JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.255.237.103

58.255.237.103 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 13%: ?

13%

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.255.237.103

Whois 58.255.237.103

IP Abuse Reports for 58.255.237.103:

This IP address has been reported a total of 6 times from 3 distinct sources. 58.255.237.103 was first reported on October 6th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 13:17:14 (1 hour ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:17:08.528776 2026] [security2:error] [pid 15387:tid 15387] [client 58.255.237.103:21600] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.leagueloch.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.leagueloch.com"] [uri "/"] [unique_id "aiq1VJmt3knJ4_sZ1kQPPwAAAA8"], referer: https://www.leagueloch.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 00:06:21 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:06:15.463734 2026] [security2:error] [pid 24890:tid 24890] [client 58.255.237.103:14667] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.guavaroad.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.guavaroad.com"] [uri "/"] [unique_id "aheG94xhGlm1EuObyNc3lAAAAAk"], referer: http://www.guavaroad.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 23:43:34 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 19:43:29.937484 2026] [security2:error] [pid 24576:tid 24576] [client 58.255.237.103:14875] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.nancysmithgibson.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.nancysmithgibson.com"] [uri "/"] [unique_id "aheBoarGM8AqDcie8Pg0HwAAAAQ"], referer: http://www.nancysmithgibson.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-15 00:19:54 (3 weeks ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/58.255.237.103 2026-0 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/58.255.237.103 2026-05-14 02:16:00 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-10-12 23:49:46 (7 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.103 2025-10-12 0 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.103 2025-10-12 06:28:37 /sitemap.xml show less	Web App Attack
🇷🇸 Scan	2025-10-06 02:45:11 (8 months ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 216.132.188.229

🇺🇸 205.185.127.50

🇺🇸 195.184.76.219

🇬🇧 185.192.69.137

🇲🇽 46.250.171.26

🇧🇷 45.160.86.159

🇬🇧 45.82.76.134

🇺🇸 216.73.216.67

🇨🇱 201.186.137.29

🇸🇬 194.164.107.6

🇬🇧 193.163.125.12

🇧🇷 187.85.96.24

🇻🇳 152.32.255.94

🇺🇸 143.198.239.107

🇨🇳 124.66.74.71

🇮🇩 103.248.248.2

🇱🇹 216.132.188.180

🇺🇸 216.73.216.30

🇨🇳 115.231.78.11

🇺🇸 107.174.82.77