JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 183.253.66.141

183.253.66.141 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 5%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 183.253.66.141

Whois 183.253.66.141

IP Abuse Reports for 183.253.66.141:

This IP address has been reported a total of 6 times from 1 distinct source. 183.253.66.141 was first reported on May 23rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 22:07:32 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 18:07:28.742864 2026] [security2:error] [pid 12722:tid 12722] [client 183.253.66.141:34305] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.normsrotorservice.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.normsrotorservice.com"] [uri "/"] [unique_id "aiNIoK56CocdNJJ3bquy1wAAAAM"], referer: http://www.normsrotorservice.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:03:35 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:03:28.105988 2026] [security2:error] [pid 11679:tid 11679] [client 183.253.66.141:34374] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|maleein.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "maleein.com"] [uri "/index.html"] [unique_id "ah3lkAI5qVFC-8ciZ1MNBAAAAAE"], referer: http://maleein.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 19:34:36 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:34:30.779807 2026] [security2:error] [pid 12116:tid 12116] [client 183.253.66.141:34508] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.lightbender.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.lightbender.net"] [uri "/"] [unique_id "ah3exjURORjqP0XnWX2ZHwAAABM"], referer: https://www.lightbender.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:16:51 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:16:47.442041 2026] [security2:error] [pid 10002:tid 10002] [client 183.253.66.141:34699] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ashotofcoffee.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ashotofcoffee.com"] [uri "/"] [unique_id "ahY37-UIZ9iQZm7F1Ci1zQAAAAg"], referer: http://ashotofcoffee.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 20:15:58 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 16:15:50.569952 2026] [security2:error] [pid 19725:tid 19725] [client 183.253.66.141:34560] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|stonetarot.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "stonetarot.com"] [uri "/"] [unique_id "ahSt9kn4RF813URhhc9b1gAAABM"], referer: http://stonetarot.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 23:53:28 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 183.253.66.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 19:53:24.524945 2026] [security2:error] [pid 11088:tid 11144] [client 183.253.66.141:34758] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.onernet.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.onernet.com"] [uri "/"] [unique_id "ahI99CDR7hvAfLL1KAzFigAAAck"], referer: http://www.onernet.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bf6:f001

🇨🇳 101.96.233.202

🇮🇳 223.181.24.82

🇸🇬 188.166.215.16

🇧🇷 179.184.160.50

🇷🇺 178.178.194.135

🇮🇩 103.186.1.103

🇮🇹 95.250.241.71

🇳🇱 81.19.216.82

🇺🇸 64.227.49.223

🇺🇦 31.42.184.158

🇩🇪 155.117.127.153

🇿🇦 102.22.113.51

🇳🇱 91.92.42.227

🇫🇷 51.38.211.124

🇧🇷 45.205.1.243

🇻🇳 45.122.242.218

🇺🇸 40.124.173.251

🇺🇸 24.5.244.85

🇨🇳 220.154.138.219