JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.118.145.215

111.118.145.215 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 55%: ?

55%

ISP	VIETTEL (CAMBODIA) PTE., LTD.
Usage Type	Fixed Line ISP
ASN	AS38623
Domain Name	viettel.com.vn
Country	🇰🇭 Cambodia
City	Phnom Penh, Phnom Penh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.118.145.215

Whois 111.118.145.215

IP Abuse Reports for 111.118.145.215:

This IP address has been reported a total of 16 times from 10 distinct sources. 111.118.145.215 was first reported on June 7th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 20:20:47 (2 hours ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 16:20:42.225527 2026] [security2:error] [pid 30853:tid 30888] [client 111.118.145.215:51026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|howlerrock.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "howlerrock.com"] [uri "/xmlrpc.php"] [unique_id "ajb2GjEw3cJ-7Mht-SrpQQAAANg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 21:28:06 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:28:02.986044 2026] [security2:error] [pid 19873:tid 19873] [client 111.118.145.215:57849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|baselinesc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "baselinesc.com"] [uri "/xmlrpc.php"] [unique_id "ajG_4jdaIET7pciVOf0rzAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 20:26:11 (4 days ago)	(wordpress) Failed wordpress login from 111.118.145.215 (KH/Cambodia/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 19:55:18 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 15:55:12.765214 2026] [security2:error] [pid 15848:tid 15848] [client 111.118.145.215:55579] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|rockinr.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockinr.org"] [uri "/xmlrpc.php"] [unique_id "ajGqIH2tc5qurJ_x5Y5SaAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-16 19:23:35 (4 days ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 17:52:50 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 13:52:44.530705 2026] [security2:error] [pid 6918:tid 6918] [client 111.118.145.215:56737] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|casadelsolmexico.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "casadelsolmexico.net"] [uri "/xmlrpc.php"] [unique_id "ajGNbHOTNoThl70XCuDCmgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 SpamStopper	2026-06-16 17:50:43 (4 days ago)	Fail2Ban - WordPress Bruteforce WordPress logins and Looking for CMS/PHP/SQL vulnerabilities	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-12 06:17:36 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:17:28.295689 2026] [security2:error] [pid 26978:tid 26978] [client 111.118.145.215:53824] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|abeltours.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abeltours.com"] [uri "/xmlrpc.php"] [unique_id "aiukeKCdulursGoZhv23hwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-10 22:26:08 (1 week ago)		Brute-Force Web App Attack
Anonymous	2026-06-10 19:13:53 (1 week ago)	[ns31.kdns.gr] httpd-xmlrpc-post: sites=savouras.gr; logs=/var/log/httpd/domains/savouras.gr.log; sa ... show more [ns31.kdns.gr] httpd-xmlrpc-post: sites=savouras.gr; logs=/var/log/httpd/domains/savouras.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇫🇷 applemooz	2026-06-10 19:11:23 (1 week ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 03:45:31 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:45:25.943409 2026] [security2:error] [pid 8619:tid 8619] [client 111.118.145.215:65090] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|internetnameregistration.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "internetnameregistration.com"] [uri "/xmlrpc.php"] [unique_id "aiY61R6HVFffA0hK-tk6wQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 22:58:34 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 111.118.145.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:58:29.694982 2026] [security2:error] [pid 5207:tid 5207] [client 111.118.145.215:54511] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.118.145.215 (+1 hits since last alert)\|usaangelinvestors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "usaangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "aiX3lRhw3Lz07v-s5y0fnwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-07 22:57:12 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-07 20:56:38 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇦 176.44.91.59

🇺🇸 147.185.132.87

🇨🇳 111.30.42.43

🇺🇸 103.234.62.89

🇳🇱 91.92.40.6

🇫🇷 85.217.140.51

🇮🇩 43.133.148.170

🇺🇸 2607:f8b0:4004:c07::126

🇧🇴 190.181.4.12

🇮🇷 185.180.131.9

🇫🇷 185.177.72.17

🇺🇸 162.216.150.247

🇸🇪 157.22.44.71

🇺🇸 147.185.132.253

🇨🇳 120.48.177.102

🇩🇪 47.245.128.247

🇭🇰 38.76.163.104

🇬🇧 35.203.211.179

🇷🇺 185.40.30.168

🇲🇩 178.168.109.89