JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 61.3.15.19

61.3.15.19 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 37%: ?

37%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Mobile ISP
ASN	AS9829
Domain Name	bsnl.in
Country	🇮🇳 India
City	Bengaluru, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 61.3.15.19

Whois 61.3.15.19

IP Abuse Reports for 61.3.15.19:

This IP address has been reported a total of 10 times from 5 distinct sources. 61.3.15.19 was first reported on June 11th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 10:23:00 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:22:54.112172 2026] [security2:error] [pid 952:tid 952] [client 61.3.15.19:63180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.3.15.19 (+1 hits since last alert)\|baliaccommodationpadangpadang.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "baliaccommodationpadangpadang.com"] [uri "/xmlrpc.php"] [unique_id "aivd_uDM9SpU3wFkKG99OQAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 07:37:32 (1 day ago)	[osotir.org] httpd-xmlrpc-post: sites=ear-books.com; logs=/var/log/httpd/domains/ear-books.com.log; ... show more [osotir.org] httpd-xmlrpc-post: sites=ear-books.com; logs=/var/log/httpd/domains/ear-books.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-12 05:17:48 (1 day ago)	61.3.15.19 - - [12/Jun/2026:07:17:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; ... show more 61.3.15.19 - - [12/Jun/2026:07:17:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; WordPress/6.3; http://site38147390.com" 61.3.15.19 - - [12/Jun/2026:07:17:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" 61.3.15.19 - - [12/Jun/2026:07:17:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.5; WordPress/6.1; http://site53152576.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-12 05:02:25 (1 day ago)	61.3.15.19 - - [12/Jun/2026:07:02:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by Wor ... show more 61.3.15.19 - - [12/Jun/2026:07:02:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" 61.3.15.19 - - [12/Jun/2026:07:02:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" 61.3.15.19 - - [12/Jun/2026:07:02:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; WordPress/6.3; http://site54203439.com" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 23:38:31 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 19:38:24.173806 2026] [security2:error] [pid 7837:tid 7837] [client 61.3.15.19:58326] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.3.15.19 (+1 hits since last alert)\|michelehoop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michelehoop.com"] [uri "/xmlrpc.php"] [unique_id "aitG8CiR4A0wLXvxfIEjWQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 22:02:22 (1 day ago)	[redacted] 61.3.15.19 - - [12/Jun/2026:00:01:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetp ... show more [redacted] 61.3.15.19 - - [12/Jun/2026:00:01:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 61.3.15.19 - - [12/Jun/2026:00:01:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 61.3.15.19 - - [12/Jun/2026:00:02:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 61.3.15.19 - - [12/Jun/2026:00:02:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" [redacted] 61.3.15.19 - - [12/Jun/2026:00:02:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site46800297.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 20:53:48 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 16:53:40.092326 2026] [security2:error] [pid 5962:tid 5962] [client 61.3.15.19:58693] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.3.15.19 (+1 hits since last alert)\|forefrontmusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "forefrontmusic.com"] [uri "/xmlrpc.php"] [unique_id "aisgVOOXjz2RQicq8JhxsgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 18:07:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 14:07:29.775201 2026] [security2:error] [pid 28159:tid 28165] [client 61.3.15.19:62190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.3.15.19 (+1 hits since last alert)\|lamcohomecare.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lamcohomecare.com"] [uri "/xmlrpc.php"] [unique_id "air5YaLc0CXjCfT7TRML7QAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-11 15:32:08 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:06:07 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 61.3.15.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:06:00.907384 2026] [security2:error] [pid 7650:tid 7650] [client 61.3.15.19:50861] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 61.3.15.19 (+1 hits since last alert)\|nearfieldchrist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nearfieldchrist.com"] [uri "/xmlrpc.php"] [unique_id "aiqWmOKyCqN_P153rr8_rAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.49

🇺🇸 209.87.149.26

🇧🇷 191.53.131.31

🇪🇨 190.152.52.202

🇨🇳 183.203.209.226

🇭🇰 103.243.26.174

🇮🇳 27.123.104.42

🇧🇷 187.34.131.129

🇻🇳 160.25.166.88

🇺🇸 154.83.197.15

🇨🇳 112.26.99.93

🇺🇸 107.197.183.81

🇳🇱 91.92.40.6

🇺🇸 88.216.68.23

🇭🇰 47.76.49.98

🇩🇪 45.135.141.11

🇫🇮 37.27.234.213

🇨🇦 20.220.150.55

🇸🇪 185.246.130.20

🇺🇸 104.129.17.147