JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.32.152.118

112.32.152.118 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 5%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Huainan, Anhui

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.32.152.118

Whois 112.32.152.118

IP Abuse Reports for 112.32.152.118:

This IP address has been reported a total of 9 times from 2 distinct sources. 112.32.152.118 was first reported on March 30th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 19:47:57 (11 hours ago)	(mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 15:47:53.229193 2026] [security2:error] [pid 4657:tid 4657] [client 112.32.152.118:6167] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|icansayit.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "icansayit.com"] [uri "/"] [unique_id "ajmRaQfgCmvbfP4AfZEnNQAAAAY"], referer: http://icansayit.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 18:55:41 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 14:55:33.839884 2026] [security2:error] [pid 24189:tid 24189] [client 112.32.152.118:6935] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.partyblockbaby.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.partyblockbaby.com"] [uri "/"] [unique_id "ajgzpT0vwnrgoAlDvGywOgAAAGY"], referer: http://www.partyblockbaby.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:48:29 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:48:24.301937 2026] [security2:error] [pid 7220:tid 7220] [client 112.32.152.118:6432] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|seishin-kan.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "seishin-kan.org"] [uri "/"] [unique_id "ainNmC2Dbaozb-WUeAa8BAAAABw"], referer: http://seishin-kan.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:26:18 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:26:15.047979 2026] [security2:error] [pid 25027:tid 25027] [client 112.32.152.118:6996] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.thekingtones.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.thekingtones.com"] [uri "/"] [unique_id "ainIZ0ZryjggF-fEeHVE6AAAABo"], referer: http://www.thekingtones.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 00:40:28 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.32.152.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 20:40:24.494719 2026] [security2:error] [pid 32100:tid 32100] [client 112.32.152.118:54195] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.high5-vr.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.high5-vr.com"] [uri "/"] [unique_id "ac8MeOX223o4NmWY8Jvo3AAAAAk"], referer: https://www.high5-vr.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-04-01 22:19:42 (2 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/112.32.152.118 2026-04-01 1 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/112.32.152.118 2026-04-01 19:35:15 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-04-16 22:32:23 (1 year ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.32.152.118 2025-04 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.32.152.118 2025-04-16 16:43:23 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-04-13 22:30:42 (1 year ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.32.152.118 2025-04 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.32.152.118 2025-04-13 18:30:18 / 2025-04-13 11:56:23 /sitemap.xml show less	Web App Attack
🇨🇳 ThreatBook.io	2025-03-30 22:38:59 (1 year ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.32.152.118 2025-03 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.32.152.118 2025-03-30 22:18:25 / show less	Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.189.14.253

🇫🇷 90.84.168.147

🇺🇸 54.153.127.160

🇺🇸 44.249.28.9

🇻🇳 14.191.96.100

🇨🇳 211.93.6.230

🇹🇭 165.154.120.13

🇳🇬 165.154.11.37

🇮🇳 115.245.122.146

🇸🇬 74.114.31.145

🇺🇸 47.251.190.104

🇺🇸 44.248.33.252

🇭🇰 43.155.21.198

🇲🇦 41.140.201.166

🇮🇪 34.245.66.121

🇺🇸 162.216.150.187

🇫🇮 147.185.133.58

🇳🇱 45.153.34.112

🇳🇱 45.148.10.157

🇸🇬 43.173.176.198