JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.206.97.139

103.206.97.139 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 66%: ?

66%

ISP	Starnet Broaband Services private limited
Usage Type	Fixed Line ISP
ASN	AS137085
Domain Name	starnet.cz
Country	🇮🇳 India
City	Jind, Haryana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.206.97.139

Whois 103.206.97.139

IP Abuse Reports for 103.206.97.139:

This IP address has been reported a total of 39 times from 26 distinct sources. 103.206.97.139 was first reported on January 29th 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 WeekendWeb	2026-06-23 03:54:04 (1 hour ago)	Wordpress Vunerability attack	Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-22 10:00:37 (19 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/-	Web App Attack
Anonymous	2026-06-22 09:34:47 (20 hours ago)	103.206.97.139 - - [22/Jun/2026:11:34:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by ... show more 103.206.97.139 - - [22/Jun/2026:11:34:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" 103.206.97.139 - - [22/Jun/2026:11:34:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" 103.206.97.139 - - [22/Jun/2026:11:34:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com" 103.206.97.139 - - [22/Jun/2026:11:34:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 103.206.97.139 - - [22/Jun/2026:11:34:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack/12.5; WordPress/6.2; http://site24891555.com" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-22 08:44:09 (20 hours ago)	Attac	Brute-Force
🇹🇷 ycoskun41	2026-06-22 04:59:22 (1 day ago)	fail2ban: plesk-modsecurity jail on genckocaeli.com	Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-20 05:39:23 (3 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/-	Web App Attack
🇩🇪 YF	2026-06-19 14:10:30 (3 days ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇩🇪 dbmwebdesign	2026-06-12 04:45:14 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 rh24	2026-06-11 11:43:29 (1 week ago)	(wordpress) Failed wordpress login from 103.206.97.139 (IN/India/139-97-206-103.anonet.in): (CF_ENA ... show more (wordpress) Failed wordpress login from 103.206.97.139 (IN/India/139-97-206-103.anonet.in): (CF_ENABLE) show less	Brute-Force
🇫🇷 dynamix	2026-06-10 05:20:00 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇪🇸 SweetHoneyPress	2026-06-09 07:32:34 (1 week ago)	WordPress honeypot: POST to /xmlrpc.php \| event_id=747432 \| UA: WordPress.com; https://wordpress.com	Web App Attack Brute-Force
Anonymous	2026-06-08 12:20:19 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-06-08 05:23:48 (2 weeks ago)	103.206.97.139 - - [08/Jun/2026:07:23:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 103.206.97.139 - ... show more 103.206.97.139 - - [08/Jun/2026:07:23:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 103.206.97.139 - - [08/Jun/2026:07:23:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 ... show less	Brute-Force Bad Web Bot
🇪🇸 masterguru	2026-06-04 12:28:16 (2 weeks ago)	(xmlrpc) Failed xmlrpc access from 103.206.97.139 (IN/India/139-97-206-103.anonet.in): 5 in the last ... show more (xmlrpc) Failed xmlrpc access from 103.206.97.139 (IN/India/139-97-206-103.anonet.in): 5 in the last 3600 secs (0-122) show less	Hacking
🇩🇪 pscriptos	2026-06-01 12:10:00 (3 weeks ago)	{"ClientAddr":"103.206.97.139:54290","ClientHost":"103.206.97.139","ClientPort":"54290","ClientUsern ... show more {"ClientAddr":"103.206.97.139:54290","ClientHost":"103.206.97.139","ClientPort":"54290","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":225425505,"OriginContentSize":418,"OriginDuration":222219370,"OriginStatus":403,"Overhead":3206135,"RequestAddr":"www.cleveradmin.de","RequestContentSize":714,"RequestCount":1016062,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-01T14:09:39.480528146+02:00","StartUTC":"2026-06-01T12:09:39.480528146Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-01T14:09:39+02:00"} {"ClientAddr":"103.206.97.139:54290","ClientHost":"103.206.97.13 ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇮 190.212.125.51

🇵🇭 180.191.72.132

🇺🇸 172.69.17.26

🇺🇸 159.65.239.122

🇺🇸 143.198.140.204

🇨🇳 124.66.73.209

🇨🇳 118.145.237.236

🇺🇸 104.152.52.138

🇺🇸 91.230.168.186

🇩🇪 69.5.169.149

🇬🇧 35.203.210.134

🇭🇺 217.13.97.203

🇬🇧 194.50.235.143

🇩🇪 193.124.20.248

🇨🇳 192.140.185.8

🇩🇪 165.232.71.112

🇩🇪 116.202.213.58

🇩🇪 104.207.62.41

🇮🇩 103.151.223.206

🇧🇬 94.155.124.98