This IP address has been reported a total of
223
times from
73 distinct
sources.
110.42.208.131 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Multiple/Conflicting Connection Header Data Found. Pattern match "\\\\b(?:keep-alive|close),\\\\s?(? ...
show moreMultiple/Conflicting Connection Header Data Found. Pattern match "\\\\b(?:keep-alive|close),\\\\s?(?:keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection. (920210-193)
show less
(mod_security) mod_security (id:100012) triggered by 110.42.208.131: 1 in the last 86400 secs; Ports ...
show more(mod_security) mod_security (id:100012) triggered by 110.42.208.131: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 05:44:04.589063 2026] [security2:error] [pid 1917011:tid 1917132] [client 110.42.208.131:37048] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ions\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "58"] [id "100012"] [msg "CSF-TRIGGER: Country Block CN/SG for ions.gr"] [hostname "ions.gr"] [uri "/"] [unique_id "ajC4dOBwCn2ogzWsBgDKtQAAABM"]
show less
Detectors: [SURICATA, NGINX] | Reasons: Invalid HTTP protocol or SSTP scan attempt detected on sinkh ...
show moreDetectors: [SURICATA, NGINX] | Reasons: Invalid HTTP protocol or SSTP scan attempt detected on sinkhole | Automated scan targeting an unauthorized host or default server sinkhole | UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | ASN: 45090 (Shenzhen Tencent Computer Systems Company Limited)
show less
(mod_security) mod_security (id:100011) triggered by 110.42.208.131: 1 in the last 86400 secs; Ports ...
show more(mod_security) mod_security (id:100011) triggered by 110.42.208.131: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 16:59:49.289570 2026] [security2:error] [pid 948989:tid 949022] [client 110.42.208.131:35118] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/"] [unique_id "ajAFVdXD3_cY7WcDuxo2JAAAAIY"], referer: http://doityourself.gr
show less
Port Scan
Anonymous
FortiWeb WAF: 48 attacks detected. Threat Score: 16200. Types: Client Management(24), GEO IP(24). Or ...
show moreFortiWeb WAF: 48 attacks detected. Threat Score: 16200. Types: Client Management(24), GEO IP(24). Origin: China.
show less
Triggered Cloudflare WAF (firewallCustom) from CN.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show moreTriggered Cloudflare WAF (firewallCustom) from CN.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: / | UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
[MonJun1504:54:39.3780902026][security2:error][pid1065511:tid1065762][client110.42.208.131:0]ModSecu ...
show more[MonJun1504:54:39.3780902026][security2:error][pid1065511:tid1065762][client110.42.208.131:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?i\)\(10\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\|192\\\\\\\\.168\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\|172\\\\\\\\.\(1[6-9]\|2[0-9]\|3[0-1]\)\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\|fe80::\)\"atREQUEST_HEADERS:X-Forwarded-For.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"25\"][id\"990004\"][msg\"SSRFattempttoprivate/internalnetworkdetected\"][hostname\"hosting-ticino-svizzera.ch\"][uri\"/\"][unique_id\"ai9pb-xYkxOGVYnzgUim_gAAAFc\"]
show less