JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.251.168.93

117.251.168.93 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 21%: ?

21%

ISP	NIB (National Internet Backbone)
Usage Type	Fixed Line ISP
ASN	AS9829
Domain Name	bsnl.co.in
Country	🇮🇳 India
City	Bengaluru, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.251.168.93

Whois 117.251.168.93

IP Abuse Reports for 117.251.168.93:

This IP address has been reported a total of 7 times from 6 distinct sources. 117.251.168.93 was first reported on July 7th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-05 10:30:04 (2 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 08:47:24 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 117.251.168.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.251.168.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 04:47:15.865549 2026] [security2:error] [pid 10414:tid 10414] [client 117.251.168.93:50335] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.251.168.93 (+1 hits since last alert)\|clayrivers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "clayrivers.com"] [uri "/xmlrpc.php"] [unique_id "aiKNE9aiga-UKPcpzd9-ZgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 06:45:17 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 117.251.168.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 117.251.168.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:45:07.938954 2026] [security2:error] [pid 1151:tid 1178] [client 117.251.168.93:57561] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 117.251.168.93 (+1 hits since last alert)\|nordicatrio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicatrio.com"] [uri "/xmlrpc.php"] [unique_id "aiJwc6AcNsW8HhWVFnQ5_AAAAVg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 06:14:25 (2 weeks ago)	Attac	Brute-Force
🇺🇸 bigwavedave	2026-06-05 06:13:41 (2 weeks ago)	Wordpress Attack	Web App Attack
🇨🇳 ThreatBook.io	2025-03-01 22:20:12 (1 year ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/117.251.168.93	SSH
Anonymous	2024-07-07 04:06:29 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 200.10.29.235

🇺🇸 159.223.173.157

🇮🇩 118.99.68.215

🇮🇶 62.201.253.23

🇳🇱 45.148.10.157

🇰🇷 43.155.237.241

🇷🇴 2.57.121.25

🇧🇷 207.248.17.7

🇺🇸 205.210.31.66

🇺🇸 198.46.83.219

🇺🇸 158.94.187.19

🇵🇭 124.217.56.17

🇨🇳 111.55.120.61

🇳🇱 91.92.241.196

🇳🇱 91.92.40.19

🇨🇳 71.132.8.142

🇺🇸 68.183.107.190

🇧🇷 45.205.1.243

🇳🇱 45.142.193.169

🇧🇪 34.79.131.241