JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 106.115.52.101

106.115.52.101 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 5%: ?

ISP	CHINANET hebei province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Handan, Hebei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 106.115.52.101

Whois 106.115.52.101

IP Abuse Reports for 106.115.52.101:

This IP address has been reported a total of 6 times from 2 distinct sources. 106.115.52.101 was first reported on February 24th 2022, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 19:08:13 (18 hours ago)	(mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:08:07.512972 2026] [security2:error] [pid 14186:tid 14186] [client 106.115.52.101:8901] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.bearssd.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bearssd.org"] [uri "/"] [unique_id "ajBNlyOJe0BnPcigcUk_1QAAAAc"], referer: https://www.bearssd.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 18:45:39 (18 hours ago)	(mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:45:32.522664 2026] [security2:error] [pid 820:tid 820] [client 106.115.52.101:9586] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|uniquelimo.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "uniquelimo.org"] [uri "/index.html"] [unique_id "ajBITBscUaFVZyv7zyF4OwAAAB8"], referer: http://uniquelimo.org/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 23:52:57 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 19:52:52.523827 2026] [security2:error] [pid 20734:tid 20734] [client 106.115.52.101:7651] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.cdromline.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cdromline.com"] [uri "/"] [unique_id "aiyb1CsFTCqm1O-t1dlCTgAAABQ"], referer: http://www.cdromline.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 20:59:33 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 16:59:26.417806 2026] [security2:error] [pid 20874:tid 20874] [client 106.115.52.101:6850] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|cosplayculture.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "cosplayculture.com"] [uri "/"] [unique_id "ae_OLoYCijEXZhc_1HNk9QAAAAE"], referer: https://cosplayculture.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-24 20:00:52 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 106.115.52.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 16:00:45.926011 2026] [security2:error] [pid 22631:tid 22631] [client 106.115.52.101:4830] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|flavornet.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "flavornet.org"] [uri "/"] [unique_id "aevL7WtnTyNBcaDnZSkOmQAAAAk"], referer: http://flavornet.org show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 speedtaq.com	2022-02-24 02:22:57 (4 years ago)	106.115.52.101 - - [24/Feb/2022:08:22:55 +0100] "GET /product-category/speedqb/speedqb-apparel/speed ... show more 106.115.52.101 - - [24/Feb/2022:08:22:55 +0100] "GET /product-category/speedqb/speedqb-apparel/speedqb-tees/ HTTP/1.1" 200 81703 "https://speedtaq.com/product-category/speedqb/speedqb-apparel/speedqb-tees/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0); 360Spider" show less	Bad Web Bot

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇿 197.249.226.45

🇺🇸 185.150.191.236

🇩🇪 178.104.195.54

🇺🇸 154.83.197.60

🇳🇱 93.123.109.20

🇺🇸 66.228.41.127

🇫🇷 54.37.118.71

🇳🇱 45.148.10.21

🇬🇧 35.203.211.48

🇧🇪 2a00:1450:400c:c1b::12a

🇺🇸 2607:f8b0:4864:20::f45

🇧🇷 201.77.124.248

🇮🇳 182.95.150.186

🇷🇺 176.197.72.47

🇯🇵 172.253.236.146

🇩🇪 165.22.85.131

🇺🇸 108.62.63.24

🇩🇪 80.151.14.195

🇩🇪 78.111.67.242

🇳🇱 45.198.224.18