JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.192.192.15

117.192.192.15 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 49%: ?

49%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Rasapudipalem, Andhra Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.192.192.15

Whois 117.192.192.15

IP Abuse Reports for 117.192.192.15:

This IP address has been reported a total of 16 times from 12 distinct sources. 117.192.192.15 was first reported on June 7th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-06-28 10:29:02 (11 hours ago)	5.165 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2026-06-28 10:00:10 (12 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-28 06:16:06 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 02:16:02.951159 2026] [security2:error] [pid 22698:tid 22698] [client 117.192.192.15:50445] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.192.192.15 (+1 hits since last alert)\|christaylorjazzpianist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "christaylorjazzpianist.com"] [uri "/xmlrpc.php"] [unique_id "akC8Isv9oEbK6AxqWUl5HwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 04:46:10 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:46:03.758537 2026] [security2:error] [pid 27202:tid 27202] [client 117.192.192.15:49279] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.192.192.15 (+1 hits since last alert)\|renomarsh.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "renomarsh.com"] [uri "/xmlrpc.php"] [unique_id "akCnCyEPoHbYNynnwLnBlQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Séfora Srl	2026-06-28 02:03:43 (19 hours ago)	Failed attempt detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 01:41:08 (20 hours ago)	(mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:41:00.591882 2026] [security2:error] [pid 5134:tid 5134] [client 117.192.192.15:55784] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.192.192.15 (+1 hits since last alert)\|riser-astrology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "riser-astrology.com"] [uri "/xmlrpc.php"] [unique_id "akB7rL9SFnwePYvYOVicJAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 16:45:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.192.192.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:45:28.929813 2026] [security2:error] [pid 12640:tid 12640] [client 117.192.192.15:58934] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.192.192.15 (+1 hits since last alert)\|nancyscafeandcatering.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nancyscafeandcatering.com"] [uri "/xmlrpc.php"] [unique_id "aj_-KCbYO_WoLALXSQCyZQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-27 13:39:22 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-27 12:59:35 (1 day ago)	117.192.192.15 - - [27/Jun/2026:14:59:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12 ... show more 117.192.192.15 - - [27/Jun/2026:14:59:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; WordPress/6.1; http://site47181077.com" 117.192.192.15 - - [27/Jun/2026:14:59:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com" 117.192.192.15 - - [27/Jun/2026:14:59:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-27 12:44:09 (1 day ago)	117.192.192.15 - - [27/Jun/2026:14:43:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by ... show more 117.192.192.15 - - [27/Jun/2026:14:43:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" 117.192.192.15 - - [27/Jun/2026:14:43:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 117.192.192.15 - - [27/Jun/2026:14:44:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇹🇭 thaizone.com	2026-06-27 12:16:08 (1 day ago)	Brute-forcing login against websites (D1-1) #1	Web App Attack Hacking
🇹🇷 rtbh.com.tr	2025-06-08 00:07:02 (1 year ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇫🇷 security.rdmc.fr	2025-06-07 17:32:01 (1 year ago)	Port Scan Attack proto:TCP src:43976 dst:23	Port Scan
Anonymous	2025-06-07 11:02:19 (1 year ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 MPL	2025-06-07 09:25:03 (1 year ago)	tcp/23 (2 or more attempts)	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.113

🇰🇷 211.221.196.103

🇮🇳 203.192.232.180

🇩🇪 194.88.98.116

🇩🇪 178.128.194.134

🇬🇧 178.62.89.9

🇸🇬 165.232.170.247

🇺🇸 162.0.226.2

🇮🇳 122.168.123.73

🇭🇰 104.208.101.142

🇻🇳 103.200.22.154

🇩🇪 92.246.91.138

🇧🇬 79.124.40.126

🇮🇳 52.66.226.71

🇰🇷 43.202.76.136

🇺🇸 35.88.222.62

🇧🇷 14.102.230.4

🇬🇧 13.42.36.82

🇫🇮 217.217.247.246

🇧🇷 205.210.31.215