JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.185.54.252

223.185.54.252 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 39%: ?

39%

ISP	Bharti Airtel Limited, Plot Number 21 Rajiv Gandhi Technology Park In Bharti Airtel Campus, I T Park, Chandigarh - 160001
Usage Type	Fixed Line ISP
ASN	AS24560
Domain Name	airtel.in
Country	🇮🇳 India
City	Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.185.54.252

Whois 223.185.54.252

IP Abuse Reports for 223.185.54.252:

This IP address has been reported a total of 14 times from 9 distinct sources. 223.185.54.252 was first reported on July 24th 2025, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 burlacu.org	2026-06-16 03:18:02 (16 hours ago)	Nginx multi-log analysis detected: wordpress_scan. Evidence: XMLRPC abuse with 27 requests. Blocked ... show more Nginx multi-log analysis detected: wordpress_scan. Evidence: XMLRPC abuse with 27 requests. Blocked automatically. show less	Web App Attack Bad Web Bot
Anonymous	2026-06-15 07:44:07 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇮🇹 Progetto1	2026-06-15 06:05:04 (1 day ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:56:39 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 223.185.54.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 223.185.54.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:56:32.102592 2026] [security2:error] [pid 19975:tid 19975] [client 223.185.54.252:20610] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.185.54.252 (+1 hits since last alert)\|frogdesignmexico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "ai9p4AGHyXNF6hE0A3OWLAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 ycoskun41	2026-06-14 14:07:20 (2 days ago)	fail2ban: plesk-modsecurity jail on genckocaeli.com	Web App Attack
🇫🇷 dynamix	2026-06-11 13:41:39 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇧🇾 stroytrest	2026-05-07 11:03:56 (1 month ago)	2026-05-07T14:03:56.040951+03:00 gate kernel: [1398672.855262] nftables: JAIL-TELNET IN=wan OUT= MAC ... show more 2026-05-07T14:03:56.040951+03:00 gate kernel: [1398672.855262] nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=223.185.54.252 DST=xxx.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=5499 DF PROTO=TCP SPT=8523 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇳🇱 exxos	2025-07-30 01:15:10 (10 months ago)	http-no-verb	Hacking
🇪🇸 Global Cyber Police	2025-07-28 07:27:03 (10 months ago)	Malicious bot activity detected: Hitting honeypot page. Part of massive botnet.	DDoS Attack Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Web App Attack
🇳🇱 exxos	2025-07-28 04:33:22 (10 months ago)	http-no-verb	Hacking
🇳🇱 exxos	2025-07-28 02:30:05 (10 months ago)	http-no-verb	Hacking
🇳🇱 exxos	2025-07-27 23:21:39 (10 months ago)	http-no-verb	Hacking
🇳🇱 exxos	2025-07-27 22:55:53 (10 months ago)	http-no-verb	Hacking
🇳🇱 exxos	2025-07-24 07:40:40 (10 months ago)	http-no-verb	Hacking

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 183.103.144.200

🇨🇳 101.126.89.35

🇬🇧 2a06:4880:2000::3e

🇰🇷 222.108.109.37

🇨🇳 183.201.208.25

🇮🇳 103.91.246.73

🇳🇱 93.123.109.62

🇮🇩 36.64.131.68

🇨🇦 35.183.208.111

🇺🇸 18.119.209.50

🇵🇱 213.92.223.31

🇬🇧 193.163.125.149

🇰🇷 193.123.235.181

🇨🇳 183.224.219.194

🇻🇪 38.188.238.35

🇻🇪 190.142.97.50

🇮🇳 182.78.240.94

🇨🇳 180.76.98.88

🇺🇸 148.153.193.85

🇺🇸 148.153.32.19