JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.41.52.153

112.41.52.153 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 5%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56044
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Jiaxing, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.41.52.153

Whois 112.41.52.153

IP Abuse Reports for 112.41.52.153:

This IP address has been reported a total of 5 times from 1 distinct source. 112.41.52.153 was first reported on May 19th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 16:52:43 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 12:52:34.163613 2026] [security2:error] [pid 21939:tid 22020] [client 112.41.52.153:9795] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.stoborough.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.stoborough.org"] [uri "/"] [unique_id "ajLQ0kADvQITmeLwrnL5RQAAAhU"], referer: https://www.stoborough.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:14:54 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:14:49.741335 2026] [security2:error] [pid 12304:tid 12304] [client 112.41.52.153:10019] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.grasslakepizzatime.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.grasslakepizzatime.com"] [uri "/"] [unique_id "ajGuuaQSUTqUJAyuSwu_mgAAAAs"], referer: http://www.grasslakepizzatime.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 21:07:59 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 17:07:53.368561 2026] [security2:error] [pid 20080:tid 20080] [client 112.41.52.153:10145] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ds12bonn.de\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ds12bonn.de"] [uri "/"] [unique_id "ah30qR0PRLM0U5IKTpAqIwAAABA"], referer: https://ds12bonn.de/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 20:38:14 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 16:38:09.265228 2026] [security2:error] [pid 18871:tid 18871] [client 112.41.52.153:10016] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.heavenly-creatures.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.heavenly-creatures.com"] [uri "/"] [unique_id "ahNhseN6cEJh3yGxZ5U11wAAAAM"], referer: https://www.heavenly-creatures.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 20:37:02 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.41.52.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 16:36:57.432819 2026] [security2:error] [pid 9217:tid 9217] [client 112.41.52.153:9741] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.aaattanasio.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.aaattanasio.com"] [uri "/"] [unique_id "agzJ6a_gHVZTHgG_mPsScAAAAAs"], referer: https://www.aaattanasio.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.239

🇧🇷 189.51.32.69

🇸🇬 167.172.93.203

🇱🇹 45.227.254.170

🇺🇸 2607:f8b0:4004:1001::122

🇨🇳 220.197.85.19

🇧🇷 189.51.35.162

🇮🇹 185.213.20.215

🇵🇾 181.85.209.238

🇧🇷 177.221.142.222

🇭🇰 163.53.18.118

🇯🇵 152.32.145.156

🇺🇸 140.174.189.77

🇨🇳 124.67.120.106

🇹🇼 114.34.106.146

🇺🇸 97.246.168.192

🇺🇸 91.230.168.122

🇳🇱 81.19.216.114

🇺🇸 66.132.195.34

🇧🇷 45.160.230.30