JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.0.139.251

112.0.139.251 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 5%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56046
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Jiaxing, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.0.139.251

Whois 112.0.139.251

IP Abuse Reports for 112.0.139.251:

This IP address has been reported a total of 9 times from 2 distinct sources. 112.0.139.251 was first reported on April 10th 2023, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 16:43:22 (2 hours ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:43:17.224126 2026] [security2:error] [pid 8508:tid 8508] [client 112.0.139.251:7910] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.crystaljohns.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.crystaljohns.com"] [uri "/"] [unique_id "aj6sJUvC-7O5l5Lbh9OrngAAABQ"], referer: https://www.crystaljohns.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 01:54:04 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:53:55.368943 2026] [security2:error] [pid 3304:tid 3304] [client 112.0.139.251:7594] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|uppermotradingco.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "uppermotradingco.com"] [uri "/"] [unique_id "ajdEM1r-XhRuoqMTzjnMtAAAAAk"], referer: http://uppermotradingco.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 20:56:14 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:56:05.971205 2026] [security2:error] [pid 705:tid 705] [client 112.0.139.251:7706] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.cameronwv.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cameronwv.com"] [uri "/"] [unique_id "ajRbZQRLI7osHcjgIHUsDwAAACE"], referer: https://www.cameronwv.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 19:08:42 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 15:08:37.769340 2026] [security2:error] [pid 29837:tid 29837] [client 112.0.139.251:7845] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.achildsspace.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.achildsspace.com"] [uri "/403.shtml"] [unique_id "ajRCNYD_DVu3_UvHln1AygAAAAg"], referer: https://www.achildsspace.com/403.shtml show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:37:50 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:37:43.519053 2026] [security2:error] [pid 8919:tid 8919] [client 112.0.139.251:15955] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.bayareamustangs.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bayareamustangs.com"] [uri "/"] [unique_id "ainZJ5xzCAlJxadhpcCjdAAAABE"], referer: https://www.bayareamustangs.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 19:39:04 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:39:00.717829 2026] [security2:error] [pid 32277:tid 32277] [client 112.0.139.251:15754] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|glentraeger.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "glentraeger.com"] [uri "/"] [unique_id "aiCC1Mf90-_A36uDNTD-rQAAAA0"], referer: http://glentraeger.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 18:28:02 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 14:27:54.722980 2026] [security2:error] [pid 14178:tid 14178] [client 112.0.139.251:15789] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.cybersoftware.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cybersoftware.org"] [uri "/"] [unique_id "ahSUquKITKLo7Ixz1lDg1wAAAAE"], referer: http://www.cybersoftware.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 08:14:13 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.0.139.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 04:14:07.980219 2026] [security2:error] [pid 18216:tid 18233] [client 112.0.139.251:15645] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.hawk-av.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.hawk-av.com"] [uri "/"] [unique_id "agwbz3wRyndU-SWRQnscpQAAAE0"], referer: http://www.hawk-av.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇿🇦 IrisFlower	2023-04-10 01:57:20 (3 years ago)	Unauthorized connection attempt detected from IP address 112.0.139.251 to port 80 [J]	Port Scan Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.120.41

🇺🇸 185.243.5.56

🇺🇸 147.185.132.117

🇰🇪 102.203.215.6

🇸🇦 93.112.196.165

🇲🇳 66.181.189.252

🇨🇳 39.148.225.234

🇵🇱 185.241.208.23

🇳🇱 176.65.139.235

🇺🇸 172.200.228.35

🇬🇭 154.161.118.217

🇨🇱 152.172.0.158

🇺🇸 149.28.52.241

🇺🇸 147.185.132.106

🇨🇦 144.217.161.208

🇮🇳 122.187.237.122

🇫🇷 104.28.159.180

🇸🇬 47.84.139.158

🇨🇳 39.154.11.60

🇧🇬 193.24.211.107