JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.148.103.73

220.148.103.73 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 79%: ?

79%

ISP	TOKAI Communications Corporation
Usage Type	Commercial
ASN	AS10010
Hostname(s)	73.net220148103.t-com.ne.jp
Domain Name	tokai.or.jp
Country	🇯🇵 Japan
City	Hachioji, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.148.103.73

Whois 220.148.103.73

IP Abuse Reports for 220.148.103.73:

This IP address has been reported a total of 31 times from 23 distinct sources. 220.148.103.73 was first reported on May 30th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 INTEQ	2026-06-05 16:59:24 (2 weeks ago)	Web attack from 220.148.103.73	Web App Attack
🇩🇪 rh24	2026-06-05 12:02:49 (2 weeks ago)	(wordpress) Failed wordpress login from 220.148.103.73 (JP/Japan/73.net220148103.t-com.ne.jp): (CF_ ... show more (wordpress) Failed wordpress login from 220.148.103.73 (JP/Japan/73.net220148103.t-com.ne.jp): (CF_ENABLE) show less	Brute-Force
🇳🇱 Site.eu	2026-06-05 07:20:30 (2 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-04 22:45:19 (2 weeks ago)	Web attack blocked by Wordfence on mezzia.nl (2 hits). Reported by CRMON.	Web App Attack
🇳🇱 Libra	2026-06-04 14:24:39 (2 weeks ago)	Fail2ban jail=wordpress-hard increase=2	Brute-Force
🇩🇪 4server	2026-06-04 10:17:53 (2 weeks ago)	[ThuJun0412:17:46.0733572026][security2:error][pid3184967:tid3184992][client220.148.103.73:0]ModSecu ... show more [ThuJun0412:17:46.0733572026][security2:error][pid3184967:tid3184992][client220.148.103.73:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"chesasilva.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiFQyizDkiE8OnJLKYs3AwAAAAU\"] show less	Port Scan Brute-Force Web App Attack
🇲🇽 octageeks.com	2026-06-04 04:16:08 (2 weeks ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 18:08:00 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 220.148.103.73 (73.net220148103.t-com.ne.jp): 1 ... show more (mod_security) mod_security (id:225170) triggered by 220.148.103.73 (73.net220148103.t-com.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:07:52.624250 2026] [security2:error] [pid 25780:tid 25780] [client 220.148.103.73:5723] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|persnicketyinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiBteFu5kACpXoc3e8ILjgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-03 17:30:29 (2 weeks ago)	(wordpress) Failed wordpress login from 220.148.103.73 (JP/Japan/73.net220148103.t-com.ne.jp)	Brute-Force
Anonymous	2026-06-03 09:30:38 (2 weeks ago)	220.148.103.73 - - [03/Jun/2026:11:25:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Mozilla/5.0 ... show more 220.148.103.73 - - [03/Jun/2026:11:25:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/15.0.0.0 Safari/537.36" 220.148.103.73 - - [03/Jun/2026:11:25:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 657 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/15.0.0.0 Safari/537.36" 220.148.103.73 - - [03/Jun/2026:11:29:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 657 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/80.0.0.0 Safari/537.36" 220.148.103.73 - - [03/Jun/2026:11:29:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/80.0.0.0 Safari/537.36" 220.148.103.73 - - [03/Jun/2026:11:30:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 09:23:18 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 220.148.103.73 (73.net220148103.t-com.ne.jp): 1 ... show more (mod_security) mod_security (id:225170) triggered by 220.148.103.73 (73.net220148103.t-com.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 05:23:10.540781 2026] [security2:error] [pid 11797:tid 11835] [client 220.148.103.73:10749] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|frannykingsmith.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "frannykingsmith.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah_yfhBDoeM7O1okNTkMAAAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2026-06-03 05:37:28 (2 weeks ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇨🇭 4server	2026-06-02 19:35:05 (2 weeks ago)	[TueJun0221:34:56.4364782026][security2:error][pid3417430:tid3417739][client220.148.103.73:0]ModSecu ... show more [TueJun0221:34:56.4364782026][security2:error][pid3417430:tid3417739][client220.148.103.73:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"verticalti.ch\"][uri\"/xmlrpc.php\"][unique_id\"ah8wYKcVUSZIzD-dlpohUgAAAME\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 18:04:44 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 220.148.103.73 (73.net220148103.t-com.ne.jp): 1 ... show more (mod_security) mod_security (id:225170) triggered by 220.148.103.73 (73.net220148103.t-com.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:04:39.231215 2026] [security2:error] [pid 3714:tid 3714] [client 220.148.103.73:3071] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theopinionatedowl.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theopinionatedowl.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah8bN1E0p95W5zFgJUwgnAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ph	2026-06-02 12:55:19 (2 weeks ago)	Bad web bot attempting to run xmlrpc.php on non-WP site	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.106

🇦🇫 149.54.51.82

🇨🇳 101.71.69.21

🇳🇱 91.92.42.7

🇺🇸 66.240.192.138

🇨🇳 61.155.106.101

🇧🇷 45.164.251.106

🇳🇱 45.148.10.152

🇹🇷 31.145.131.202

🇷🇴 193.32.162.16

🇺🇸 162.216.150.152

🇫🇮 147.185.133.220

🇺🇸 146.190.134.221

🇨🇳 118.196.114.236

🇰🇷 59.14.191.130

🇸🇬 43.173.182.35

🇨🇳 183.155.246.51

🇫🇮 172.217.37.155

🇷🇺 171.22.133.82

🇩🇪 167.94.146.66