JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 217.131.116.246

217.131.116.246 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 81%: ?

81%

ISP	SOLNET-BB-VAE-Avrupa
Usage Type	Fixed Line ISP
ASN	AS34984
Hostname(s)	host-217-131-116-246.reverse.superonline.net
Domain Name	turkcell.com.tr
Country	🇹🇷 Turkey
City	Ankara, Ankara

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 217.131.116.246

Whois 217.131.116.246

IP Abuse Reports for 217.131.116.246:

This IP address has been reported a total of 34 times from 15 distinct sources. 217.131.116.246 was first reported on May 20th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 YF	2026-06-07 23:00:18 (2 hours ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
Anonymous	2026-06-07 21:42:13 (3 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 21:13:48 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.s ... show more (mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.superonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:13:40.392906 2026] [security2:error] [pid 8787:tid 8787] [client 217.131.116.246:15914] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.131.116.246 (+1 hits since last alert)\|vzan.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vzan.org"] [uri "/xmlrpc.php"] [unique_id "aiXfBHY-j0RPcPmtdMuW_QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-06-07 20:48:04 (4 hours ago)	Wordfence waf block on lostswordfish	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 20:40:23 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.s ... show more (mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.superonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:40:15.920077 2026] [security2:error] [pid 9349:tid 9349] [client 217.131.116.246:16445] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.131.116.246 (+1 hits since last alert)\|lspfest.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lspfest.com"] [uri "/xmlrpc.php"] [unique_id "aiXXLwJnYSelPS8JL3VGzgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 19:39:18 (5 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.s ... show more (mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.superonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:39:14.326289 2026] [security2:error] [pid 17243:tid 17243] [client 217.131.116.246:15803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.131.116.246 (+1 hits since last alert)\|j3pr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "j3pr.com"] [uri "/xmlrpc.php"] [unique_id "aiXI4kw7rQV6Hu8IfAsuegAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 19:09:52 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.s ... show more (mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.superonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:09:48.090764 2026] [security2:error] [pid 11520:tid 11520] [client 217.131.116.246:16152] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.131.116.246 (+1 hits since last alert)\|joevallone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "joevallone.com"] [uri "/xmlrpc.php"] [unique_id "aiXB_KiV_4WU__n5xaXHuAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-07 18:36:39 (6 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 ger-stg-sifi1	2026-06-07 13:47:34 (11 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-07 11:24:11 (13 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC TR/Turkey/host-217-131-116-246.reverse.superonline.net	Web App Attack
Anonymous	2026-06-06 12:05:10 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 18:21:25 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.s ... show more (mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.superonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:21:18.179468 2026] [security2:error] [pid 17869:tid 17869] [client 217.131.116.246:16302] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.131.116.246 (+1 hits since last alert)\|theamarals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theamarals.com"] [uri "/xmlrpc.php"] [unique_id "aiHCHnk9Pe1Y0TruPcUL8QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 22:42:43 (4 days ago)	Attac	Brute-Force
Anonymous	2026-06-03 22:10:14 (4 days ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 21:41:19 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.s ... show more (mod_security) mod_security (id:240335) triggered by 217.131.116.246 (host-217-131-116-246.reverse.superonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 17:41:11.513589 2026] [security2:error] [pid 22371:tid 22380] [client 217.131.116.246:16029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.131.116.246 (+1 hits since last alert)\|fastestcopyright.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fastestcopyright.com"] [uri "/xmlrpc.php"] [unique_id "aiCfdz-sW1xHUy_CosKWKwAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.3

🇰🇷 211.109.223.22

🇧🇪 198.235.24.184

🇨🇳 106.119.165.171

🇺🇸 64.62.156.130

🇳🇱 213.177.179.135

🇹🇼 198.235.24.64

🇧🇷 187.17.224.139

🇩🇪 167.233.25.83

🇸🇪 90.231.80.167

🇺🇸 66.132.186.141

🇧🇷 45.205.1.68

🇩🇪 43.228.157.183

🇺🇸 35.243.44.33

🇺🇸 34.238.138.228

🇩🇪 213.209.159.25

🇮🇹 212.237.4.64

🇺🇸 207.90.244.22

🇹🇼 198.235.24.127

🇦🇪 165.154.12.108