JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 61.15.52.40

61.15.52.40 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 27%: ?

27%

ISP	HK Cable TV Ltd
Usage Type	Fixed Line ISP
ASN	AS9908
Hostname(s)	cm61-15-52-40.hkcable.com.hk
Domain Name	hkcable.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 61.15.52.40

Whois 61.15.52.40

IP Abuse Reports for 61.15.52.40:

This IP address has been reported a total of 17 times from 4 distinct sources. 61.15.52.40 was first reported on June 5th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 07:55:31 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:55:22.990339 2026] [security2:error] [pid 5334:tid 5334] [client 61.15.52.40:42436] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.yankeetownfishing.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.yankeetownfishing.com"] [uri "/php-cgi/php.exe"] [unique_id "aifG6k1__vi9ijIrJoPspQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 07:24:21 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:24:17.939747 2026] [security2:error] [pid 3442:tid 3442] [client 61.15.52.40:46934] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.tulsatvmemories.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.tulsatvmemories.com"] [uri "/cgi-bin/php.exe"] [unique_id "aie_oRThkJm0BZYRP-iBXwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 22:34:20 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:34:14.115987 2026] [security2:error] [pid 20244:tid 20244] [client 61.15.52.40:55192] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|cchockeyhistory.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "cchockeyhistory.org"] [uri "/php-cgi/php.exe"] [unique_id "aidDZncKM650bTy7rzNQ4wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 22:17:36 (1 week ago)	(mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:17:32.633875 2026] [security2:error] [pid 24810:tid 24810] [client 61.15.52.40:45358] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|namefinder.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "namefinder.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aic_fC-qor5tg15o9FsjEwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:57:25 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:57:20.688028 2026] [security2:error] [pid 1040:tid 1040] [client 61.15.52.40:54468] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|starfrontiers.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "starfrontiers.com"] [uri "/cgi-bin/php.exe"] [unique_id "aibmYOGuZr0G5YamhpI5RAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2026-06-08 15:15:47 (1 week ago)	PHP CGI Argument Injection Vulnerability, PTR: cm61-15-52-40.hkcable.com.hk.	Hacking
🇺🇸 TPI-Abuse	2026-06-08 13:27:27 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:27:20.018665 2026] [security2:error] [pid 21981:tid 21981] [client 61.15.52.40:47300] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|johnmorogiello.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "johnmorogiello.com"] [uri "/cgi-bin/php-cgi.exe"] [unique_id "aibDOMdGLlyBS689kxG6OwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 13:08:29 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:08:23.801774 2026] [security2:error] [pid 16043:tid 16043] [client 61.15.52.40:48244] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|independentmusicconference.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "independentmusicconference.com"] [uri "/php-cgi/php.exe"] [unique_id "aia-x4SRKq_l2rEFQs24VgAAADQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:18:39 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:18:31.834872 2026] [security2:error] [pid 7838:tid 7838] [client 61.15.52.40:40740] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|geckoturner.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "geckoturner.com"] [uri "/cgi-bin/php.exe"] [unique_id "aiazF0D9wh4IXAYZlF5P-gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:07:35 (1 week ago)	(mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:07:31.223998 2026] [security2:error] [pid 1459:tid 1482] [client 61.15.52.40:46166] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|tomithai.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "tomithai.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aiaUYzFzqG7lWD1G1QEoXAAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:35:04 (1 week ago)	(mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:34:59.229575 2026] [security2:error] [pid 7024:tid 7090] [client 61.15.52.40:55956] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|pamper.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "pamper.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aiaMw2RulQKSMSXyOC8ekAAAAMQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:00:01 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:210350) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:59:54.823776 2026] [security2:error] [pid 3916:tid 3916] [client 61.15.52.40:39216] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|antoniocobo.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "antoniocobo.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aiaEimfiyO6cRE7-SdNWlgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:41:04 (1 week ago)	(mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:40:57.232160 2026] [security2:error] [pid 18079:tid 18079] [client 61.15.52.40:60196] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|furfriend-z.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "furfriend-z.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aiaAGSyOptX_r5MXjzhixwAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:00:01 (1 week ago)	(mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 i ... show more (mod_security) mod_security (id:218420) triggered by 61.15.52.40 (cm61-15-52-40.hkcable.com.hk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:59:54.304474 2026] [security2:error] [pid 20812:tid 20812] [client 61.15.52.40:52496] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|aes-nihil.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "aes-nihil.com"] [uri "/php-cgi/php-cgi.exe"] [unique_id "aiZ2euAfYbGp3PGUYU9QaAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇼 kk_it_man	2026-06-06 12:03:04 (1 week ago)	ET WEB_SERVER Generic PHP Remote File Include ET WEB_SERVER PHP tags in HTTP POST ET WEB_SERVER ... show more ET WEB_SERVER Generic PHP Remote File Include ET WEB_SERVER PHP tags in HTTP POST ET WEB_SERVER PHP.//Input in HTTP POST ET WEB_SERVER allow_url_include PHP config option in uri ET WEB_SERVER auto_prepend_file PHP config option in uri ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) show less	Port Scan

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 193.37.32.134

🇧🇬 78.128.112.6

🇺🇸 205.210.31.93

🇭🇰 199.45.154.184

🇳🇱 195.178.110.30

🇳🇱 93.123.109.152

🇳🇱 91.92.40.11

🇶🇦 20.173.116.24

🇫🇷 212.227.27.47

🇺🇸 198.23.194.150

🇧🇷 187.110.238.50

🇳🇱 178.62.227.181

🇫🇮 147.185.133.156

🇮🇳 139.84.167.57

🇧🇷 132.255.159.156

🇰🇷 220.80.223.144

🇺🇸 147.185.132.237

🇺🇸 147.185.132.45

🇳🇱 77.83.39.197

🇺🇬 41.210.131.212