JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.198.145.186

117.198.145.186 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 40%: ?

40%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Mobile ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Kolhapur, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.198.145.186

Whois 117.198.145.186

IP Abuse Reports for 117.198.145.186:

This IP address has been reported a total of 17 times from 14 distinct sources. 117.198.145.186 was first reported on June 28th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 masterguru	2026-06-27 08:35:24 (1 day ago)	(xmlrpc) Failed xmlrpc access from 117.198.145.186 (IN/India/-): 5 in the last 3600 secs (0-122)	Hacking
🇧🇬 HighWay	2026-06-27 07:37:59 (1 day ago)	117.198.145.186 - - [27/Jun/2026:07:37:36 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4568 "-" "Jetpack b ... show more 117.198.145.186 - - [27/Jun/2026:07:37:36 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4568 "-" "Jetpack by WordPress.com" 117.198.145.186 - - [27/Jun/2026:07:37:46 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4569 "-" "Jetpack by WordPress.com" 117.198.145.186 - - [27/Jun/2026:07:37:57 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4569 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-27 06:08:22 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 117.198.145.186 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 117.198.145.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:08:13.845999 2026] [security2:error] [pid 11692:tid 11692] [client 117.198.145.186:50283] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.198.145.186 (+1 hits since last alert)\|portlunchgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "portlunchgroup.com"] [uri "/xmlrpc.php"] [unique_id "aj9ozT-9rI4QMfj-xlvqQAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-27 04:54:53 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-27 04:21:44 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 11:04:35 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 117.198.145.186 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 117.198.145.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 07:04:28.828933 2026] [security2:error] [pid 7614:tid 7614] [client 117.198.145.186:55169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.198.145.186 (+1 hits since last alert)\|palumbodesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "palumbodesigns.com"] [uri "/xmlrpc.php"] [unique_id "aj5cvCPudhYSSSYSPT7dKQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 11:00:50 (2 days ago)	117.198.145.186 - - [26/Jun/2026:19:00:49 +0800] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress. ... show more 117.198.145.186 - - [26/Jun/2026:19:00:49 +0800] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" ... show less	Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-06-29 22:28:49 (11 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/117.198.145.186	SSH
Anonymous	2025-06-29 07:46:14 (11 months ago)	Unauthorized connection to Telnet port 23	Port Scan
🇺🇸 shabi	2025-06-29 07:15:04 (11 months ago)	UFW Blocked [23/TCP] Source: 117.198.145.186:49166 TTL: 50 Lenth: 60 TOS: 0x00	Port Scan Hacking Brute-Force
🇳🇱 EGP Abuse Dept	2025-06-29 01:08:56 (11 months ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking
🇺🇸 MPL	2025-06-28 23:43:22 (11 months ago)	tcp/23 (2 or more attempts)	Port Scan
🇩🇪 ps-center	2025-06-28 21:45:15 (11 months ago)	C2-W: TCP-Scanner. Port: 23	Port Scan
🇺🇸 MPL	2025-06-28 21:45:06 (11 months ago)	tcp/23	Port Scan
🇺🇸 MPL	2025-06-28 21:45:06 (11 months ago)	tcp/23	Port Scan

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.155.157.145

🇺🇸 216.131.78.250

🇰🇪 105.27.148.94

🇭🇰 104.208.72.10

🇫🇷 85.217.140.52

🇺🇸 45.131.195.14

🇱🇰 2402:4000:2301:3574:4000:d2c6:338e:8920

🇺🇸 193.3.53.3

🇩🇪 45.135.141.10

🇻🇳 42.116.123.106

🇺🇸 40.124.173.6

🇺🇸 34.194.226.74

🇻🇳 27.72.23.213

🇨🇳 60.166.82.205

🇳🇱 52.233.193.61

🇨🇳 27.223.98.117

🇨🇳 14.103.41.249

🇺🇸 212.102.61.137

🇹🇯 185.177.0.252

🇧🇷 177.171.74.43