JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.92.129.95

112.92.129.95 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 14%: ?

14%

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.92.129.95

Whois 112.92.129.95

IP Abuse Reports for 112.92.129.95:

This IP address has been reported a total of 7 times from 3 distinct sources. 112.92.129.95 was first reported on November 18th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 20:37:37 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:37:30.332649 2026] [security2:error] [pid 29615:tid 29615] [client 112.92.129.95:52717] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|websitesforauthors.design\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "websitesforauthors.design"] [uri "/"] [unique_id "ajRXCgpMmfcVl_UEqVMTXwAAAA8"], referer: https://websitesforauthors.design/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 20:09:41 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:09:36.767838 2026] [security2:error] [pid 2512:tid 2522] [client 112.92.129.95:7549] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|movetodc.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "movetodc.com"] [uri "/"] [unique_id "ajRQgGD4T2OagpIbzAMZvgAAAQg"], referer: http://movetodc.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 David Koswari	2026-06-08 06:59:00 (1 week ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇺🇸 TPI-Abuse	2026-05-12 22:14:56 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 18:14:49.105281 2026] [security2:error] [pid 3448:tid 3448] [client 112.92.129.95:16128] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.piments.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.piments.com"] [uri "/"] [unique_id "agOmWToRfJlE1U5gXsFDRAAAAAA"], referer: http://www.piments.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:49:42 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 112.92.129.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:49:38.134192 2026] [security2:error] [pid 5906:tid 5906] [client 112.92.129.95:37695] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.mpservice.com.sv\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mpservice.com.sv"] [uri "/"] [unique_id "aYpIYlUgDNc7Jw8pqoMawQAAABI"], referer: https://www.mpservice.com.sv/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-11-22 00:54:55 (6 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/112.92.129.95 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/112.92.129.95 2025-11-21 10:35:22 /robots.txt 2025-11-21 14:53:05 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-11-18 00:55:24 (7 months ago)	ThreatBook Intelligence: Mobile,vpn_proxy more details on https://threatbook.io/ip/112.92.129.95 202 ... show more ThreatBook Intelligence: Mobile,vpn_proxy more details on https://threatbook.io/ip/112.92.129.95 2025-11-17 05:06:23 /robots.txt show less	Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.235

🇩🇪 167.71.63.29

🇷🇴 141.98.83.240

🇳🇱 77.105.138.89

🇰🇷 61.32.68.66

🇺🇸 57.141.20.43

🇬🇧 35.203.211.205

🇬🇧 35.203.210.76

🇰🇷 220.65.177.97

🇺🇸 205.210.31.33

🇩🇿 193.194.91.218

🇳🇱 178.16.54.22

🇨🇦 85.217.149.56

🇮🇷 85.198.19.242

🇲🇦 81.192.46.45

🇩🇪 46.101.213.236

🇱🇹 45.227.254.170

🇳🇱 45.148.10.141

🇨🇳 27.24.141.122

🇧🇷 205.210.31.230