JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.16.21.70

144.16.21.70 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 65%: ?

65%

ISP	RailTel Corporation is an Internet Service Provider.
Usage Type	Fixed Line ISP
ASN	AS24186
Domain Name	railtel.in
Country	🇮🇳 India
City	Chhawala, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.16.21.70

Whois 144.16.21.70

IP Abuse Reports for 144.16.21.70:

This IP address has been reported a total of 14 times from 11 distinct sources. 144.16.21.70 was first reported on March 1st 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-28 19:15:06 (1 hour ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-28 11:07:08 (9 hours ago)	(xmlrpc_405) XMLRPC-Bot 405 144.16.21.70 (IN/India/-)	Hacking
🇫🇮 bittiguru.fi	2026-06-28 07:19:00 (13 hours ago)	144.16.21.70 - [28/Jun/2026:10:18:51 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack/12.1; ... show more 144.16.21.70 - [28/Jun/2026:10:18:51 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack/12.1; WordPress/6.2; http://site10752660.com" "-" 144.16.21.70 - [28/Jun/2026:10:18:59 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" "-" ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-28 07:00:50 (13 hours ago)	144.16.21.70 - [28/Jun/2026:10:00:41 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "WordPress.com ... show more 144.16.21.70 - [28/Jun/2026:10:00:41 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "WordPress.com; https://wordpress.com" "-" 144.16.21.70 - [28/Jun/2026:10:00:50 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "WordPress.com; https://wordpress.com" "-" ... show less	Hacking Brute-Force Web App Attack
🇩🇪 lenz	2026-06-28 06:33:57 (14 hours ago)	Jun 28 08:30:01 hosting wordpress(grupa-ddd.pl)[1200]: XML-RPC authentication failure for admin from ... show more Jun 28 08:30:01 hosting wordpress(grupa-ddd.pl)[1200]: XML-RPC authentication failure for admin from 144.16.21.70 Jun 28 08:31:48 hosting wordpress(grupa-ddd.pl)[1200]: XML-RPC authentication failure for admin from 144.16.21.70 Jun 28 08:32:20 hosting wordpress(grupa-ddd.pl)[11564]: XML-RPC authentication failure for admin from 144.16.21.70 Jun 28 08:33:03 hosting wordpress(grupa-ddd.pl)[6431]: XML-RPC authentication failure for admin from 144.16.21.70 Jun 28 08:33:56 hosting wordpress(grupa-ddd.pl)[1203]: XML-RPC authentication failure for admin from 144.16.21.70 ... show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-28 03:38:55 (17 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇫🇷 dynamix	2026-06-28 03:34:44 (17 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇨🇿 huginet	2026-06-28 01:41:04 (19 hours ago)	144.16.21.70 - - [28/Jun/2026:03:40:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by Wo ... show more 144.16.21.70 - - [28/Jun/2026:03:40:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 144.16.21.70 - - [28/Jun/2026:03:41:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack/13.0; WordPress/6.3; http://site40806835.com" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 22:30:18 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 144.16.21.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 144.16.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 18:30:10.769033 2026] [security2:error] [pid 28769:tid 28769] [client 144.16.21.70:25535] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 144.16.21.70 (+1 hits since last alert)\|designingdestinynow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "designingdestinynow.com"] [uri "/xmlrpc.php"] [unique_id "akBO8v115HTgWV5R7sbHNQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 16:33:27 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 144.16.21.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 144.16.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:33:21.511569 2026] [security2:error] [pid 9249:tid 9249] [client 144.16.21.70:17185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 144.16.21.70 (+1 hits since last alert)\|blindshine.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blindshine.com"] [uri "/xmlrpc.php"] [unique_id "aj_7UekjAqpmNz6sAT3hMwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ipoac.nl	2026-06-27 13:12:58 (1 day ago)	2026-06-27T15:12:56.690294+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 144 ... show more 2026-06-27T15:12:56.690294+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 144.16.21.70 show less	Web App Attack
🇺🇸 integrantservices.com	2026-06-27 11:46:19 (1 day ago)	(wordpress) Failed wordpress login from 144.16.21.70 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-27 10:56:26 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 144.16.21.70 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 144.16.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:56:07.351234 2026] [security2:error] [pid 30905:tid 30905] [client 144.16.21.70:25498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 144.16.21.70 (+1 hits since last alert)\|barigby.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barigby.com"] [uri "/xmlrpc.php"] [unique_id "aj-sR96F1Bq9VBHV6eLOJgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-01 12:00:39 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.191.96

🇳🇱 195.178.110.217

🇷🇴 2.57.121.112

🇧🇷 205.210.31.196

🇩🇪 164.90.226.216

🇮🇹 158.173.77.66

🇫🇷 146.70.40.70

🇵🇱 87.251.64.145

🇸🇪 83.233.149.204

🇰🇷 221.161.76.152

🇳🇬 152.32.141.217

🇲🇽 148.224.59.81

🇩🇪 134.122.88.146

🇻🇳 113.161.74.86

🇧🇾 81.30.98.142

🇱🇹 45.227.254.170

🇺🇸 34.182.247.20

🇮🇪 20.107.204.22

🇯🇴 176.28.144.119

🇨🇳 175.30.48.179