JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.12.247.24

112.12.247.24 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 5%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56041
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Jiaxing, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.12.247.24

Whois 112.12.247.24

IP Abuse Reports for 112.12.247.24:

This IP address has been reported a total of 12 times from 3 distinct sources. 112.12.247.24 was first reported on May 14th 2023, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 21:29:19 (10 hours ago)	(mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:29:12.145576 2026] [security2:error] [pid 2045:tid 2045] [client 112.12.247.24:13866] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|mhext.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mhext.com"] [uri "/"] [unique_id "ajmpKOFwRNpyKv1b7yuFMwAAAAs"], referer: http://mhext.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 23:37:40 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 19:37:33.080837 2026] [security2:error] [pid 2705:tid 2705] [client 112.12.247.24:13857] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|chaubaolau.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "chaubaolau.com"] [uri "/"] [unique_id "ajh1vXMBEHeQwz0F2eQ5oQAAAAQ"], referer: http://chaubaolau.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 21:17:15 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:17:08.061408 2026] [security2:error] [pid 14829:tid 14829] [client 112.12.247.24:13838] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.watonga.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.watonga.com"] [uri "/index.html"] [unique_id "ajhU1O45mM54XNOLcOWCawAAAAQ"], referer: http://www.watonga.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 18:59:57 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 14:59:50.412778 2026] [security2:error] [pid 17623:tid 17623] [client 112.12.247.24:13901] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|rwfrancis.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "rwfrancis.com"] [uri "/"] [unique_id "ajWRpj9mmdv4mZ79jhqaAAAAACM"], referer: http://rwfrancis.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 23:32:49 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.12.247.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 19:32:42.187047 2026] [security2:error] [pid 31636:tid 31636] [client 112.12.247.24:13957] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.bikiniwatersports.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bikiniwatersports.com"] [uri "/"] [unique_id "ajSAGl0U8lmr_FgdBH5jOwAAAAA"], referer: http://www.bikiniwatersports.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-10-06 22:08:28 (8 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/112.12.247.24 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/112.12.247.24 2025-10-06 09:33:06 /robots.txt show less	Web App Attack
🇨🇳 ThreatBook.io	2025-09-05 22:11:04 (9 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/112.12.247.24 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/112.12.247.24 2025-09-05 03:54:34 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-04-14 22:16:24 (1 year ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/112.12.247.24 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/112.12.247.24 2025-04-14 17:56:35 /config.json show less	Web App Attack
🇿🇦 IrisFlower	2023-05-16 00:01:05 (3 years ago)	Unauthorized connection attempt detected from IP address 112.12.247.24 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-15 23:59:11 (3 years ago)	Unauthorized connection attempt detected from IP address 112.12.247.24 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-14 00:45:19 (3 years ago)	Unauthorized connection attempt detected from IP address 112.12.247.24 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-14 00:43:11 (3 years ago)	Unauthorized connection attempt detected from IP address 112.12.247.24 to port 443 [J]	Port Scan Hacking

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 125.212.217.143

🇮🇳 122.163.178.105

🇪🇸 90.162.13.50

🇳🇱 45.148.10.147

🇺🇸 34.106.207.87

🇧🇷 20.197.238.124

🇻🇳 222.254.5.66

🇺🇸 162.216.149.199

🇨🇦 148.113.190.153

🇮🇳 103.251.55.153

🇬🇧 35.203.211.116

🇺🇸 24.102.220.250

🇯🇵 160.251.182.78

🇸🇪 158.174.211.17

🇹🇼 114.34.106.146

🇮🇳 103.86.180.10

🇻🇳 103.78.0.229

🇩🇪 69.5.169.224

🇺🇸 54.183.251.10

🇳🇱 45.148.10.157