AbuseIPDB » 113.101.246.161
113.101.246.161
This IP was reported 7 times. Confidence of
Abuse
is 32% : ?
ISP
CHINANET Guangdong province network
Usage Type
Fixed Line ISP
ASN
AS4134
Domain Name
chinatelecom.cn
Country
๐จ๐ณ
China
City
Shenzhen, Guangdong
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 113.101.246.161 :
This IP address has been reported a total of
7
times from
7 distinct
sources.
113.101.246.161 was first reported on
May 27th 2026 , and the most recent report was
3 weeks ago
Old Reports:
The most recent abuse report for this IP address is from
3 weeks ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-05-27 18:28:47
(3 weeks ago)
(mod_security) mod_security (id:218420) triggered by 113.101.246.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:218420) triggered by 113.101.246.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:28:40.564442 2026] [security2:error] [pid 24997:tid 24997] [client 113.101.246.161:44742] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||192.64.150.188:80|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "192.64.150.188"] [uri "/hello.world"] [unique_id "ahc32A9_-f_0wZp4Djkh_gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
Threat.live
2026-05-27 18:25:03
(3 weeks ago)
Suspicious Connection Attempts
Brute-Force
๐บ๐ธ
cybsecaoccol
2026-05-27 15:43:06
(3 weeks ago)
unauthorized connection or malicious port scan attempted on tcp port - corp
Port Scan
Hacking
๐ณ๐ฑ
Savvii
2026-05-27 11:02:01
(3 weeks ago)
20 attempts against mh-ssh on taro
Brute-Force
SSH
๐ฎ๐น
dwmp
2026-05-27 09:32:32
(3 weeks ago)
2026-05-27T09:31:50.141623+00:00 news2.dwmp.it sshd[2555474]: pam_unix(sshd:auth): authentication fa ...
show more
2026-05-27T09:31:50.141623+00:00 news2.dwmp.it sshd[2555474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.101.246.161
2026-05-27T09:31:52.083167+00:00 news2.dwmp.it sshd[2555474]: Failed password for invalid user admin from 113.101.246.161 port 47330 ssh2
2026-05-27T09:32:30.756951+00:00 news2.dwmp.it sshd[2555603]: Invalid user orangepi from 113.101.246.161 port 44220
...
show less
Brute-Force
SSH
๐ฉ๐ช
guldkage
2026-05-27 08:49:52
(3 weeks ago)
Unauthorized connection attempt detected from IP address 113.101.246.161 to port 23 (ger-02) [TELNET ...
show more
Unauthorized connection attempt detected from IP address 113.101.246.161 to port 23 (ger-02) [TELNET]
show less
Exploited Host
๐ต๐ฑ
lns.bz
2026-05-27 08:44:54
(3 weeks ago)
Too many 404 requests [BY]
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: