JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.171.106.26

116.171.106.26 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 27%: ?

27%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Guiyang, Guizhou

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.171.106.26

Whois 116.171.106.26

IP Abuse Reports for 116.171.106.26:

This IP address has been reported a total of 16 times from 14 distinct sources. 116.171.106.26 was first reported on April 2nd 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 Fn4ticHz	2026-05-09 14:01:45 (1 month ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
Anonymous	2026-05-03 16:30:32 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇺🇸 oncord	2026-05-01 23:17:02 (1 month ago)	Form spam	Web Spam
🇭🇺 Lacika555	2026-05-01 12:44:47 (1 month ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇺🇦 Hanashiko	2026-05-01 06:21:51 (1 month ago)	DDoS attack traffic detected	DDoS Attack
Anonymous	2026-04-24 12:04:04 (1 month ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /wp-admin/admin-ajax.php HTTP ... show more Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /wp-admin/admin-ajax.php HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-24 01:19:53 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 116.171.106.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 116.171.106.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 21:19:46.463861 2026] [security2:error] [pid 13512:tid 13512] [client 116.171.106.26:39360] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/"] [unique_id "aerFMlPpKGMLNR9xBwtfgwAAAAo"], referer: https://www.foreximf.com/analisa-forex show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-22 09:09:14 (1 month ago)	wp-comments-post.php request blocked, no referer. Pattern match "wp-comments-post.php" at REQUEST_UR ... show more wp-comments-post.php request blocked, no referer. Pattern match "wp-comments-post.php" at REQUEST_URI. (88520-196) show less	Hacking
🇫🇷 masterguru	2026-04-22 00:42:16 (1 month ago)	wp-comments-post.php request blocked, no referer. Pattern match "wp-comments-post.php" at REQUEST_UR ... show more wp-comments-post.php request blocked, no referer. Pattern match "wp-comments-post.php" at REQUEST_URI. (88520-193) show less	Hacking
🇨🇦 Ashgrinder_00013	2026-04-20 11:28:44 (1 month ago)	inout; Ports: ; Direction: 1; Trigger: (Web_Vulnerability_Scan) LABEL: Web_Vulnerability_Scan \| DES ... show more inout; Ports: ; Direction: 1; Trigger: (Web_Vulnerability_Scan) LABEL: Web_Vulnerability_Scan \| DESC: ALERT:_Bot_scanning_for_web_vulnerabilities_on_Port_80 116.171.106.26 (CN/China/-): 1 in the last 3600 secs; Logs: show less	Port Scan
🇸🇬 pusathosting.com	2026-04-17 05:00:04 (1 month ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇮🇹 Progetto1	2026-04-17 03:25:03 (1 month ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-04-11 09:20:10 (1 month ago)	\| [Dangerous/China] Aggressive IP 116.171.106.26 (~30 hits). Type: DoS Defender- Web server 400 erro ... show more \| [Dangerous/China] Aggressive IP 116.171.106.26 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇩🇪 NoaQT	2026-04-05 15:40:37 (2 months ago)	116.171.106.26 - - [05/Apr/2026:17:39:15 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.whatsap ... show more 116.171.106.26 - - [05/Apr/2026:17:39:15 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.whatsapp.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:17:39:22 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.youtube.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:17:39:22 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.youtube.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:17:39:42 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.site14.info/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:17:39:42 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.site14.info/home" ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 14:59:50 (2 months ago)	116.171.106.26 - - [05/Apr/2026:16:58:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://blog.OSrQg. ... show more 116.171.106.26 - - [05/Apr/2026:16:58:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://blog.OSrQg.com/search" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:16:58:27 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:16:58:30 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.whatsapp.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:16:58:33 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.reddit.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 116.171.106.26 - - [05/Apr/2026:16:58:35 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.reddit.com/" "Mozilla/5.0 (Windows NT ... show less	DDoS Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.189.9.27

🇱🇹 62.60.130.129

🇫🇮 46.62.148.137

🇳🇱 45.148.10.151

🇰🇷 1.237.155.150

🇷🇴 193.32.162.13

🇷🇺 152.89.199.131

🇻🇳 115.77.111.2

🇦🇺 109.123.227.128

🇫🇷 91.196.152.184

🇱🇹 77.90.185.88

🇺🇸 66.132.186.216

🇩🇪 213.209.159.56

🇨🇳 203.212.9.221

🇲🇽 186.96.145.241

🇺🇸 185.92.182.129

🇺🇸 172.239.62.109

🇫🇷 91.231.89.203

🇫🇷 91.231.89.200

🇨🇭 85.5.148.125