JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.1.196.135

116.1.196.135 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 5%: ?

ISP	CHINANET Guangxi province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Nanning, Guangxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.1.196.135

Whois 116.1.196.135

IP Abuse Reports for 116.1.196.135:

This IP address has been reported a total of 8 times from 1 distinct source. 116.1.196.135 was first reported on June 17th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-23 02:45:15 (13 hours ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 22:44:59.938310 2026] [security2:error] [pid 7673:tid 7673] [client 116.1.196.135:1173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|kaiyadunn.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "kaiyadunn.com"] [uri "/"] [unique_id "ajnzKxR6L8a2xzVqSqaerwAAABs"], referer: http://kaiyadunn.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 23:46:43 (16 hours ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 19:46:35.948334 2026] [security2:error] [pid 30623:tid 30623] [client 116.1.196.135:3592] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.guardmagic.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.guardmagic.com"] [uri "/"] [unique_id "ajnJW8Dkm6MmTamK0_GWLgAAABE"], referer: https://www.guardmagic.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 02:12:11 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:12:07.628294 2026] [security2:error] [pid 6455:tid 6455] [client 116.1.196.135:1888] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|davisound.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "davisound.com"] [uri "/"] [unique_id "ajiZ991sw8jKclXDxiSgjwAAABc"], referer: https://davisound.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 19:43:08 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:43:02.282008 2026] [security2:error] [pid 25942:tid 25942] [client 116.1.196.135:4826] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.dave-curtis.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.dave-curtis.com"] [uri "/"] [unique_id "ajg-xu1FWghVXfpZQpHvbgAAAAc"], referer: http://www.dave-curtis.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 21:23:06 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:23:02.869583 2026] [security2:error] [pid 30298:tid 30298] [client 116.1.196.135:2925] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|meridianranchdrc.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "meridianranchdrc.org"] [uri "/"] [unique_id "ajRhtgER2VTJaZLiMG05GgAAAAU"], referer: https://meridianranchdrc.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 19:17:04 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 15:16:59.195299 2026] [security2:error] [pid 25177:tid 25188] [client 116.1.196.135:2097] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.peoplecomeup.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.peoplecomeup.net"] [uri "/"] [unique_id "ajREK3nh8CAtewGPnkBuiAAAAMg"], referer: http://www.peoplecomeup.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 21:47:09 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:47:02.357117 2026] [security2:error] [pid 10757:tid 10757] [client 116.1.196.135:2211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.alameeran.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.alameeran.net"] [uri "/"] [unique_id "ajMV1szTJxAgJXBRZ1mcggAAAAE"], referer: http://www.alameeran.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 11:54:07 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 116.1.196.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:53:59.700042 2026] [security2:error] [pid 18234:tid 18234] [client 116.1.196.135:0] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ccamp.dev\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ccamp.dev"] [uri "/"] [unique_id "ajKK1xOZ9kPvjMi0dk86lQAAAAE"], referer: http://ccamp.dev/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 65.49.1.27

🇹🇼 219.85.53.3

🇹🇼 211.78.54.14

🇬🇧 198.244.226.197

🇱🇹 62.60.130.219

🇺🇸 54.81.43.75

🇧🇪 34.53.192.169

🇺🇸 34.16.86.69

🇰🇷 220.88.220.59

🇨🇳 183.162.102.3

🇺🇸 173.239.254.43

🇺🇸 172.253.9.217

🇫🇷 84.247.172.30

🇷🇺 80.76.177.15

🇺🇸 64.62.156.152

🇮🇳 45.250.44.203

🇧🇷 45.205.1.5

🇧🇷 45.170.89.83

🇮🇩 27.112.78.223

🇺🇸 20.163.14.51