JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.45.143.73

103.45.143.73 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 100%: ?

100%

ISP	Juzhi technology co., ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS151185
Domain Name	jzid.net
Country	🇨🇳 China
City	Wuhan, Hubei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.45.143.73

Whois 103.45.143.73

IP Abuse Reports for 103.45.143.73:

This IP address has been reported a total of 42 times from 40 distinct sources. 103.45.143.73 was first reported on June 20th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 mkey	2026-06-26 08:12:49 (18 hours ago)	[First: 2026-06-25 15:07:59/single] HITS=1 Repeated suspicious IDS-detected activity; sample=Attempt ... show more [First: 2026-06-25 15:07:59/single] HITS=1 Repeated suspicious IDS-detected activity; sample=Attempting to connect to a forbidden port show less	Port Scan Hacking Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-25 21:36:11 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-17)	Hacking Bad Web Bot
🇫🇷 LRNP	2026-06-25 19:59:00 (1 day ago)	_:80 103.45.143.73 - - [25/Jun/2026:19:56:19 +0000] "GET /index.action HTTP/1.1" 404 181 "-" "Mozill ... show more _:80 103.45.143.73 - - [25/Jun/2026:19:56:19 +0000] "GET /index.action HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" _:80 103.45.143.73 - - [25/Jun/2026:19:56:31 +0000] "GET /login.action HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" _:80 103.45.143.73 - - [25/Jun/2026:19:56:45 +0000] "GET /index.do HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" _:80 103.45.143.73 - - [25/Jun/2026:19:56:56 +0000] "GET /index.jsp HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" _:80 103.45.143.73 - - [25/Jun/2026:19:57:11 +0000] "GET /login.do HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) Apple ... show less	Bad Web Bot Web App Attack
🇳🇱 Yachiyo Runami	2026-06-25 17:01:23 (1 day ago)	Port Scan on Honeypot \| Ports: 8080/HTTP-proxy \| Proto: TCP(1) \| Flags: all SYN \| TTL: 229 \| Len: 40 ... show more Port Scan on Honeypot \| Ports: 8080/HTTP-proxy \| Proto: TCP(1) \| Flags: all SYN \| TTL: 229 \| Len: 40B \| Win: 1024(1) \| F2B/ufw-honeypot@2026-06-25T17:01:23Z show less	Port Scan Hacking
🇹🇷 muratkaya665	2026-06-25 15:52:24 (1 day ago)	IPS Attack Blocked by server.mura****.com.tr Fortigate-80E. Attack Name: Apache.Struts.2.Jakarta.M ... show more IPS Attack Blocked by server.mura****.com.tr Fortigate-80E. Attack Name: Apache.Struts.2.Jakarta.Multipart.Parser.Code.Execution. Dest Port: 80. Service: HTTP. Message: apache: Apache.Struts.2.Jakarta.Multipart.Parser.Code.Execution. show less	Hacking
🇩🇪 gadix	2026-06-25 13:55:52 (1 day ago)	[25/Jun/2026:15:55:29.924959 +0200] aj0zUbQTJr7c8LH9RSJOmgAAAAk 103.45.143.73 56884 127.0.0.1 7080 [ ... show more [25/Jun/2026:15:55:29.924959 +0200] aj0zUbQTJr7c8LH9RSJOmgAAAAk 103.45.143.73 56884 127.0.0.1 7080 [25/Jun/2026:15:55:40.604326 +0200] aj0zXG8wV8726EfWfpfpbAAAAAM 103.45.143.73 48046 127.0.0.1 7080 [25/Jun/2026:15:55:51.446284 +0200] aj0zZ89hnsYLWaoZ443e-gAAAAg 103.45.143.73 38588 127.0.0.1 7080 ... show less	Web App Attack
🇺🇸 RogueAutomata	2026-06-25 13:44:04 (1 day ago)	Detected malicious request: GET / Detections triggered: Access via IP addr (v4)	Web App Attack
🇳🇵 radheykrishna.com.np	2026-06-25 08:21:05 (1 day ago)	Jun 25 14:06:04 kernel: [5865520.942875] [UFW BLOCK] IN=ens160 OUT= SRC=103.45.143.73 LEN=40 TOS=0x0 ... show more Jun 25 14:06:04 kernel: [5865520.942875] [UFW BLOCK] IN=ens160 OUT= SRC=103.45.143.73 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=38786 PROTO=TCP SPT=55658 DPT=8080 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇱🇹 Evag Touf	2026-06-25 03:13:18 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 103.45.143.73 (CN/China/-)	SQL Injection
🇩🇪 DEV-DNS	2026-06-25 02:34:47 (2 days ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
Anonymous	2026-06-25 02:32:29 (2 days ago)	IP banned by Fail2Ban	Brute-Force SSH
🇦🇺 artful	2026-06-24 23:35:00 (2 days ago)	Excessive errors in recent hours	Web App Attack
🇺🇸 itsnixk	2026-06-24 22:39:43 (2 days ago)	(mod_security) mod_security (id:920350) triggered by 103.45.143.73 (CN/China/-): 1 in the last 3600 ... show more (mod_security) mod_security (id:920350) triggered by 103.45.143.73 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 18:39:42.939258 2026] [security2:error] [pid 825015:tid 825132] [client 103.45.143.73:54812] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "ajxcrq6nkQcNHVWgFBX6tAAAACI"] show less	Port Scan
🇩🇪 XICTRON	2026-06-24 22:15:05 (2 days ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
Anonymous	2026-06-24 22:09:02 (2 days ago)	PROTO=TCP DPT=8080	Port Scan Hacking

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 91.231.89.155

🇫🇷 209.242.192.217

🇺🇸 207.46.13.54

🇨🇷 186.177.88.23

🇺🇸 162.216.149.184

🇸🇪 141.138.212.9

🇨🇳 111.113.89.88

🇺🇦 93.170.68.197

🇫🇷 91.196.152.89

🇩🇪 91.137.18.0

🇳🇱 91.92.40.6

🇺🇸 74.114.29.220

🇩🇪 64.89.163.168

🇨🇳 58.19.106.58

🇧🇴 190.181.4.12

🇺🇸 162.216.149.161

🇸🇬 152.32.218.30

🇨🇳 115.191.7.28

🇨🇳 112.87.222.138

🇷🇴 92.118.39.71