JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.149.16.72

103.149.16.72 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 48%: ?

48%

ISP	MITHRIL TELECOMMUNICATIONS PVT. LTD.
Usage Type	Fixed Line ISP
ASN	AS140174
Hostname(s)	72.16.149.103-in-addr.arpa-mithriltele.net
Domain Name	mithriltele.com
Country	🇮🇳 India
City	Hyderabad, Telangana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.149.16.72

Whois 103.149.16.72

IP Abuse Reports for 103.149.16.72:

This IP address has been reported a total of 25 times from 13 distinct sources. 103.149.16.72 was first reported on March 22nd 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 14:42:39 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithr ... show more (mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithriltele.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:42:33.581730 2026] [security2:error] [pid 4481:tid 4481] [client 103.149.16.72:56567] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.149.16.72 (+1 hits since last alert)\|hotelausland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hotelausland.com"] [uri "/xmlrpc.php"] [unique_id "ail32a1jBxIOE8Wwh4MZpgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-10 07:30:42 (2 days ago)	(xmlrpc_405) XMLRPC-Bot 405 103.149.16.72 (IN/India/72.16.149.103-in-addr.arpa-mithriltele.net)	Hacking
Anonymous	2026-06-09 14:11:10 (3 days ago)	Attac	Brute-Force
🇩🇪 Marc	2026-06-05 03:40:12 (1 week ago)	103.149.16.72 - - [05/Jun/2026:05:39:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3209 "-" "WordPress.c ... show more 103.149.16.72 - - [05/Jun/2026:05:39:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3209 "-" "WordPress.com; https://wordpress.com" 103.149.16.72 - - [05/Jun/2026:05:40:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3209 "-" "WordPress.com; https://wordpress.com" 103.149.16.72 - - [05/Jun/2026:05:40:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3208 "-" "Jetpack/12.5; WordPress/6.1; http://site32713460.com" show less	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-03 10:32:50 (1 week ago)	(wordpress) Failed wordpress login from 103.149.16.72 (IN/India/72.16.149.103-in-addr.arpa-mithrilte ... show more (wordpress) Failed wordpress login from 103.149.16.72 (IN/India/72.16.149.103-in-addr.arpa-mithriltele.net) show less	Brute-Force
Anonymous	2026-06-02 12:31:16 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-31 07:37:55 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithr ... show more (mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithriltele.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 03:37:47.351277 2026] [security2:error] [pid 10273:tid 10273] [client 103.149.16.72:59753] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.149.16.72 (+1 hits since last alert)\|sharawi-gum.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sharawi-gum.com"] [uri "/xmlrpc.php"] [unique_id "ahvlS_pM4sskgDCjaIdaEQAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 09:59:21 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithr ... show more (mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithriltele.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 05:59:13.800247 2026] [security2:error] [pid 22280:tid 22285] [client 103.149.16.72:54847] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.149.16.72 (+1 hits since last alert)\|quantumgaze.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "quantumgaze.com"] [uri "/xmlrpc.php"] [unique_id "ahq08cO5gqq2u0qruuGZLwAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-24 15:50:21 (2 weeks ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)	Web App Attack
🇱🇻 garmtech.com	2026-05-24 15:48:57 (2 weeks ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
🇹🇭 thaizone.com	2026-05-22 12:53:53 (3 weeks ago)	Brute-forcing login against websites (D1-1) #1	Web App Attack Hacking
🇺🇸 integrantservices.com	2026-05-22 06:49:49 (3 weeks ago)	(wordpress) Failed wordpress login from 103.149.16.72 (IN/India/72.16.149.103-in-addr.arpa-mithrilte ... show more (wordpress) Failed wordpress login from 103.149.16.72 (IN/India/72.16.149.103-in-addr.arpa-mithriltele.net) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-21 06:49:11 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithr ... show more (mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithriltele.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 02:49:05.923831 2026] [security2:error] [pid 7247:tid 7247] [client 103.149.16.72:56516] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.149.16.72 (+1 hits since last alert)\|walterceron.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "walterceron.com"] [uri "/xmlrpc.php"] [unique_id "ag6q4Z_Q6Fw4PPB-NB4WvAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 09:51:27 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithr ... show more (mod_security) mod_security (id:240335) triggered by 103.149.16.72 (72.16.149.103-in-addr.arpa-mithriltele.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 05:51:19.985029 2026] [security2:error] [pid 14030:tid 14030] [client 103.149.16.72:53892] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.149.16.72 (+1 hits since last alert)\|beirutbazar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "beirutbazar.com"] [uri "/xmlrpc.php"] [unique_id "agL4F9q0IOnWlfqR44H5pQAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-08 15:19:01 (1 month ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 2404:6800:4005:c08::120

🇨🇳 223.88.35.85

🇧🇴 190.181.4.12

🇨🇳 171.105.76.2

🇦🇺 149.118.68.211

🇨🇳 106.13.182.16

🇺🇸 100.49.117.77

🇨🇭 81.62.135.233

🇺🇸 34.50.171.235

🇰🇷 1.250.67.190

🇧🇷 177.6.162.182

🇺🇸 174.174.123.32

🇺🇸 44.232.252.23

🇻🇳 222.255.180.246

🇺🇸 162.216.149.247

🇫🇷 82.102.18.116

🇫🇷 62.171.164.56

🇨🇳 61.51.111.26

🇺🇸 43.153.32.5

🇻🇳 42.116.247.236