JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.233.66.232

223.233.66.232 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 48%: ?

48%

ISP	ABTS DELHI, Bharti Airtel Ltd.,224, Okhla industrial Area Phase III New Delhi
Usage Type	Fixed Line ISP
ASN	AS24560
Hostname(s)	abts-north-dynamic-232.66.233.223.airtelbroadband.in
Domain Name	airtel.in
Country	🇮🇳 India
City	Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.233.66.232

Whois 223.233.66.232

IP Abuse Reports for 223.233.66.232:

This IP address has been reported a total of 14 times from 10 distinct sources. 223.233.66.232 was first reported on December 9th 2022, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-16 09:34:37 (9 hours ago)	(xmlrpc) Apache: Failed xmlrpc access from 223.233.66.232 (IN/India/abts-north-dynamic-232.66.233.22 ... show more (xmlrpc) Apache: Failed xmlrpc access from 223.233.66.232 (IN/India/abts-north-dynamic-232.66.233.223.airtelbroadband.in): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-16 08:05:19 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.2 ... show more (mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.223.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 04:05:16.503232 2026] [security2:error] [pid 27006:tid 27006] [client 223.233.66.232:23367] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.233.66.232 (+1 hits since last alert)\|pcga.golf\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pcga.golf"] [uri "/xmlrpc.php"] [unique_id "ajEDvGLJuKgLNJhuPbj0PwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-16 07:50:10 (11 hours ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 04:28:05 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.2 ... show more (mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.223.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 00:28:00.082662 2026] [security2:error] [pid 17928:tid 17928] [client 223.233.66.232:15274] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.233.66.232 (+1 hits since last alert)\|rodzillacharters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodzillacharters.com"] [uri "/xmlrpc.php"] [unique_id "ajDQ0LITo3sm3K9aB1p-fAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 11:10:40 (1 day ago)	Attac	Brute-Force
Anonymous	2026-06-15 11:09:26 (1 day ago)	[redacted] 223.233.66.232 - - [15/Jun/2026:13:08:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 223.233.66.232 - - [15/Jun/2026:13:08:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.2; http://site40939386.com" [redacted] 223.233.66.232 - - [15/Jun/2026:13:08:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)" [redacted] 223.233.66.232 - - [15/Jun/2026:13:09:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 223.233.66.232 - - [15/Jun/2026:13:09:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 223.233.66.232 - - [15/Jun/2026:13:09:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.2; http://site48395568.com" ... show less	Hacking Web App Attack
🇺🇸 integrantservices.com	2026-06-15 09:15:40 (1 day ago)	(wordpress) Failed wordpress login from 223.233.66.232 (IN/India/abts-north-dynamic-232.66.233.223.a ... show more (wordpress) Failed wordpress login from 223.233.66.232 (IN/India/abts-north-dynamic-232.66.233.223.airtelbroadband.in) show less	Brute-Force
🇺🇸 WeekendWeb	2026-06-15 07:43:35 (1 day ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:32:10 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.2 ... show more (mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.223.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:32:03.286953 2026] [security2:error] [pid 20886:tid 20886] [client 223.233.66.232:27380] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.233.66.232 (+1 hits since last alert)\|pathpa.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pathpa.org"] [uri "/xmlrpc.php"] [unique_id "ai-cY_jrTUZm6vi1Ef5isgAAAH8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:01:05 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.2 ... show more (mod_security) mod_security (id:240335) triggered by 223.233.66.232 (abts-north-dynamic-232.66.233.223.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:01:00.829264 2026] [security2:error] [pid 9702:tid 9702] [client 223.233.66.232:26436] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.233.66.232 (+1 hits since last alert)\|illumoonatedtarot.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "illumoonatedtarot.com"] [uri "/xmlrpc.php"] [unique_id "ai94_Id4w6ypSug7XJYuYgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-23 15:13:20 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2024-11-26 23:36:34 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇨🇦 Largnet SOC	2022-12-09 04:42:51 (3 years ago)	223.233.66.232 triggered Icarus honeypot on port 445. Check us out on github.	Port Scan Hacking
🇩🇪 KPS	2022-12-09 03:55:13 (3 years ago)	PortscanM	Port Scan

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.142.252.20

🇺🇸 172.105.135.134

🇺🇸 152.53.53.142

🇺🇸 104.128.72.37

🇩🇪 95.181.151.215

🇳🇱 89.205.202.57

🇷🇴 80.94.92.186

🇳🇱 45.142.193.122

🇸🇬 43.128.80.49

🇭🇰 38.175.198.44

🇺🇸 34.85.133.133

🇻🇳 27.79.41.23

🇮🇳 20.219.91.90

🇧🇷 20.195.176.139

🇩🇪 213.209.159.225

🇹🇷 212.68.58.7

🇧🇪 198.235.24.158

🇲🇽 187.189.101.160

🇨🇳 183.225.40.193

🇺🇸 167.71.184.162