JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.202.113.57

112.202.113.57 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 41%: ?

41%

ISP	HOME_DSL
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	112.202.113.57.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Quezon City, National Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.202.113.57

Whois 112.202.113.57

IP Abuse Reports for 112.202.113.57:

This IP address has been reported a total of 18 times from 10 distinct sources. 112.202.113.57 was first reported on January 10th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 07:49:00 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:48:56.362739 2026] [security2:error] [pid 24441:tid 24441] [client 112.202.113.57:7826] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.202.113.57 (+1 hits since last alert)\|fadcometal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fadcometal.com"] [uri "/xmlrpc.php"] [unique_id "aiEt6MROnzieJ2PEucecgAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:21:52 (2 hours ago)	(mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:21:47.764385 2026] [security2:error] [pid 27920:tid 27927] [client 112.202.113.57:5783] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.202.113.57 (+1 hits since last alert)\|tkfay.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tkfay.com"] [uri "/xmlrpc.php"] [unique_id "aiEnixu7GmHZ1aatFg_m-AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-04 02:35:57 (7 hours ago)	112.202.113.57 - - [04/Jun/2026:04:35:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by ... show more 112.202.113.57 - - [04/Jun/2026:04:35:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com" 112.202.113.57 - - [04/Jun/2026:04:35:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com" 112.202.113.57 - - [04/Jun/2026:04:35:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/12.0; WordPress/6.2; http://site89782163.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-04 02:20:33 (7 hours ago)	112.202.113.57 - - [04/Jun/2026:04:20:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress. ... show more 112.202.113.57 - - [04/Jun/2026:04:20:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com" 112.202.113.57 - - [04/Jun/2026:04:20:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/13.0; WordPress/6.2; http://site16827993.com" 112.202.113.57 - - [04/Jun/2026:04:20:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/12.5; WordPress/6.4; http://site27105154.com" show less	Hacking Web App Attack
🇩🇪 grassau.com	2026-06-04 01:52:02 (7 hours ago)	(wordpress) Failed wordpress login from 112.202.113.57 (PH/Philippines/Province of Laguna/Biñan/112. ... show more (wordpress) Failed wordpress login from 112.202.113.57 (PH/Philippines/Province of Laguna/Biñan/112.202.113.57.pldt.net) show less	Brute-Force
Anonymous	2026-06-03 04:20:19 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 03:21:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 23:21:46.232095 2026] [security2:error] [pid 23552:tid 23552] [client 112.202.113.57:7659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.202.113.57 (+1 hits since last alert)\|georgesmarina.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "georgesmarina.com"] [uri "/xmlrpc.php"] [unique_id "ah-dytmB-99aZIH3xY7RZgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2026-06-01 09:52:31 (2 days ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-01 06:09:52 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 09:19:26 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 05:19:21.469766 2026] [security2:error] [pid 4350:tid 4350] [client 112.202.113.57:9189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.202.113.57 (+1 hits since last alert)\|waterspell.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "waterspell.net"] [uri "/xmlrpc.php"] [unique_id "ahlaGWeKy67C7hZGIwMdogAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-29 06:01:29 (6 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 05:32:11 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 112.202.113.57 (112.202.113.57.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 01:32:06.234322 2026] [security2:error] [pid 29220:tid 29220] [client 112.202.113.57:8272] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.202.113.57 (+1 hits since last alert)\|kawkacevents.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kawkacevents.com"] [uri "/xmlrpc.php"] [unique_id "ahkk1t3iltPuc_sDyg3IZQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-29 05:28:59 (6 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-05-28 03:43:15 (1 week ago)	Attac	Brute-Force
🇳🇱 EGP Abuse Dept	2026-03-01 01:06:09 (3 months ago)	Scanning for port/service exploits on tpc-005.mach3builders.nl	Port Scan Hacking

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a13:9500:16b:cac9::1

🇪🇨 157.100.191.3

🇮🇩 103.181.143.131

🇮🇩 103.67.80.61

🇲🇽 98.97.179.177

🇮🇳 43.230.201.87

🇺🇸 3.228.171.127

🇰🇷 222.111.148.83

🇲🇻 209.212.205.50

🇨🇳 182.43.76.81

🇨🇳 115.190.181.18

🇨🇳 110.166.67.189

🇰🇷 101.36.114.222

🇫🇷 31.36.163.95

🇲🇽 186.96.145.241

🇧🇷 177.234.190.25

🇸🇳 154.124.219.74

🇩🇪 116.203.204.171

🇨🇳 115.190.162.240

🇧🇩 103.145.113.206