JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.248.21.20

117.248.21.20 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 16%: ?

16%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Kalyan, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.248.21.20

Whois 117.248.21.20

IP Abuse Reports for 117.248.21.20:

This IP address has been reported a total of 6 times from 4 distinct sources. 117.248.21.20 was first reported on June 25th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 03:34:23 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 117.248.21.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 117.248.21.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:34:16.094134 2026] [security2:error] [pid 2175:tid 2215] [client 117.248.21.20:65386] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.248.21.20 (+1 hits since last alert)\|reghay.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reghay.com"] [uri "/xmlrpc.php"] [unique_id "aiJDuMTiyNXnIbqStk_hMwAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-04 10:53:58 (3 weeks ago)	(xmlrpc) Apache: Failed xmlrpc access from 117.248.21.20 (IN/India/-): 10 in the last 3600 secs (0-2 ... show more (xmlrpc) Apache: Failed xmlrpc access from 117.248.21.20 (IN/India/-): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-04 10:04:57 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 117.248.21.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 117.248.21.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 06:04:49.610128 2026] [security2:error] [pid 2039:tid 2039] [client 117.248.21.20:12388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.248.21.20 (+1 hits since last alert)\|tcit.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tcit.org"] [uri "/xmlrpc.php"] [unique_id "aiFNwaxb0w3rhGqMDYu20QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 05:50:34 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 117.248.21.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 117.248.21.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:50:26.933784 2026] [security2:error] [pid 929:tid 929] [client 117.248.21.20:55455] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.248.21.20 (+1 hits since last alert)\|schlegelcreative.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "aiESIuHEQvqt1GKBXJ2suwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 04:10:43 (3 weeks ago)	Attac	Brute-Force
🇳🇱 EGP Abuse Dept	2024-06-25 21:15:27 (2 years ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.152.161.73

🇷🇺 213.33.204.130

🇫🇷 163.172.78.108

🇺🇸 162.243.138.30

🇺🇸 136.144.35.155

🇨🇳 118.145.104.105

🇺🇸 91.230.168.124

🇳🇱 45.148.10.147

🇨🇦 37.120.130.10

🇪🇸 5.182.83.231

🇮🇳 209.38.121.186

🇹🇼 198.235.24.104

🇺🇸 195.242.178.252

🇳🇱 176.65.139.140

🇺🇸 136.144.35.152

🇺🇸 136.144.35.145

🇺🇸 136.144.35.138

🇹🇷 95.9.191.103

🇳🇱 91.92.40.4

🇬🇧 84.65.145.117