JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.179.33.13

116.179.33.13 was found in our database!

This IP was reported 801 times. Confidence of Abuse is 67%: ?

67%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Taiyuan, Shanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.179.33.13

Whois 116.179.33.13

IP Abuse Reports for 116.179.33.13:

This IP address has been reported a total of 801 times from 71 distinct sources. 116.179.33.13 was first reported on December 13th 2021, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-26 17:42:26 (5 hours ago)	Brute force	Brute-Force
Anonymous	2026-06-26 09:28:56 (13 hours ago)	FortiWeb WAF: 14 attacks detected. Threat Score: 5600. Types: Client Management(7), GEO IP(7). Origi ... show more FortiWeb WAF: 14 attacks detected. Threat Score: 5600. Types: Client Management(7), GEO IP(7). Origin: China. show less	Web App Attack
🇫🇷 Sklurk	2026-06-26 07:24:27 (15 hours ago)	Web App Attack	Web App Attack
🇪🇸 librebit	2026-06-25 13:39:49 (1 day ago)	Brute force	Brute-Force
🇬🇷 setupgr	2026-06-25 13:06:33 (1 day ago)	(mod_security) mod_security (id:100011) triggered by 116.179.33.13 (CN/China/Beijing/Jinrongjie (Xic ... show more (mod_security) mod_security (id:100011) triggered by 116.179.33.13 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 16:06:28.329925 2026] [security2:error] [pid 358184:tid 358233] [client 116.179.33.13:39389] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/uploads/2019/06/%CE%9A%CE%BB%CE%AE%CE%B8%CF%81%CE%B1.jpg"] [unique_id "aj0n1KO2mzdLeHxqn3omeAAAAU4"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%BA%CE%BB%CE%AE%CE%B8%CF%81%CE%B1-2/ show less	Port Scan
🇫🇷 Sklurk	2026-06-25 07:20:53 (1 day ago)	Web App Attack	Web App Attack
🇮🇹 mgarofano80	2026-06-25 05:23:24 (1 day ago)		Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-24 18:12:28 (2 days ago)	(mod_security) mod_security (id:100011) triggered by 116.179.33.13 (CN/China/Beijing/Jinrongjie (Xic ... show more (mod_security) mod_security (id:100011) triggered by 116.179.33.13 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 21:12:27.415721 2026] [security2:error] [pid 187436:tid 187643] [client 116.179.33.13:17670] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css"] [unique_id "ajweCxmu1xYHQgYUWv0QfwAAAJc"], referer: https://ftiaxtomonosou.gr/%CF%80%CE%B1%CF%84%CF%8E%CE%BC%CE%B1%CF%84%CE%B1/page/6/ show less	Port Scan
🇷🇺 Mga Admin	2026-06-24 14:33:26 (2 days ago)	116.179.33.13 - - [24/Jun/2026:21:33:26 +0700] "GET /data/associations?p=5e-8&rs-id=rs112987199&r2=0 ... show more 116.179.33.13 - - [24/Jun/2026:21:33:26 +0700] "GET /data/associations?p=5e-8&rs-id=rs112987199&r2=0.9 HTTP/1.1" 404 67 "https://phelige.com/associations?p=5e-8&rs-id=rs112987199&r2=0.9" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-24 09:28:21 (2 days ago)	FortiWeb WAF: 22 attacks detected. Threat Score: 6200. Types: Client Management(11), GEO IP(11). Ori ... show more FortiWeb WAF: 22 attacks detected. Threat Score: 6200. Types: Client Management(11), GEO IP(11). Origin: China. show less	Web App Attack
🇫🇷 Sklurk	2026-06-24 07:15:55 (2 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 06:44:07 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 116.179.33.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 116.179.33.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 02:44:00.043151 2026] [security2:error] [pid 15062:tid 15062] [client 116.179.33.13:45473] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.williamfitzsimmons.com\|F\|2"] [data ".thehowardtheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.williamfitzsimmons.com"] [uri "/www.thehowardtheatre.com"] [unique_id "ajt8sJlqpuDCgVcQkKrUIgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-06-23 12:46:58 (3 days ago)	Brute force	Brute-Force
Anonymous	2026-06-22 09:25:13 (4 days ago)	FortiWeb WAF: 18 attacks detected. Threat Score: 5600. Types: Client Management(9), GEO IP(9). Origi ... show more FortiWeb WAF: 18 attacks detected. Threat Score: 5600. Types: Client Management(9), GEO IP(9). Origin: China. show less	Web App Attack
🇫🇷 Sklurk	2026-06-22 07:07:42 (4 days ago)	Web App Attack	Web App Attack

Showing 1 to 15 of 801 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.56

🇷🇼 197.243.14.52

🇺🇸 162.216.150.168

🇸🇬 45.78.204.246

🇺🇸 8.231.245.123

🇺🇸 185.226.196.14

🇳🇱 176.65.139.238

🇫🇮 147.185.133.251

🇮🇳 143.110.247.221

🇰🇷 122.35.192.33

🇨🇳 117.34.85.169

🇨🇳 101.96.192.45

🇸🇬 98.159.41.5

🇳🇱 91.92.40.37

🇳🇱 91.92.40.8

🇰🇷 59.12.160.91

🇦🇺 45.133.5.30

🇺🇸 44.38.159.46

🇬🇧 35.203.211.112

🇺🇸 216.25.89.95