JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.91.72.221

103.91.72.221 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 66%: ?

66%

ISP	Decibel Networks Private Limited
Usage Type	Fixed Line ISP
ASN	AS136294
Hostname(s)	axntech-dynamic-221.72.91.103.axntechnologies.in
Domain Name	axntechnologies.in
Country	🇮🇳 India
City	Gharaunda, Haryana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.91.72.221

Whois 103.91.72.221

IP Abuse Reports for 103.91.72.221:

This IP address has been reported a total of 27 times from 15 distinct sources. 103.91.72.221 was first reported on March 24th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ger-stg-sifi1	2026-06-18 10:12:42 (1 hour ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 cwytech	2026-06-18 10:03:33 (1 hour ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
Anonymous	2026-06-18 04:19:25 (7 hours ago)	103.91.72.221 - - [18/Jun/2026:06:19:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by W ... show more 103.91.72.221 - - [18/Jun/2026:06:19:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 103.91.72.221 - - [18/Jun/2026:06:19:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 103.91.72.221 - - [18/Jun/2026:06:19:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.0; WordPress/6.4; http://site63915155.com" 103.91.72.221 - - [18/Jun/2026:06:19:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.0; WordPress/6.4; http://site63915155.com" 103.91.72.221 - - [18/Jun/2026:06:19:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/13.0; WordPress/6.3; http://site84038019.com" ... show less	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-17 11:35:22 (23 hours ago)	(wordpress) Failed wordpress login from 103.91.72.221 (IN/India/axntech-dynamic-221.72.91.103.axntec ... show more (wordpress) Failed wordpress login from 103.91.72.221 (IN/India/axntech-dynamic-221.72.91.103.axntechnologies.in) show less	Brute-Force
🇩🇪 ger-stg-sifi1	2026-06-17 07:13:33 (1 day ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 WeekendWeb	2026-06-17 06:01:15 (1 day ago)	Wordpress Vunerability attack	Web App Attack
Anonymous	2026-06-17 05:03:24 (1 day ago)	[redacted] 103.91.72.221 - - [17/Jun/2026:07:02:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Wor ... show more [redacted] 103.91.72.221 - - [17/Jun/2026:07:02:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "WordPress.com; https://wordpress.com" [redacted] 103.91.72.221 - - [17/Jun/2026:07:02:48 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Jetpack/13.0; WordPress/6.1; http://site20714458.com" [redacted] 103.91.72.221 - - [17/Jun/2026:07:03:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Jetpack/12.0; WordPress/6.2; http://site98440702.com" [redacted] 103.91.72.221 - - [17/Jun/2026:07:03:11 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Jetpack/12.0; WordPress/6.3; http://site63245993.com" [redacted] 103.91.72.221 - - [17/Jun/2026:07:03:22 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 integrantservices.com	2026-06-16 04:19:50 (2 days ago)	(wordpress) Failed wordpress login from 103.91.72.221 (IN/India/axntech-dynamic-221.72.91.103.axntec ... show more (wordpress) Failed wordpress login from 103.91.72.221 (IN/India/axntech-dynamic-221.72.91.103.axntechnologies.in) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 07:34:23 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 103.91.72.221 (axntech-dynamic-221.72.91.103.ax ... show more (mod_security) mod_security (id:240335) triggered by 103.91.72.221 (axntech-dynamic-221.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:34:19.307349 2026] [security2:error] [pid 28850:tid 28850] [client 103.91.72.221:58913] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.91.72.221 (+1 hits since last alert)\|ussthresher.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ussthresher.com"] [uri "/xmlrpc.php"] [unique_id "ai-q-6U1b0TtyZg104ftHQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:15:05 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.91.72.221 (axntech-dynamic-221.72.91.103.ax ... show more (mod_security) mod_security (id:240335) triggered by 103.91.72.221 (axntech-dynamic-221.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:15:00.041157 2026] [security2:error] [pid 19984:tid 19984] [client 103.91.72.221:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.91.72.221 (+1 hits since last alert)\|upskirtcrazy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "upskirtcrazy.com"] [uri "/xmlrpc.php"] [unique_id "ai1JxHnwvmJ1TQ59XctY-gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 10:32:04 (5 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-13 09:14:52 (5 days ago)	[redacted] 103.91.72.221 - - [13/Jun/2026:11:13:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 466 "-" "J ... show more [redacted] 103.91.72.221 - - [13/Jun/2026:11:13:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 466 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" historisches-wevelinghoven.de 103.91.72.221 - - [13/Jun/2026:11:14:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 461 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" [redacted] 103.91.72.221 - - [13/Jun/2026:11:14:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 466 "-" "Jetpack by WordPress.com" [redacted] 103.91.72.221 - - [13/Jun/2026:11:14:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 466 "-" "WordPress.com; https://wordpress.com" historisches-wevelinghoven.de 103.91.72.221 - - [13/Jun/2026:11:14:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 461 "-" "WordPress.com; https://wordpress.com" [redacted] 103.91.72.221 - - [13/Jun/2026:11:14:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 466 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" historisches-wevelinghoven.de 103.91.72.221 ... show less	Hacking Web App Attack
🇫🇷 Kenshin869	2026-06-13 06:32:53 (5 days ago)	Wordpress unauthorized access attempt	Brute-Force
Anonymous	2026-05-28 06:55:49 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 integrantservices.com	2026-05-28 04:39:51 (3 weeks ago)	(wordpress) Failed wordpress login from 103.91.72.221 (IN/India/axntech-dynamic-221.72.91.103.axntec ... show more (wordpress) Failed wordpress login from 103.91.72.221 (IN/India/axntech-dynamic-221.72.91.103.axntechnologies.in) show less	Brute-Force

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.186.253

🇧🇷 170.238.160.191

🇩🇪 116.202.208.61

🇨🇳 116.179.32.227

🇺🇸 107.175.110.77

🇮🇷 94.139.183.254

🇸🇬 84.75.155.98

🇺🇸 66.25.166.34

🇸🇬 47.236.188.152

🇳🇱 45.148.10.152

🇺🇸 43.110.37.217

🇧🇪 34.156.105.212

🇦🇺 34.151.170.65

🇺🇸 18.226.65.47

🇨🇳 14.216.156.230

🇮🇳 4.213.224.194

🇪🇹 196.191.142.67

🇧🇷 187.32.146.65

🇰🇷 115.178.75.243

🇦🇪 107.155.60.67