JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 61.0.40.101

61.0.40.101 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 84%: ?

84%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Hostname(s)	static.ftth.sgl.61.0.40.101.bsnl.in
Domain Name	bsnl.in
Country	🇮🇳 India
City	Aurangabad, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 61.0.40.101

Whois 61.0.40.101

IP Abuse Reports for 61.0.40.101:

This IP address has been reported a total of 31 times from 18 distinct sources. 61.0.40.101 was first reported on June 1st 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-21 15:31:48 (4 hours ago)	61.0.40.101 - - [21/Jun/2026:17:31:48 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack by WordPress.com"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 07:39:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.i ... show more (mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:39:29.934717 2026] [security2:error] [pid 19080:tid 19080] [client 61.0.40.101:49430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.40.101 (+1 hits since last alert)\|odinathletes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "odinathletes.com"] [uri "/xmlrpc.php"] [unique_id "ajZDsbt53T-S5AkqHUli7AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-20 07:39:10 (1 day ago)	Attac	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-19 08:48:35 (2 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/static.ftth.sgl.61.0.40.101.bsnl.in	Web App Attack
Anonymous	2026-06-18 13:26:44 (3 days ago)	[redacted] 61.0.40.101 - - [18/Jun/2026:15:26:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jet ... show more [redacted] 61.0.40.101 - - [18/Jun/2026:15:26:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site24187585.com" [redacted] 61.0.40.101 - - [18/Jun/2026:15:26:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" [redacted] 61.0.40.101 - - [18/Jun/2026:15:26:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site90104748.com" [redacted] 61.0.40.101 - - [18/Jun/2026:15:26:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 61.0.40.101 - - [18/Jun/2026:15:26:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" ... show less	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-18 08:15:40 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇳🇱 ipoac.nl	2026-06-15 09:39:52 (6 days ago)	2026-06-15T11:39:51.158546+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 61. ... show more 2026-06-15T11:39:51.158546+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 61.0.40.101 show less	Web App Attack
🇪🇸 masterguru	2026-06-15 07:30:01 (6 days ago)	(xmlrpc) Failed xmlrpc access from 61.0.40.101 (IN/India/static.ftth.sgl.61.0.40.101.bsnl.in): 5 in ... show more (xmlrpc) Failed xmlrpc access from 61.0.40.101 (IN/India/static.ftth.sgl.61.0.40.101.bsnl.in): 5 in the last 3600 secs (0-122) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-15 05:56:01 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.i ... show more (mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:55:56.828202 2026] [security2:error] [pid 27438:tid 27438] [client 61.0.40.101:49696] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.40.101 (+1 hits since last alert)\|hsoftwaresystems.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hsoftwaresystems.net"] [uri "/xmlrpc.php"] [unique_id "ai-T7KGncEzwusDnjtg0_QAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 06:44:36 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.i ... show more (mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:44:31.279107 2026] [security2:error] [pid 9099:tid 9123] [client 61.0.40.101:59228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.40.101 (+1 hits since last alert)\|rockabyecotons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockabyecotons.com"] [uri "/xmlrpc.php"] [unique_id "aiuqz2b658FxakY73c-gOgAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-11 13:23:46 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:55:53 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.i ... show more (mod_security) mod_security (id:240335) triggered by 61.0.40.101 (static.ftth.sgl.61.0.40.101.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:55:48.515008 2026] [security2:error] [pid 16209:tid 16209] [client 61.0.40.101:64682] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.40.101 (+1 hits since last alert)\|talentstar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talentstar.com"] [uri "/xmlrpc.php"] [unique_id "aiqwVJes-qknqxuNaGqREgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-11 07:45:06 (1 week ago)		Web App Attack
🇫🇷 Kenshin869	2026-06-10 12:29:28 (1 week ago)	Wordpress unauthorized access attempt	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-10 10:34:40 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/static.ftth.sgl.61.0.40.101.bsnl.in	Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.115

🇧🇩 123.253.38.55

🇨🇳 115.190.83.181

🇷🇴 80.94.92.206

🇺🇸 76.105.89.4

🇿🇦 41.162.56.37

🇺🇸 2a03:2880:18ff::

🇭🇰 199.45.154.137

🇹🇼 198.235.24.122

🇳🇱 176.65.139.229

🇱🇹 81.30.98.49

🇺🇸 73.188.32.201

🇭🇰 47.76.135.222

🇺🇸 216.25.89.101

🇿🇦 196.192.181.202

🇨🇳 171.217.92.33

🇺🇸 137.184.220.161

🇩🇪 134.119.86.47

🇧🇷 45.177.210.193

🇨🇳 218.59.235.170