/auth.htm?act=getMacAddress&jsoncallback=? 2026-04-26 11:57:09 / 2026-04-26 12:22:27 /ai-gitlab/ 2026-04-26 12:37:22 / 2026-04-26 12:32:10 /lianruan/md5.min.js 2026-04-26 12:25:09 /mail/ 2026-04-26 12:32:09 /lianruan/webauth-zh_CN.js 2026-04-26 12:32:11 /auth/index.html/u 2026-04-26 12:37:24 /never_exists_files.xxx/ show less	Web App Attack
Anonymous	2026-04-17 20:54:44 (2 months ago)	Credential Stuffing attacks against Microsoft 365	Brute-Force
🇩🇪 EGP Abuse Dept	2026-04-16 06:05:32 (2 months ago)	Scanning for web/db/file exploits on tpc-044.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack
🇺🇸 etu brutus	2026-04-15 23:34:16 (2 months ago)	103.163.220.195 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-04-10 22:05:30 (2 months ago)	ThreatBook Intelligence: Scanner,Dynamic IP more details on https://threatbook.io/ip/103.163.220.195 ... show more ThreatBook Intelligence: Scanner,Dynamic IP more details on https://threatbook.io/ip/103.163.220.195 2026-04-10 00:53:00 /?../../../../../../etc/passwd 2026-04-10 06:12:16 /?/etc/passwd 2026-04-10 03:41:35 /?/etc/passwd 2026-04-10 20:47:57 /login/?../../../../../../etc/passwd show less	Web App Attack
🇬🇧 consul.to	2026-04-09 00:24:03 (2 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 111.198.26.62

🇷🇺 91.135.221.206

🇺🇸 67.205.167.64

🇸🇬 47.84.194.39

🇭🇰 8.218.165.226

🇨🇳 220.250.11.124

🇰🇷 211.254.212.59

🇳🇱 188.166.104.57

🇳🇱 188.166.68.252

🇭🇰 118.26.39.178

🇺🇸 104.248.60.173

🇸🇪 104.23.217.123

🇺🇸 65.49.1.125

🇺🇸 64.62.156.223

🇨🇳 58.212.237.37

🇳🇱 45.148.10.240

🇸🇬 45.78.194.186

🇪🇬 41.39.141.6

🇵🇪 38.25.99.105

🇭🇰 8.218.155.47