JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.92.145.56

111.92.145.56 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 53%: ?

53%

ISP	SkyNet Multi Services (Pvt) Ltd.
Usage Type	Fixed Line ISP
ASN	AS132165
Domain Name	snms.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.92.145.56

Whois 111.92.145.56

IP Abuse Reports for 111.92.145.56:

This IP address has been reported a total of 19 times from 9 distinct sources. 111.92.145.56 was first reported on May 5th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 13:04:15 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:04:09.773903 2026] [security2:error] [pid 6284:tid 6284] [client 111.92.145.56:55054] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.92.145.56 (+1 hits since last alert)\|dynamic-therapy-mn.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dynamic-therapy-mn.com"] [uri "/xmlrpc.php"] [unique_id "ajvVyfzEIDZWscHXk3Dt_QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-24 12:32:57 (2 days ago)	(wordpress) Failed wordpress login from 111.92.145.56 (PK/Pakistan/-)	Brute-Force
🇨🇭 Mario Bretscher	2026-06-24 12:20:18 (2 days ago)	Jun 24 14:20:05 beat-band.ch Cerber(beat-band.ch)[4119621]: Authentication failure for admin from 11 ... show more Jun 24 14:20:05 beat-band.ch Cerber(beat-band.ch)[4119621]: Authentication failure for admin from 111.92.145.56 Jun 24 14:20:16 beat-band.ch Cerber(beat-band.ch)[4119635]: Authentication failure for admin from 111.92.145.56 ... show less	Web Spam
Anonymous	2026-06-24 12:20:16 (2 days ago)	[redacted] 111.92.145.56 - - [24/Jun/2026:14:19:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ... show more [redacted] 111.92.145.56 - - [24/Jun/2026:14:19:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 111.92.145.56 - - [24/Jun/2026:14:19:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 111.92.145.56 - - [24/Jun/2026:14:19:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site81891403.com" [redacted] 111.92.145.56 - - [24/Jun/2026:14:20:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 111.92.145.56 - - [24/Jun/2026:14:20:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.1; http://site27071092.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 10:47:18 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 06:47:08.528909 2026] [security2:error] [pid 30802:tid 30802] [client 111.92.145.56:38775] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.92.145.56 (+1 hits since last alert)\|energycapitalinvestments.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "energycapitalinvestments.com"] [uri "/xmlrpc.php"] [unique_id "aju1rCBhR-JOUH8fuDVl-QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-24 10:29:16 (3 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-24 09:47:26 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:47:21.794966 2026] [security2:error] [pid 12408:tid 12408] [client 111.92.145.56:38061] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.92.145.56 (+1 hits since last alert)\|pinetreedistrict.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pinetreedistrict.org"] [uri "/xmlrpc.php"] [unique_id "ajunqRfxLHfmxJ5zgitXwQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-06-24 09:28:19 (3 days ago)	(xmlrpc) Failed xmlrpc access from 111.92.145.56 (-): 5 in the last 3600 secs (0-122)	Hacking
🇩🇪 abdubhai	2026-06-24 09:23:27 (3 days ago)	111.92.145.56 - - [24/Jun/2026:1 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-24 09:14:24 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:14:17.891158 2026] [security2:error] [pid 832:tid 832] [client 111.92.145.56:38421] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.92.145.56 (+1 hits since last alert)\|iplayriichi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iplayriichi.com"] [uri "/xmlrpc.php"] [unique_id "ajuf6Tn7wzU7iexif-rQFwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 07:56:10 (3 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-24 07:45:08 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 111.92.145.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:44:55.116109 2026] [security2:error] [pid 1856:tid 1856] [client 111.92.145.56:38171] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 111.92.145.56 (+1 hits since last alert)\|richmondrents.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "richmondrents.com"] [uri "/xmlrpc.php"] [unique_id "ajuK9_wUrQKL09PioY1SxAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-24 07:31:04 (3 days ago)	4.843 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2026-05-05 12:55:31 (1 month ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 integrantservices.com	2026-05-05 11:56:12 (1 month ago)	(wordpress) Failed wordpress login from 111.92.145.56 (PK/Pakistan/-)	Brute-Force

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 182.10.98.68

🇮🇳 157.38.4.160

🇨🇳 121.196.167.250

🇮🇳 38.137.55.206

🇯🇵 8.216.7.116

🇸🇪 4.225.202.230

🇵🇪 190.237.15.125

🇪🇨 190.131.135.195

🇲🇾 182.62.69.184

🇻🇳 103.167.89.222

🇺🇸 64.62.156.120

🇽🇰 46.99.3.188

🇳🇱 45.148.10.157

🇮🇩 43.129.33.244

🇬🇧 35.203.211.56

🇺🇸 32.197.205.183

🇧🇷 20.226.50.160

🇺🇸 20.163.60.199

🇺🇸 216.45.50.119

🇬🇧 193.163.125.253