AbuseIPDB » 218.91.18.86
218.91.18.86 was found in our database!
This IP was reported 5 times. Confidence of
Abuse
is 0% : ?
ISP
CHINANET jiangsu province network
Usage Type
Fixed Line ISP
ASN
AS4134
Domain Name
chinatelecom.cn
Country
๐จ๐ณ
China
City
Shanghai, Shanghai
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 218.91.18.86 :
This IP address has been reported a total of
5
times from
3 distinct
sources.
218.91.18.86 was first reported on
June 30th 2025 , and the most recent report was
8 months ago .
Old Reports:
The most recent abuse report for this IP address is from
8 months ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
kosada.com
2025-11-03 13:59:04
(8 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-10-01 06:12:45
(9 months ago)
(mod_security) mod_security (id:217291) triggered by 218.91.18.86 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:217291) triggered by 218.91.18.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 02:12:41.115568 2025] [security2:error] [pid 6663:tid 6663] [client 218.91.18.86:9993] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n|\\\\r)" at ARGS_NAMES:\\r\\n3\\r\\nm. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)||kountz.org|F|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr\\x5cn3\\x5cr\\x5cnm: \\x0d\\x0a3\\x0d\\x0am"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "kountz.org"] [uri "/calendar.php"] [unique_id "aNzGWe5rl3B7X-pNo2bhowAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2025-09-30 05:15:50
(9 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-09-23 10:41:31
(9 months ago)
(mod_security) mod_security (id:210350) triggered by 218.91.18.86 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 218.91.18.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 23 06:41:23.837713 2025] [security2:error] [pid 1344:tid 1344] [client 218.91.18.86:22132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.renju.net|F|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/830/game/84734/"] [unique_id "aNJ5U0yUpYpFY7VYMTDghwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
tutugreen
2025-06-30 14:43:23
(1 year ago)
Malicious CDN abuse detected. High volume of suspicious requests: 2.13K. DDoS attack pattern and aut ...
show more
Malicious CDN abuse detected. High volume of suspicious requests: 2.13K. DDoS attack pattern and automated bot behavior observed targeting Tencent Cloud CDN infrastructure.
show less
DDoS Attack
Hacking
Bad Web Bot
Web App Attack
Showing 1 to
5
of 5 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: