AbuseIPDB » 197.232.117.217
197.232.117.217 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 16% : ?
ISP
Jamii Telecommunications Limited
Usage Type
Fixed Line ISP
ASN
AS36866
Domain Name
jtl.co.ke
Country
๐ฐ๐ช
Kenya
City
Nairobi, Nairobi County
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 197.232.117.217 :
This IP address has been reported a total of
9
times from
9 distinct
sources.
197.232.117.217 was first reported on
October 18th 2024 , and the most recent report was
2 weeks ago .
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
kosada.com
2026-06-29 08:48:26
(2 weeks ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ซ๐ท
SpaceHost-Server
2026-06-18 22:29:41
(3 weeks ago)
Brute-Force
Web App Attack
๐ซ๐ฎ
Rexikon
2026-06-18 07:41:28
(3 weeks ago)
197.232.117.217 - - [18/Jun/2026:09:41:21 +0200] "POST /wp-login.php HTTP/1.1" 200 16989 "https://ag ...
show more
197.232.117.217 - - [18/Jun/2026:09:41:21 +0200] "POST /wp-login.php HTTP/1.1" 200 16989 "https://agroturystykanowykrakow.pl/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15"
197.232.117.217 - - [18/Jun/2026:09:41:22 +0200] "POST /wp-login.php HTTP/1.1" 200 16989 "https://agroturystykanowykrakow.pl/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
197.232.117.217 - - [18/Jun/2026:09:41:24 +0200] "POST /wp-login.php HTTP/1.1" 200 16989 "https://agroturystykanowykrakow.pl/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
197.232.117.217 - - [18/Jun/2026:09:41:26 +0200] "POST /wp-login.php HTTP/1.1" 200 17005 "https://agroturystykanowykrakow.pl/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-17 02:10:08
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 197.232.117.217 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 197.232.117.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 22:10:01.163678 2026] [security2:error] [pid 907308:tid 907308] [client 197.232.117.217:59308] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||alejandrogorsse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "alejandrogorsse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeGWecB0iQ6t5vL1EbmRdwAAAAE"], referer: https://www.bing.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-02-22 12:53:07
(4 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
Anonymous
2025-11-29 07:36:09
(7 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.29 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.29 is noted in report timestamp
show less
Hacking
Brute-Force
Anonymous
2025-11-25 20:03:55
(7 months ago)
scanning http requests from known botnet
Web App Attack
๐ณ๐ฑ
exxos
2025-09-19 19:05:38
(9 months ago)
Attacks with Bad user agents
Hacking
๐ซ๐ฎ
Ticlem
2024-10-18 13:05:25
(1 year ago)
2024-10-18T14:36:03.791791+02:00 clement-turlure kernel: [9657309.164577] [UFW BLOCK] IN=enp0s31f6 O ...
show more
2024-10-18T14:36:03.791791+02:00 clement-turlure kernel: [9657309.164577] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=197.232.117.217 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=115 ID=11962 PROTO=UDP SPT=1027 DPT=6881 LEN=123
2024-10-18T14:50:44.208717+02:00 clement-turlure kernel: [9658189.566887] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=197.232.117.217 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=115 ID=58617 PROTO=UDP SPT=1027 DPT=6881 LEN=123
2024-10-18T15:05:24.649648+02:00 clement-turlure kernel: [9659069.992522] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=197.232.117.217 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=115 ID=3746 PROTO=UDP SPT=1028 DPT=6881 LEN=123
...
show less
Port Scan
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: