JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.22.11.56

112.22.11.56 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 4%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56046
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Jiaxing, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.22.11.56

Whois 112.22.11.56

IP Abuse Reports for 112.22.11.56:

This IP address has been reported a total of 6 times from 1 distinct source. 112.22.11.56 was first reported on May 29th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 02:51:58 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 22:51:51.703848 2026] [security2:error] [pid 1591:tid 1591] [client 112.22.11.56:15044] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.normsrotorservice.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.normsrotorservice.com"] [uri "/"] [unique_id "ajdRx6FVMAED4dbjfZ0lEwAAAAA"], referer: http://www.normsrotorservice.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 23:36:32 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 19:36:28.202760 2026] [security2:error] [pid 20180:tid 20180] [client 112.22.11.56:14986] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.missevelyn.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.missevelyn.com"] [uri "/"] [unique_id "ajcj_I_erouwguCjqxE3GAAAAAA"], referer: http://www.missevelyn.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:49:01 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:48:54.618396 2026] [security2:error] [pid 16192:tid 16192] [client 112.22.11.56:14665] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|lisagilinger.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "lisagilinger.com"] [uri "/"] [unique_id "ainbxhAjsO-yICt_Uv8JlAAAAA8"], referer: http://lisagilinger.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 19:01:14 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:01:06.617313 2026] [security2:error] [pid 15508:tid 15514] [client 112.22.11.56:14651] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.tkfay.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.tkfay.com"] [uri "/"] [unique_id "aiHLcpDadxZK3_F1dKp76wAAAMI"], referer: http://www.tkfay.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 20:59:12 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 16:59:07.086896 2026] [security2:error] [pid 13427:tid 13427] [client 112.22.11.56:14879] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.honeybeeplace.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.honeybeeplace.com"] [uri "/"] [unique_id "aiCVm7_0HKS_GZQVRePMgwAAAAc"], referer: http://www.honeybeeplace.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 22:22:09 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.22.11.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 18:22:04.741907 2026] [security2:error] [pid 9793:tid 9793] [client 112.22.11.56:14976] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.directoryofcats.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.directoryofcats.com"] [uri "/"] [unique_id "ahoRjNzcfhUniHL-2PispwAAAFc"], referer: http://www.directoryofcats.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 2409:8770:2f0:650::63

🇺🇸 195.184.76.247

🇲🇽 189.173.112.84

🇩🇪 69.5.169.94

🇨🇦 20.116.27.239

🇳🇱 178.128.250.218

🇮🇳 111.223.3.176

🇻🇳 42.112.192.128

🇨🇳 223.12.211.66

🇰🇷 219.248.65.30

🇺🇸 174.168.146.152

🇨🇳 118.196.86.210

🇮🇳 117.242.47.207

🇮🇩 103.132.236.30

🇨🇦 85.217.149.32

🇺🇦 37.221.143.180

🇺🇸 2607:f8b0:400e:c09::12c

🇨🇳 218.94.25.243

🇮🇩 180.252.172.30

🇺🇸 172.202.117.177