JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.220.8.155

117.220.8.155 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 83%: ?

83%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Hostname(s)	static.ftth.ald.117.220.8.155.bsnl.in
Domain Name	bsnl.in
Country	🇮🇳 India
City	Lucknow, Uttar Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.220.8.155

Whois 117.220.8.155

IP Abuse Reports for 117.220.8.155:

This IP address has been reported a total of 33 times from 20 distinct sources. 117.220.8.155 was first reported on March 9th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-19 04:49:44 (1 hour ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-18 03:41:57 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 excill	2026-06-17 03:05:19 (2 days ago)	Honeypot mesh observed 978 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇩🇪 rh24	2026-06-16 15:18:08 (2 days ago)	(wordpress) Failed wordpress login from 117.220.8.155 (IN/India/static.ftth.ald.117.220.8.155.bsnl.i ... show more (wordpress) Failed wordpress login from 117.220.8.155 (IN/India/static.ftth.ald.117.220.8.155.bsnl.in): (CF_ENABLE) show less	Brute-Force
🇳🇱 Site.eu	2026-06-15 16:22:05 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-15 14:37:30 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 117.220.8.155 (static.ftth.ald.117.220.8.155.bs ... show more (mod_security) mod_security (id:240335) triggered by 117.220.8.155 (static.ftth.ald.117.220.8.155.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 10:37:26.251096 2026] [security2:error] [pid 23744:tid 23744] [client 117.220.8.155:55797] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.220.8.155 (+1 hits since last alert)\|newmooncafe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newmooncafe.com"] [uri "/xmlrpc.php"] [unique_id "ajAOJjW5TcYNg35AtEl9pgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 13:33:25 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇳🇱 tmiland	2026-06-15 11:00:05 (3 days ago)	(wordpress_xmlrpc) WordPress XMLPRC Attack 117.220.8.155 (IN/India/static.ftth.ald.117.220.8.155.bsn ... show more (wordpress_xmlrpc) WordPress XMLPRC Attack 117.220.8.155 (IN/India/static.ftth.ald.117.220.8.155.bsnl.in): 3 in the last 3600 secs; IP: 117.220.8.155; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 117.220.8.155 - - [15/Jun/2026:12:59:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "WordPress.com; https://wordpress.com" 117.220.8.155 - - [15/Jun/2026:12:59:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack/12.5; WordPress/6.2; http://site92903026.com" 117.220.8.155 - - [15/Jun/2026:13:00:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 05:27:18 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 117.220.8.155 (static.ftth.ald.117.220.8.155.bs ... show more (mod_security) mod_security (id:240335) triggered by 117.220.8.155 (static.ftth.ald.117.220.8.155.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:27:13.955735 2026] [security2:error] [pid 18860:tid 18860] [client 117.220.8.155:62947] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.220.8.155 (+1 hits since last alert)\|certifiedfarmersmarkets.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "certifiedfarmersmarkets.org"] [uri "/xmlrpc.php"] [unique_id "aizqMSXg0cQDbrZG4EgsgAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-12 15:28:06 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/static.ftth.ald.117.220.8.155.bsnl.in	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 16:26:38 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 117.220.8.155 (static.ftth.ald.117.220.8.155.bs ... show more (mod_security) mod_security (id:240335) triggered by 117.220.8.155 (static.ftth.ald.117.220.8.155.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 12:26:32.080957 2026] [security2:error] [pid 4289:tid 4289] [client 117.220.8.155:54287] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.220.8.155 (+1 hits since last alert)\|mrccertification.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mrccertification.com"] [uri "/xmlrpc.php"] [unique_id "airhuLhwri10d38W899iNAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 15:55:10 (1 week ago)	Attac	Brute-Force
🇺🇸 WeekendWeb	2026-06-11 12:49:46 (1 week ago)	Wordpress Vunerability attack	Web App Attack
🇲🇾 Rizzy	2026-06-11 12:49:32 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 Marc	2026-06-11 09:14:44 (1 week ago)	117.220.8.155 - - [11/Jun/2026:11:14:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3419 "-" "WordPress.c ... show more 117.220.8.155 - - [11/Jun/2026:11:14:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3419 "-" "WordPress.com; https://wordpress.com" 117.220.8.155 - - [11/Jun/2026:11:14:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3466 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 117.220.8.155 - - [11/Jun/2026:11:14:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3467 "-" "Jetpack by WordPress.com" show less	Brute-Force Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.32.162.125

🇭🇰 150.109.46.88

🇳🇱 185.223.235.30

🇳🇱 81.19.216.119

🇪🇸 79.117.206.190

🇫🇷 54.37.20.198

🇵🇱 46.203.202.242

🇺🇸 43.130.26.197

🇨🇳 223.15.15.166

🇨🇳 222.128.21.25

🇲🇿 196.3.101.2

🇧🇴 181.188.176.242

🇮🇹 172.71.114.122

🇧🇬 151.237.79.243

🇷🇺 91.107.123.111

🇱🇹 81.30.98.236

🇨🇦 40.85.241.15

🇬🇧 35.203.210.20

🇨🇳 14.103.34.138

🇭🇰 172.253.4.16