JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 61.0.52.222

61.0.52.222 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 5%: ?

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Cheyyur, Tamil Nadu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 61.0.52.222

Whois 61.0.52.222

IP Abuse Reports for 61.0.52.222:

This IP address has been reported a total of 12 times from 7 distinct sources. 61.0.52.222 was first reported on February 13th 2023, and the most recent report was 19 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 11:19:23 (19 minutes ago)	(mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 07:19:17.823671 2026] [security2:error] [pid 6209:tid 6209] [client 61.0.52.222:54327] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.52.222 (+1 hits since last alert)\|roguetechhub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechhub.com"] [uri "/xmlrpc.php"] [unique_id "ajfItfqRUZ2SdRqjXfQsdAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 10:31:34 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:31:30.495669 2026] [security2:error] [pid 6081:tid 6081] [client 61.0.52.222:59313] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|milliondollarbelt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "milliondollarbelt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aje9gv0eOQijleSZ9kYvEwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 07:34:17 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 03:34:12.956826 2026] [security2:error] [pid 25276:tid 25284] [client 61.0.52.222:64764] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.52.222 (+1 hits since last alert)\|tradersofficepark.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tradersofficepark.com"] [uri "/xmlrpc.php"] [unique_id "ajeT9FSDKMA9RTPdvMFk4wAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 07:08:24 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 03:08:20.416068 2026] [security2:error] [pid 21859:tid 21954] [client 61.0.52.222:52518] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.52.222 (+1 hits since last alert)\|hoffmanandassoc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hoffmanandassoc.com"] [uri "/xmlrpc.php"] [unique_id "ajeN5HRWLqXrrUA5hZl44wAAAdE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 05:06:27 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.0.52.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 01:06:21.578096 2026] [security2:error] [pid 19806:tid 19806] [client 61.0.52.222:65176] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.0.52.222 (+1 hits since last alert)\|crystaljohns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "crystaljohns.com"] [uri "/xmlrpc.php"] [unique_id "ajdxTULwuuzDG_c1sOrYuwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-06-05 23:02:32 (1 year ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/61.0.52.222	SSH
🇺🇸 cybsecaoccol	2025-06-05 01:00:14 (1 year ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
🇳🇱 Study Bitcoin 🤗	2025-06-04 21:56:43 (1 year ago)	Port probe to tcp/23 (telnet) [srv131]	Port Scan Hacking
Anonymous	2025-06-04 20:02:30 (1 year ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇵🇱 MatStef132	2025-05-20 09:30:50 (1 year ago)	Detected malicious connections: 97	DDoS Attack
🇵🇱 MatStef132	2025-05-20 09:30:50 (1 year ago)	Detected malicious connections: 97	DDoS Attack
🇳🇱 EGP Abuse Dept	2023-02-13 05:14:48 (3 years ago)	Unauthorized connection to proxy port 8080	Port Scan Hacking

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇶🇦 2600:1900:4260:40e::123

🇬🇧 198.244.183.209

🇰🇷 121.184.144.232

🇺🇸 107.175.87.129

🇱🇹 81.30.98.44

🇩🇪 45.142.107.99

🇧🇷 189.51.216.20

🇻🇳 183.91.27.6

🇻🇳 171.231.195.144

🇺🇿 144.124.192.139

🇬🇧 87.236.176.177

🇧🇷 45.205.1.241

🇹🇷 31.145.131.202

🇵🇱 23.230.84.230

🇺🇸 20.168.121.119

🇺🇸 216.25.89.94

🇳🇱 176.65.148.84

🇧🇬 94.155.124.98

🇺🇸 17.22.245.235

🇬🇧 2a06:4880:c000::ee