JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 110.53.234.20

110.53.234.20 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 11%: ?

11%

ISP	China Unicom HuNan province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 110.53.234.20

Whois 110.53.234.20

IP Abuse Reports for 110.53.234.20:

This IP address has been reported a total of 47 times from 10 distinct sources. 110.53.234.20 was first reported on May 7th 2021, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 00:16:40 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:16:27.195923 2026] [security2:error] [pid 27677:tid 27677] [client 110.53.234.20:26327] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|yaseminomer.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "yaseminomer.com"] [uri "/"] [unique_id "ajM423aN-3uJXKIaCNKFXwAAABA"], referer: http://yaseminomer.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:11:06 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:10:52.521896 2026] [security2:error] [pid 27191:tid 27191] [client 110.53.234.20:19369] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|benjaminshaw.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "benjaminshaw.com"] [uri "/"] [unique_id "ai9RHFliIU-zN1VvX7FeqgAAAD4"], referer: http://benjaminshaw.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 18:44:55 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 14:44:47.076105 2026] [security2:error] [pid 30741:tid 30741] [client 110.53.234.20:38594] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|celltechs.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "celltechs.net"] [uri "/"] [unique_id "ahH1n3PFkKTcSP1GjRuvyQAAABA"], referer: http://celltechs.net/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-01 14:48:13 (1 month ago)	Multiple connection attempts to UDP 8568	Port Scan
🇩🇪 SMARTNET	2025-11-30 18:38:00 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇩🇪 SMARTNET	2025-11-30 18:38:00 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇺🇸 kosada.com	2025-10-01 04:33:43 (8 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2025-09-23 01:26:22 (8 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-09-21 13:42:39 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 21 09:42:30.616116 2025] [security2:error] [pid 4266:tid 4266] [client 110.53.234.20:4353] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/111/game/1416/"] [unique_id "aNAAxhIFeZuTaVZSABNZhAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-19 04:15:08 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 19 00:15:00.081530 2025] [security2:error] [pid 23845:tid 23845] [client 110.53.234.20:47460] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/2789/game/117031/"] [unique_id "aMzYxGR6s9eJTSSubIFRugAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-15 16:05:16 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 15 12:05:04.195795 2025] [security2:error] [pid 20774:tid 20774] [client 110.53.234.20:8114] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/1276/game/50101/"] [unique_id "aMg5MJ3517MrzlDID_mXPgAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-07 10:53:37 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 07 06:53:28.719163 2025] [security2:error] [pid 27208:tid 27208] [client 110.53.234.20:20960] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/game/175470"] [unique_id "aL1kKJ_Mzfss7pW7_RgUpQAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-28 03:27:45 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 110.53.234.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 27 23:27:33.137897 2025] [security2:error] [pid 16255:tid 16281] [client 110.53.234.20:54071] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.hkyiquan.org\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.hkyiquan.org"] [uri "/photo2.htm"] [unique_id "aK_Mpfad7GzrMZROf1nQjwAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2025-07-24 17:59:09 (10 months ago)	Blocked 18 connection attempts due to RBL reputation in the past hour.	Email Spam
🇺🇸 xmission.com	2025-07-24 16:59:08 (10 months ago)	Blocked 22 connection attempts due to RBL reputation in the past hour.	Email Spam

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 202.21.47.186

🇲🇿 197.219.228.242

🇬🇧 188.240.59.7

🇧🇬 185.255.215.51

🇨🇴 179.1.210.98

🇸🇬 152.32.220.188

🇸🇦 139.64.2.126

🇨🇱 131.196.178.243

🇩🇪 69.5.169.78

🇺🇸 65.49.20.100

🇫🇷 4.211.84.189

🇩🇪 2a05:d014:fb0:c800:339e:8fcb:59e2:4bb7

🇳🇱 176.65.132.149

🇳🇱 176.65.132.129

🇪🇸 158.158.104.28

🇺🇸 66.132.186.229

🇩🇪 213.209.159.66

🇬🇧 188.240.59.49

🇺🇸 173.17.162.9

🇺🇸 162.216.149.113