JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 115.96.130.52

115.96.130.52 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 36%: ?

36%

ISP	HATHWAY CABLE AND DATACOM LIMITED
Usage Type	Fixed Line ISP
ASN	AS17488
Hostname(s)	130.96.115.52.hathway.com
Domain Name	hathway.com
Country	🇮🇳 India
City	Bhatpara, West Bengal

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 115.96.130.52

Whois 115.96.130.52

IP Abuse Reports for 115.96.130.52:

This IP address has been reported a total of 15 times from 12 distinct sources. 115.96.130.52 was first reported on July 29th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-15 07:20:16 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:19:12 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 115.96.130.52 (130.96.115.52.hathway.com): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 115.96.130.52 (130.96.115.52.hathway.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:19:08.410943 2026] [security2:error] [pid 8518:tid 8518] [client 115.96.130.52:59784] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 115.96.130.52 (+1 hits since last alert)\|livingminimal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "livingminimal.com"] [uri "/xmlrpc.php"] [unique_id "ai-ZXJsn-U9fMEburCLqVwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-06-15 05:09:14 (1 day ago)	WP Exploit attempt. Evidence: beanietools.dev:443 115.96.130.52 - - [15/Jun/2026:06:09:10 +0100] POS ... show more WP Exploit attempt. Evidence: beanietools.dev:443 115.96.130.52 - - [15/Jun/2026:06:09:10 +0100] POST /xmlrpc.php HTTP/1.1 503 21342 - Jetpack by [REDACTED_DOMAIN] show less	Web App Attack
🇧🇪 cmbplf	2026-06-15 05:04:28 (1 day ago)	6.642 post requests in 1 hour (2d16h36m)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 04:37:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 115.96.130.52 (130.96.115.52.hathway.com): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 115.96.130.52 (130.96.115.52.hathway.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:37:47.466612 2026] [security2:error] [pid 1250:tid 1250] [client 115.96.130.52:57560] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 115.96.130.52 (+1 hits since last alert)\|mchen-arch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mchen-arch.com"] [uri "/xmlrpc.php"] [unique_id "ai-BmyUGSe_aBW59z4NkIAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:04:12 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 115.96.130.52 (130.96.115.52.hathway.com): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 115.96.130.52 (130.96.115.52.hathway.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:04:06.252635 2026] [security2:error] [pid 24191:tid 24191] [client 115.96.130.52:50065] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 115.96.130.52 (+1 hits since last alert)\|nomanszone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nomanszone.com"] [uri "/xmlrpc.php"] [unique_id "ai95tvUVkMHOSdTp7vOOygAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-15 02:31:34 (1 day ago)	(wordpress) Failed wordpress login from 115.96.130.52 (IN/India/West Bengal/Kolkata/130.96.115.52.ha ... show more (wordpress) Failed wordpress login from 115.96.130.52 (IN/India/West Bengal/Kolkata/130.96.115.52.hathway.com) show less	Brute-Force
🇫🇷 security.rdmc.fr	2025-07-11 04:59:04 (11 months ago)	Port Scan Attack proto:TCP src:57139 dst:23	Port Scan
🇺🇸 LotPhantom	2025-05-16 17:00:49 (1 year ago)	2025-05-16T17:00:48.189100+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2025-05-16T17:00:48.189100+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=115.96.130.52 DST=157.230.217.55 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=44866 DF PROTO=TCP SPT=58321 DPT=83 WINDOW=29040 RES=0x00 SYN URGP=0 2025-05-16T17:00:49.183428+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=115.96.130.52 DST=157.230.217.55 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=44867 DF PROTO=TCP SPT=58321 DPT=83 WINDOW=29040 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇺🇸 RAP	2023-06-19 20:01:17 (2 years ago)	2023-06-19 20:01:17 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 ps-center	2023-03-22 10:00:43 (3 years ago)	ABV-W: TCP-Scanner. Port: 23	Port Scan
🇨🇿 lp	2023-03-22 08:34:59 (3 years ago)	Port scanning: 115.96.130.52 was recorded 49 times by 24 hosts attempting to connect to 1 unique por ... show more Port scanning: 115.96.130.52 was recorded 49 times by 24 hosts attempting to connect to 1 unique port (23/tcp) show less	Port Scan
🇳🇱 EGP Abuse Dept	2022-11-21 08:37:30 (3 years ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking
🇫🇷 Emily	2022-11-21 08:36:46 (3 years ago)	Nov 21 14:36:45 box kernel: [340716.915712] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=115.96.130.52 ... show more Nov 21 14:36:45 box kernel: [340716.915712] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=115.96.130.52 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=4516 PROTO=TCP SPT=18546 DPT=23 WINDOW=20585 RES=0x00 SYN URGP=0 show less	Port Scan
🇳🇱 EGP Abuse Dept	2022-07-29 07:35:25 (3 years ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.217.69

🇧🇷 200.155.66.2

🇳🇱 192.142.28.77

🇺🇸 162.216.150.72

🇸🇬 114.119.153.247

🇰🇷 112.175.29.94

🇫🇷 85.217.140.52

🇮🇷 79.127.66.250

🇺🇸 74.235.143.209

🇺🇸 52.20.198.190

🇸🇬 47.79.201.239

🇮🇳 20.219.91.90

🇬🇧 178.62.89.9

🇮🇳 152.59.183.180

🇭🇰 152.32.133.102

🇺🇸 104.243.133.18

🇬🇧 92.207.4.157

🇳🇱 91.92.40.44

🇨🇦 85.217.149.72

🇸🇦 82.197.58.135