JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.134.166.225

112.134.166.225 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 46%: ?

46%

ISP	Internet Service Provider in Sri Lanka.
Usage Type	Fixed Line ISP
ASN	AS9329
Hostname(s)	v4.dns.slt.lk
Domain Name	sltnet.lk
Country	🇱🇰 Sri Lanka
City	Maharagama, Western Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.134.166.225

Whois 112.134.166.225

IP Abuse Reports for 112.134.166.225:

This IP address has been reported a total of 12 times from 8 distinct sources. 112.134.166.225 was first reported on July 17th 2021, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 Dunham Support	2026-06-21 04:18:20 (13 hours ago)	(wordpress) Failed wordpress login from 112.134.166.225 (LK/Sri Lanka/v4.dns.slt.lk)	Brute-Force
Anonymous	2026-06-21 01:56:54 (16 hours ago)	[redacted] 112.134.166.225 - - [21/Jun/2026:03:56:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 112.134.166.225 - - [21/Jun/2026:03:56:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" [redacted] 112.134.166.225 - - [21/Jun/2026:03:56:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 112.134.166.225 - - [21/Jun/2026:03:56:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site53180069.com" [redacted] 112.134.166.225 - - [21/Jun/2026:03:56:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 112.134.166.225 - - [21/Jun/2026:03:56:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
Anonymous	2026-06-20 19:16:45 (22 hours ago)	[redacted] 112.134.166.225 - - [20/Jun/2026:21:16:02 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 112.134.166.225 - - [20/Jun/2026:21:16:02 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site18647421.com" [redacted] 112.134.166.225 - - [20/Jun/2026:21:16:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site54956921.com" [redacted] 112.134.166.225 - - [20/Jun/2026:21:16:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" [redacted] 112.134.166.225 - - [20/Jun/2026:21:16:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" [redacted] 112.134.166.225 - - [20/Jun/2026:21:16:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 12:25:48 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 112.134.166.225 (v4.dns.slt.lk): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 112.134.166.225 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 08:25:41.108604 2026] [security2:error] [pid 6823:tid 6823] [client 112.134.166.225:55238] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.166.225 (+1 hits since last alert)\|navarrete.ws\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "navarrete.ws"] [uri "/xmlrpc.php"] [unique_id "ajaGxZmDo2lzebqwLwqx5gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-20 08:43:53 (1 day ago)	(wordpress) Failed wordpress login from 112.134.166.225 (LK/Sri Lanka/v4.dns.slt.lk)	Brute-Force
Anonymous	2026-06-19 03:57:02 (2 days ago)	[redacted] 112.134.166.225 - - [19/Jun/2026:05:56:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 112.134.166.225 - - [19/Jun/2026:05:56:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 112.134.166.225 - - [19/Jun/2026:05:56:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 112.134.166.225 - - [19/Jun/2026:05:56:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 112.134.166.225 - - [19/Jun/2026:05:56:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site57921495.com" [redacted] 112.134.166.225 - - [19/Jun/2026:05:57:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" ... show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-18 22:26:16 (2 days ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 10:30:17 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 112.134.166.225 (v4.dns.slt.lk): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 112.134.166.225 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 06:30:09.856164 2026] [security2:error] [pid 13330:tid 13359] [client 112.134.166.225:55055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.166.225 (+1 hits since last alert)\|ethicmark.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ethicmark.org"] [uri "/xmlrpc.php"] [unique_id "ajPIsWDytWbfRLKxnSyTmAAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 09:57:42 (3 days ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2026-06-18 08:32:11 (3 days ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=diadromi.com; logs=/var/log/httpd/domains/diadromi.com.log; sa ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=diadromi.com; logs=/var/log/httpd/domains/diadromi.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:47:48 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 112.134.166.225 (v4.dns.slt.lk): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 112.134.166.225 (v4.dns.slt.lk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:47:45.216413 2026] [security2:error] [pid 25366:tid 25366] [client 112.134.166.225:54853] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.134.166.225 (+1 hits since last alert)\|gracebaptisthartsville.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gracebaptisthartsville.com"] [uri "/xmlrpc.php"] [unique_id "ajN4cZhXbPUzt9DH107z1wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 syokadmin	2021-07-17 22:11:51 (4 years ago)	(mod_security) mod_security (id:949110) triggered by 112.134.166.225 (LK/Sri Lanka/-): 1 in the last ... show more (mod_security) mod_security (id:949110) triggered by 112.134.166.225 (LK/Sri Lanka/-): 1 in the last 3600 secs show less	Brute-Force

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.61.114

🇮🇩 182.2.186.158

🇺🇸 174.166.153.20

🇺🇸 173.255.221.22

🇺🇸 167.99.148.102

🇹🇳 154.110.13.88

🇮🇩 125.165.73.233

🇺🇸 97.107.133.213

🇦🇺 51.161.193.77

🇨🇳 47.120.74.182

🇵🇪 45.170.50.2

🇨🇳 221.229.218.50

🇧🇷 191.35.128.147

🇧🇬 185.253.160.7

🇮🇳 116.74.133.79

🇵🇹 95.94.205.12

🇵🇱 87.251.64.156

🇭🇰 74.125.179.157

🇨🇦 72.251.5.146

🇳🇱 45.148.10.141