AbuseIPDB » 122.168.4.225
122.168.4.225 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 28% : ?
ISP
1 Malviya Nagar,
Usage Type
Fixed Line ISP
ASN
AS24560
Hostname(s)
abts-mp-dynamic-225.4.168.122.airtelbroadband.in
Domain Name
airtel.in
Country
๐ฎ๐ณ
India
City
Charkhi Dadri, Haryana
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 122.168.4.225 :
This IP address has been reported a total of
9
times from
8 distinct
sources.
122.168.4.225 was first reported on
March 3rd 2026 , and the most recent report was
3 weeks ago .
Old Reports:
The most recent abuse report for this IP address is from
3 weeks ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ซ๐ท
dynamix
2026-06-15 07:46:37
(3 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-06-14 08:15:04
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฉ๐ช
grassau.com
2026-06-14 08:08:57
(3 weeks ago)
(wordpress) Failed wordpress login from 122.168.4.225 (IN/India/Haryana/Panipat/abts-mp-dynamic-225. ...
show more
(wordpress) Failed wordpress login from 122.168.4.225 (IN/India/Haryana/Panipat/abts-mp-dynamic-225.4.168.122.airtelbroadband.in)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-13 08:57:12
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 122.168.4.225 (abts-mp-dynamic-225.4.168.122.ai ...
show more
(mod_security) mod_security (id:240335) triggered by 122.168.4.225 (abts-mp-dynamic-225.4.168.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:57:03.356464 2026] [security2:error] [pid 5804:tid 5804] [client 122.168.4.225:6005] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.168.4.225 (+1 hits since last alert)|londongroup.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "londongroup.info"] [uri "/xmlrpc.php"] [unique_id "ai0bX-nuI43llRxCbtQoKAAAAIA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
check-the-sum.fr
2026-05-12 02:54:17
(1 month ago)
Port Scanning
Port Scan
๐บ๐ธ
cybsecaoccol
2026-05-12 02:16:45
(1 month ago)
unauthorized connection or malicious port scan attempted on tcp port - corp
Port Scan
Hacking
๐บ๐ธ
MPL
2026-05-12 02:07:02
(1 month ago)
tcp/23
Port Scan
๐ณ๐ฑ
EGP Abuse Dept
2026-05-12 01:37:43
(1 month ago)
Unauthorized connection to Telnet port 23
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-03-03 02:20:19
(4 months ago)
(mod_security) mod_security (id:218580) triggered by 122.168.4.225 (abts-mp-dynamic-225.4.168.122.ai ...
show more
(mod_security) mod_security (id:218580) triggered by 122.168.4.225 (abts-mp-dynamic-225.4.168.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 21:20:10.623538 2026] [security2:error] [pid 2429:tid 2429] [client 122.168.4.225:2335] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\*[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:n. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.||watermarks.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "watermarks.info"] [uri "/bus.php"] [unique_id "aaZFWmMY-8cY6AJHaP5oAQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: