JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.163.220.30

103.163.220.30 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 100%: ?

100%

ISP	XS Usenet
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	xsusenet.com
Country	🇯🇵 Japan
City	Asagaya-minami, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.163.220.30

Whois 103.163.220.30

IP Abuse Reports for 103.163.220.30:

This IP address has been reported a total of 174 times from 84 distinct sources. 103.163.220.30 was first reported on March 5th 2023, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BlueWire Hosting	2026-06-21 06:44:50 (10 hours ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-06-21 02:07:11 (15 hours ago)	Banned by Fail2Ban on server	Web App Attack
🇩🇪 ghostwarriors	2026-06-21 00:20:28 (16 hours ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-20 23:07:04 (18 hours ago)	Bot / scanning and/or hacking attempts: GET /wp-includes/assets/certificates/ HTTP/1.1, GET /wp-admi ... show more Bot / scanning and/or hacking attempts: GET /wp-includes/assets/certificates/ HTTP/1.1, GET /wp-admin/admin-post-interpreter.php HTTP/1.1, GET /wp-includes/api.php HTTP/1.1, GET /well-known/config.php HTTP/1.1, GET /wp-admin/wp-conflg.php HTTP/1.1, GET /wp-admin/panel.php HTTP/1.1, GET /licenses/images/widgets/ HTTP/1.1, GET /wp-includes/interactivity-api/block-bindings/ HTTP/1.1, GET /wp-content/chand.php HTTP/1.1, GET /wp-includes/PHPMailer/Newspaper/includes/ HTTP/1.1, GET /cgi-bin/wp-conflg.php HTTP/1.1, GET /wp-content/wp-cron.php HTTP/1.1, GET /wp-includes/html-api/chosen.php HTTP/1.1, GET /wp-content/fonts/ HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 findlab	2026-06-20 23:01:03 (18 hours ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇷🇴 iulianh	2026-06-20 21:17:06 (20 hours ago)	80,443	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-20 09:11:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.163.220.30 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.163.220.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:11:15.823714 2026] [security2:error] [pid 5672:tid 5672] [client 103.163.220.30:25567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonytremblayauthor.com"] [uri "/wp-content/wp-config.php"] [unique_id "ajZZM9WkPMpk1cctgCbRtQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-19 13:31:01 (2 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195) show less	Bad Web Bot
Anonymous	2026-06-18 13:21:53 (3 days ago)	Banned by Fail2Ban on server	Web App Attack
🇩🇪 FeG Deutschland	2026-06-18 13:10:14 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇪🇸 masterguru	2026-06-18 06:44:30 (3 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇷🇴 andreighitan	2026-06-01 00:00:00 (2 weeks ago)	Coordinated attack against 84.46.253.134. Webshell scanning + credential harvesting. Active May-Jun ... show more Coordinated attack against 84.46.253.134. Webshell scanning + credential harvesting. Active May-Jun 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Brute-Force
🇺🇦 URAN Publishing Service	2026-05-27 14:43:04 (3 weeks ago)	103.163.220.30 - - [27/May/2026:17:43:03 +0300] "GET /wp-content/uploads/admin.php HTTP/1.1" 404 707 ... show more 103.163.220.30 - - [27/May/2026:17:43:03 +0300] "GET /wp-content/uploads/admin.php HTTP/1.1" 404 707 "-" "Go-http-client/1.1" ... show less	Web App Attack
Anonymous	2026-05-27 14:38:14 (3 weeks ago)	[Wed May 27 16:38:03.419059 2026] [proxy_fcgi:error] [pid 12907:tid 12950] [client 103.163.220.30:34 ... show more [Wed May 27 16:38:03.419059 2026] [proxy_fcgi:error] [pid 12907:tid 12950] [client 103.163.220.30:34389] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/wp-content/uploads/config.php [Wed May 27 16:38:04.685522 2026] [proxy_fcgi:error] [pid 12907:tid 12941] [client 103.163.220.30:34389] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/wp-content/plugins/hello.php [Wed May 27 16:38:05.352995 2026] [proxy_fcgi:error] [pid 12907:tid 12936] [client 103.163.220.30:34389] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/system.php [Wed May 27 16:38:11.060873 2026] [proxy_fcgi:error] [pid 12907:tid 12958] [client 103.163.220.30:34389] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/log.php [Wed May 27 16:38:12.986128 2026] [proxy_fcgi:error] [pid 12907:tid 12952] [client 103.163.220.30:34389] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/simple.php ... show less	Brute-Force Web App Attack
🇩🇪 iNetWorker	2026-05-27 14:12:49 (3 weeks ago)	trolling for resource vulnerabilities	Web App Attack

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 203.76.220.248

🇳🇱 176.65.149.30

🇨🇳 124.95.146.203

🇵🇱 87.251.64.155

🇷🇴 80.94.92.166

🇨🇳 60.12.106.119

🇰🇷 58.65.96.141

🇲🇾 49.124.159.184

🇺🇸 34.169.165.107

🇺🇸 3.238.100.192

🇬🇧 2a06:4880:c000::f3

🇷🇺 217.168.240.63

🇺🇸 192.236.244.137

🇳🇱 160.119.69.16

🇺🇸 107.21.195.139

🇺🇸 73.96.193.26

🇸🇬 18.140.44.23

🇰🇷 14.48.240.75

🇨🇳 218.94.25.243

🇳🇱 204.76.203.219