JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.212.43.80

117.212.43.80 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 16%: ?

16%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Amravati, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.212.43.80

Whois 117.212.43.80

IP Abuse Reports for 117.212.43.80:

This IP address has been reported a total of 4 times from 3 distinct sources. 117.212.43.80 was first reported on June 15th 2022, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 10:56:58 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 117.212.43.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 117.212.43.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:56:46.179681 2026] [security2:error] [pid 25566:tid 25566] [client 117.212.43.80:55758] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.212.43.80 (+1 hits since last alert)\|michaelthompson.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michaelthompson.biz"] [uri "/xmlrpc.php"] [unique_id "ai6I7soBc3IWly7rfXKWrwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 10:08:33 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 117.212.43.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 117.212.43.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:08:23.440363 2026] [security2:error] [pid 12215:tid 12215] [client 117.212.43.80:55149] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.212.43.80 (+1 hits since last alert)\|genevaatlantic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "genevaatlantic.com"] [uri "/xmlrpc.php"] [unique_id "ai59l5ewrXSqR4zM02njKwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-14 10:06:42 (7 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇵🇱 ChillScanner	2022-06-15 11:39:15 (3 years ago)	1 probe(s) @ TCP(8080)	Port Scan

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 123.58.200.147

🇺🇸 45.148.233.208

🇳🇱 45.148.10.147

🇵🇰 43.246.221.174

🇺🇸 20.163.33.23

🇬🇧 2a06:4880:c000::e4

🇪🇹 196.189.155.89

🇵🇾 190.128.201.18

🇨🇳 125.77.73.145

🇻🇳 116.99.174.27

🇸🇬 101.47.156.21

🇺🇸 64.62.156.135

🇨🇳 61.145.190.218

🇸🇬 47.82.14.58

🇰🇷 222.112.192.170

🇺🇸 150.136.214.177

🇺🇸 137.184.202.173

🇨🇱 131.196.178.244

127.0.0.1

🇷🇺 95.84.137.48