JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.248.24.53

192.248.24.53 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 51%: ?

51%

ISP	University of Kelyaniya
Usage Type	University/College/School
ASN	AS38229
Domain Name	learn.ac.lk
Country	🇱🇰 Sri Lanka
City	Negombo, Western Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.248.24.53

Whois 192.248.24.53

IP Abuse Reports for 192.248.24.53:

This IP address has been reported a total of 13 times from 8 distinct sources. 192.248.24.53 was first reported on November 8th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-13 03:52:39 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 16:41:37 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:41:28.265242 2026] [security2:error] [pid 2765:tid 2765] [client 192.248.24.53:43337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.248.24.53 (+1 hits since last alert)\|yerevanpress.am\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yerevanpress.am"] [uri "/xmlrpc.php"] [unique_id "aiw2uFb_PfJRNSVtwaAPvgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-12 14:32:18 (1 day ago)	Wordpress Vunerability attack	Web App Attack
🇩🇪 grassau.com	2026-06-11 15:19:06 (2 days ago)	(wordpress) Failed wordpress login from 192.248.24.53 (LK/Sri Lanka/Colombo District/Maharagama/-)	Brute-Force
Anonymous	2026-06-11 11:59:05 (2 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:45:41 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:45:35.145953 2026] [security2:error] [pid 26417:tid 26417] [client 192.248.24.53:59865] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.248.24.53 (+1 hits since last alert)\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "aiqRz_kc_SyYqBur8x7d6AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-11 10:43:32 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 09:20:56 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 05:20:50.033833 2026] [security2:error] [pid 14733:tid 14733] [client 192.248.24.53:61918] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.248.24.53 (+1 hits since last alert)\|goseethenurse.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/xmlrpc.php"] [unique_id "aip98pimHTnBFrwQ2iatVwAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 09:47:11 (4 days ago)	(wordpress) Failed wordpress login from 192.248.24.53 (LK/Sri Lanka/-)	Brute-Force
Anonymous	2026-06-08 15:03:00 (5 days ago)	[redacted] 192.248.24.53 - - [08/Jun/2026:17:02:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ... show more [redacted] 192.248.24.53 - - [08/Jun/2026:17:02:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" [redacted] 192.248.24.53 - - [08/Jun/2026:17:02:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 192.248.24.53 - - [08/Jun/2026:17:02:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 192.248.24.53 - - [08/Jun/2026:17:02:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site79212937.com" [redacted] 192.248.24.53 - - [08/Jun/2026:17:02:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" ... show less	Hacking Web App Attack
Anonymous	2026-06-07 08:10:13 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 04:21:21 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:21:14.365783 2026] [security2:error] [pid 18007:tid 18007] [client 192.248.24.53:17853] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.248.24.53 (+1 hits since last alert)\|natickvillagerentals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "natickvillagerentals.com"] [uri "/xmlrpc.php"] [unique_id "aiTxuowLeUVA0hCRWfoS0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-08 02:33:29 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 192.248.24.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 21:33:17.700216 2024] [security2:error] [pid 3263:tid 3263] [client 192.248.24.53:41576] [client 192.248.24.53] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.newdirectionsinmusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.newdirectionsinmusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zy14bRcN7PD_O4StDD1ZigAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 201.186.40.161

🇬🇧 193.163.125.180

🇩🇪 192.109.200.78

🇲🇽 187.140.91.20

🇨🇳 120.240.178.130

🇺🇸 107.77.201.34

🇺🇸 104.248.15.53

🇹🇼 60.250.246.239

🇯🇵 35.73.219.176

🇺🇸 34.228.104.231

🇩🇪 213.209.159.225

🇺🇸 206.223.228.197

🇻🇳 171.244.142.205

🇺🇸 136.116.92.62

🇮🇳 125.19.179.18

🇮🇩 103.122.34.142

🇬🇧 87.106.44.172

🇱🇹 81.30.98.62

🇱🇹 81.30.98.44

🇪🇸 80.102.146.195