JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.72.9.8

103.72.9.8 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 18%: ?

18%

ISP	SWIFTIFY PRIVATE LIMITED
Usage Type	Fixed Line ISP
ASN	AS151729
Hostname(s)	103.72.9.8.swiftify.in
Domain Name	swiftify.in
Country	🇮🇳 India
City	Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.72.9.8

Whois 103.72.9.8

IP Abuse Reports for 103.72.9.8:

This IP address has been reported a total of 36 times from 25 distinct sources. 103.72.9.8 was first reported on August 27th 2025, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-10 14:44:45 (4 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
Anonymous	2026-04-28 07:50:47 (1 month ago)	Port Scanner	Port Scan
🇫🇷 vtchost.com	2026-04-24 23:56:40 (1 month ago)	Apr 25 01:56:40 vtchost kernel: [59943.467869] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11 ... show more Apr 25 01:56:40 vtchost kernel: [59943.467869] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:2a:b3:08:00 SRC=103.72.9.8 DST=161.97.181.152 LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=62370 PROTO=TCP SPT=65178 DPT=23 WINDOW=1600 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 security.rdmc.fr	2026-04-24 18:45:32 (1 month ago)	Port Scan Attack proto:TCP src:65201 dst:23	Port Scan
🇦🇹 urnilxfgbez	2026-04-23 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 PeravixGroup	2026-04-23 18:55:36 (1 month ago)	HoneyPot hit - Aaran.cloud \| Telnet Iot Attack \| iot exploitation	IoT Targeted Brute-Force
Anonymous	2026-04-03 08:44:44 (2 months ago)	Port Scanner	Port Scan
🇺🇸 cybsecaoccol	2026-03-08 05:14:51 (3 months ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
🇦🇹 urnilxfgbez	2026-03-07 23:45:00 (3 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇳🇱 alexbfr	2026-02-24 14:39:06 (3 months ago)	Telnet Honeypot: Credentials used: root / e2008jl	Brute-Force IoT Targeted
🇺🇸 RAP	2026-02-11 19:55:31 (3 months ago)	2026-02-11 19:55:31 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2026-01-21 02:58:58 (4 months ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇩🇪 big-cloud.nl	2025-12-26 04:38:04 (5 months ago)	Try to access /de-ideale-stookmix//xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2025-12-26 04:31:21 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 103.72.9.8 (103.72.9.8.swiftify.in): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 103.72.9.8 (103.72.9.8.swiftify.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 23:31:13.743039 2025] [security2:error] [pid 7120:tid 7120] [client 103.72.9.8:62811] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hvacmechanalysis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hvacmechanalysis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aU4PkeukBFoCbkOgxPb_EAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-26 01:56:58 (5 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.113

🇺🇸 152.32.206.51

🇸🇬 103.134.154.36

🇱🇹 77.90.185.91

🇳🇱 2.26.111.2

🇬🇧 217.146.80.102

🇺🇸 209.197.249.96

🇺🇸 192.81.229.181

🇬🇧 188.240.59.11

🇧🇷 187.181.208.154

🇳🇱 176.65.139.128

🇺🇸 172.96.161.212

🇮🇩 163.7.4.169

🇺🇸 150.107.38.210

🇨🇳 116.198.232.100

🇳🇱 195.178.110.246

🇻🇳 171.244.61.79

🇲🇲 103.154.241.61

🇭🇰 101.36.111.119

🇩🇪 91.217.249.182