JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.196.144.19

117.196.144.19 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 70%: ?

70%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Puducherry, Puducherry

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.196.144.19

Whois 117.196.144.19

IP Abuse Reports for 117.196.144.19:

This IP address has been reported a total of 20 times from 13 distinct sources. 117.196.144.19 was first reported on July 17th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 01:17:01 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:16:55.612148 2026] [security2:error] [pid 31562:tid 31562] [client 117.196.144.19:64444] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|blacktieokc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blacktieokc.com"] [uri "/xmlrpc.php"] [unique_id "ajiNB0S4NMe-M6ywDqKhqgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 00:44:24 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 20:44:18.834166 2026] [security2:error] [pid 2719:tid 2719] [client 117.196.144.19:14815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|thepercussionworks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "ajiFYjTMA0_iD3xtPZZFxQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-21 23:20:21 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇷 Kenshin869	2026-06-21 22:49:09 (1 day ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-21 22:22:19 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 18:22:16.162205 2026] [security2:error] [pid 32424:tid 32424] [client 117.196.144.19:49662] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|lightbender.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lightbender.net"] [uri "/xmlrpc.php"] [unique_id "ajhkGFpJDsfhMPlZYh2iiwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 21:24:12 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:24:07.151216 2026] [security2:error] [pid 4539:tid 4539] [client 117.196.144.19:58067] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|birdlovesfish.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "birdlovesfish.com"] [uri "/xmlrpc.php"] [unique_id "ajhWd8T68YYO9W9I5Q1tIQAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-21 21:20:01 (1 day ago)	[redacted] 117.196.144.19 - - [21/Jun/2026:23:19:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 117.196.144.19 - - [21/Jun/2026:23:19:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 117.196.144.19 - - [21/Jun/2026:23:19:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 117.196.144.19 - - [21/Jun/2026:23:19:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 117.196.144.19 - - [21/Jun/2026:23:19:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.2; http://site46033789.com" [redacted] 117.196.144.19 - - [21/Jun/2026:23:20:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site36002298.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 19:37:16 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:37:11.840932 2026] [security2:error] [pid 8131:tid 8145] [client 117.196.144.19:21190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|tradersofficepark.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tradersofficepark.com"] [uri "/xmlrpc.php"] [unique_id "ajg9Z8v99CU_nOjFcGpUGAAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 YF	2026-06-21 19:10:13 (1 day ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-06-21 16:04:21 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 12:04:16.892054 2026] [security2:error] [pid 1675:tid 1675] [client 117.196.144.19:52977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|honigcpa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "honigcpa.com"] [uri "/xmlrpc.php"] [unique_id "ajgLgHXcaWsi4eTjrpaJeQAAAFo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-21 15:30:54 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 LRob.fr	2026-06-21 13:30:07 (2 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-21 12:35:04 (2 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇳🇱 javierin	2026-06-21 07:56:31 (2 days ago)	117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:54:54 +0000] "POST /xmlrpc.php HTTP/1.1 ... show more 117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:54:54 +0000] "POST /xmlrpc.php HTTP/1.1" 503 19282 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" 117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:55:04 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack/12.0; WordPress/6.2; http://site42503328.com" 117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:55:15 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "WordPress.com; https://wordpress.com" 117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:55:25 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" 117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:55:36 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack by WordPress.com" 117.196.144.19 - regalo-personalizado.es - - [21/Jun/2026:07:55:47 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack/12.5; WordPress/6.1; http://site64987277.com" 117.196.144.19 ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 07:28:41 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.196.144.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 03:28:35.440910 2026] [security2:error] [pid 18299:tid 18299] [client 117.196.144.19:13328] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.196.144.19 (+1 hits since last alert)\|glassclublake.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "glassclublake.com"] [uri "/xmlrpc.php"] [unique_id "ajeSoz9D5bUNc7cE7PqESwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.208

🇵🇰 72.255.3.168

🇺🇸 2a04:c300:400::1cd

🇺🇸 208.109.38.143

🇲🇽 187.251.242.108

🇬🇧 185.127.70.144

🇷🇺 176.211.42.202

🇮🇳 154.84.242.115

🇺🇸 104.156.154.185

🇺🇸 20.127.25.202

🇨🇭 209.99.185.195

🇦🇱 193.163.187.123

🇲🇽 189.169.174.203

🇳🇱 185.242.226.87

🇨🇳 180.76.96.235

🇮🇳 168.144.95.137

🇮🇳 159.65.157.144

🇨🇳 115.190.125.207

🇹🇭 110.171.151.27

🇧🇩 103.139.144.55