JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.235.11.215

120.235.11.215 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 3%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.235.11.215

Whois 120.235.11.215

IP Abuse Reports for 120.235.11.215:

This IP address has been reported a total of 9 times from 2 distinct sources. 120.235.11.215 was first reported on May 18th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 21:53:39 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:53:34.264806 2026] [security2:error] [pid 2383:tid 2383] [client 120.235.11.215:40313] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.madrigalscripts.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.madrigalscripts.com"] [uri "/"] [unique_id "ajMXXvA2WhYqY3jLyP8YEQAAAAQ"], referer: http://www.madrigalscripts.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 19:58:41 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:58:37.526672 2026] [security2:error] [pid 19305:tid 19340] [client 120.235.11.215:40236] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|jakob-and-lotta.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jakob-and-lotta.com"] [uri "/"] [unique_id "ai8H7UMeG5x4oDnEL2Nl_QAAAME"], referer: http://jakob-and-lotta.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:04:30 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:04:24.940864 2026] [security2:error] [pid 561:tid 561] [client 120.235.11.215:40412] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|federallog.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "federallog.com"] [uri "/index.html"] [unique_id "aiuFSAPS6gxMIVii7TibbwAAABA"], referer: https://federallog.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:59:34 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 120.235.11.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:59:26.713250 2026] [security2:error] [pid 21802:tid 21802] [client 120.235.11.215:40290] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|panmaneecnc.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "panmaneecnc.com"] [uri "/"] [unique_id "aiZ2XvaLreLEltkFMMu3qwAAAAI"], referer: http://panmaneecnc.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇿🇦 IrisFlower	2023-05-18 21:14:13 (3 years ago)	Unauthorized connection attempt detected from IP address 120.235.11.215 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-18 20:57:08 (3 years ago)	Unauthorized connection attempt detected from IP address 120.235.11.215 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-18 20:45:09 (3 years ago)	Unauthorized connection attempt detected from IP address 120.235.11.215 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-18 20:30:28 (3 years ago)	Unauthorized connection attempt detected from IP address 120.235.11.215 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-05-18 20:12:55 (3 years ago)	Unauthorized connection attempt detected from IP address 120.235.11.215 to port 443 [J]	Port Scan Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.243.160.172

🇦🇴 102.213.34.99

🇺🇸 216.108.238.40

🇹🇼 211.23.109.116

🇺🇸 206.220.175.5

🇧🇷 191.188.67.39

🇧🇷 191.181.56.26

🇨🇱 190.21.132.188

🇺🇸 162.216.150.245

🇬🇧 139.59.173.98

🇻🇳 113.161.222.150

🇵🇹 109.51.97.136

🇬🇧 35.203.210.42

🇺🇸 20.65.194.169

🇦🇺 13.211.245.132

🇭🇰 240d:c010:64:4::b3

🇧🇷 205.210.31.165

🇳🇱 204.76.203.15

🇦🇷 190.185.172.227

🇦🇷 190.183.134.47