AbuseIPDB » 117.198.242.231
117.198.242.231
This IP was reported 10 times. Confidence of
Abuse
is 17% : ?
ISP
Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type
Fixed Line ISP
ASN
AS9829
Domain Name
bsnl.in
Country
๐ฎ๐ณ
India
City
Bhilai, Chhattisgarh
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 117.198.242.231 :
This IP address has been reported a total of
10
times from
8 distinct
sources.
117.198.242.231 was first reported on
July 19th 2021 , and the most recent report was
3 weeks ago
Old Reports:
The most recent abuse report for this IP address is from
3 weeks ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
LRob.fr
2026-06-03 11:30:04
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-03 11:22:47
(3 weeks ago)
(xmlrpc) Apache: Failed xmlrpc access from 117.198.242.231 (IN/India/-): 10 in the last 3600 secs (0 ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 117.198.242.231 (IN/India/-): 10 in the last 3600 secs (0-201)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-03 07:21:29
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 117.198.242.231 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.198.242.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:21:22.672465 2026] [security2:error] [pid 20566:tid 20566] [client 117.198.242.231:59977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.198.242.231 (+1 hits since last alert)|greensandbeans.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greensandbeans.us"] [uri "/xmlrpc.php"] [unique_id "ah_V8l9LREW93WJAYmN30AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 05:00:26
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 117.198.242.231 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.198.242.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:00:18.812688 2026] [security2:error] [pid 15336:tid 15336] [client 117.198.242.231:53412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.198.242.231 (+1 hits since last alert)|blublk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blublk.com"] [uri "/xmlrpc.php"] [unique_id "ah-04ugqS3WUPgmH75usSQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2023-06-21 06:47:57
(3 years ago)
Scanning
Port Scan
๐บ๐ธ
EricTheRedFL
2022-12-17 19:58:19
(3 years ago)
Port scan of TCP port 23
Port Scan
Hacking
๐จ๐ฟ
akac
2022-12-11 14:17:26
(3 years ago)
Added into the Abuse.ch URLHaus IOC database by @geenensp for distributing malware with tags: 32-bit ...
show more
Added into the Abuse.ch URLHaus IOC database by @geenensp for distributing malware with tags: 32-bit, elf, mips, Mozi.
Source: https://urlhaus.abuse.ch/url/2454396/
show less
Hacking
Exploited Host
๐ต๐ฑ
ChillScanner
2021-10-08 19:39:16
(4 years ago)
1 probe(s) @ TCP(23)
Port Scan
๐บ๐ธ
sumnone
2021-08-29 10:02:31
(4 years ago)
Port probing on unauthorized port 23
Port Scan
Hacking
Exploited Host
๐บ๐ธ
sumnone
2021-07-19 07:44:10
(4 years ago)
Port probing on unauthorized port 8080
Port Scan
Hacking
Exploited Host
Showing 1 to
10
of 10 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: