JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.134.156.67

112.134.156.67 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 53%: ?

53%

ISP	Internet Service Provider in Sri Lanka.
Usage Type	Fixed Line ISP
ASN	AS9329
Hostname(s)	v4.dns.slt.lk
Domain Name	sltnet.lk
Country	🇱🇰 Sri Lanka
City	Kalutara, Western Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.134.156.67

Whois 112.134.156.67

IP Abuse Reports for 112.134.156.67:

This IP address has been reported a total of 14 times from 9 distinct sources. 112.134.156.67 was first reported on March 5th 2022, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-06-13 13:26:32 (16 hours ago)	(wordpress) Failed wordpress login from 112.134.156.67 (LK/Sri Lanka/v4.dns.slt.lk): (CF_ENABLE)	Brute-Force
🇺🇸 integrantservices.com	2026-06-13 09:05:38 (21 hours ago)	(wordpress) Failed wordpress login from 112.134.156.67 (LK/Sri Lanka/v4.dns.slt.lk)	Brute-Force
Anonymous	2026-06-13 08:34:19 (21 hours ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:02:06 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:02:03.243631 2026] [security2:error] [pid 14668:tid 14668] [client 112.134.156.67:60750] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.156.67 (+1 hits since last alert)\|rblep.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rblep.com"] [uri "/xmlrpc.php"] [unique_id "aizyW3XqZCfX9eHB1KPjGgAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Kenshin869	2026-06-12 11:48:40 (1 day ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 11:20:29 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:20:24.512672 2026] [security2:error] [pid 14618:tid 14618] [client 112.134.156.67:61309] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.156.67 (+1 hits since last alert)\|wsffjatc.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wsffjatc.org"] [uri "/xmlrpc.php"] [unique_id "aivreOV5VR2NI8ngKmNxOwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:49:30 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:49:24.642124 2026] [security2:error] [pid 31045:tid 31045] [client 112.134.156.67:60716] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.156.67 (+1 hits since last alert)\|thepercussionworks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "aivkNLxvaOVrq8FGbji4dwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 10:06:27 (1 day ago)		Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 05:25:27 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 01:25:18.878029 2026] [security2:error] [pid 18932:tid 18932] [client 112.134.156.67:60623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.156.67 (+1 hits since last alert)\|livingminimal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "livingminimal.com"] [uri "/xmlrpc.php"] [unique_id "aiuYPml0C7ESwN9nLx3csgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 07:47:33 (2 days ago)	[ns41.kdns.gr] httpd-xmlrpc-post: sites=jiotis.gr; logs=/var/log/httpd/domains/jiotis.gr.log; sample ... show more [ns41.kdns.gr] httpd-xmlrpc-post: sites=jiotis.gr; logs=/var/log/httpd/domains/jiotis.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-11 05:13:05 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:38:12 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:38:07.565553 2026] [security2:error] [pid 31711:tid 31711] [client 112.134.156.67:59612] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.156.67 (+1 hits since last alert)\|proyectomanhattan.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "proyectomanhattan.info"] [uri "/xmlrpc.php"] [unique_id "aie0z1HMGQyGWihp8REapwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:20:10 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 112.134.156.67 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:20:01.684279 2026] [security2:error] [pid 21672:tid 21672] [client 112.134.156.67:60047] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|desdier.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "desdier.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiazcZiho6c9_iG0Qgpt8wAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Delta Whiskey	2022-03-05 06:28:32 (4 years ago)	Multiple failed WordPress authentication attempts	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.30.36.118

🇺🇸 147.185.132.111

🇧🇩 115.127.0.158

🇧🇬 79.124.62.230

🇧🇬 78.128.114.174

🇺🇸 74.125.80.149

🇸🇬 47.79.201.243

🇧🇪 34.140.154.167

🇩🇪 213.209.159.238

🇩🇪 212.30.36.168

🇲🇾 205.188.217.8

🇫🇷 194.226.169.22

🇮🇷 192.15.125.0

🇳🇱 185.99.99.95

🇧🇷 177.11.196.79

🇺🇸 162.216.149.107

🇺🇸 157.245.143.65

🇨🇳 123.233.236.137

🇩🇪 45.86.202.137

🇺🇸 20.150.192.134