JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.179.33.203

116.179.33.203 was found in our database!

This IP was reported 676 times. Confidence of Abuse is 61%: ?

61%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Taiyuan, Shanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.179.33.203

Whois 116.179.33.203

IP Abuse Reports for 116.179.33.203:

This IP address has been reported a total of 676 times from 61 distinct sources. 116.179.33.203 was first reported on December 13th 2021, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-28 11:07:59 (21 hours ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-06-27 19:10:40 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /kerko.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Sklurk	2026-06-27 08:58:58 (2 days ago)	Web App Attack	Web App Attack
🇬🇷 setupgr	2026-06-27 05:13:32 (2 days ago)	(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/-/-/-/[AS4837 CHINA UN ... show more (mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/-/-/-/[AS4837 CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 27 08:13:26.438564 2026] [security2:error] [pid 1094255:tid 1094496] [client 116.179.33.203:59690] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CN" at GEO:COUNTRY_CODE. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "62"] [id "100011"] [msg "Traffic from CN/SG blocked for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/cache/fonts/1/google-fonts/css/d/6/2/487a4e09e49ec73b9840f3479663e.css"] [unique_id "aj9b9hnMhduY9788gj5AtwAAAcQ"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%B5%CE%BB%CE%B9%CE%AC-2/ show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-27 03:18:16 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:18:09.469568 2026] [security2:error] [pid 16763:tid 16763] [client 116.179.33.203:32628] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.accordionstars.com.accordionclub.org\|F\|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com.accordionclub.org"] [uri "/www.accordionfactory.com"] [unique_id "aj9A8aUzb35THpmZKxyD5wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-26 08:51:15 (3 days ago)	Web App Attack	Web App Attack
🇪🇸 librebit	2026-06-25 13:12:23 (3 days ago)	Brute force	Brute-Force
🇬🇷 setupgr	2026-06-25 13:06:28 (3 days ago)	(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xi ... show more (mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 16:06:28.291301 2026] [security2:error] [pid 358184:tid 358217] [client 116.179.33.203:65507] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css"] [unique_id "aj0n1KO2mzdLeHxqn3omdwAAAUE"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%BA%CE%BB%CE%AE%CE%B8%CF%81%CE%B1-2/ show less	Port Scan
🇬🇷 setupgr	2026-06-25 11:34:29 (3 days ago)	(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xi ... show more (mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 14:34:24.078919 2026] [security2:error] [pid 358185:tid 358274] [client 116.179.33.203:32011] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/plugins/elementor/assets/lib/animations/styles/bounceIn.min.css"] [unique_id "aj0SQDpPCootS5mrGd752QAAAYA"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%B4%CE%B5%CF%83%CF%80%CE%BF%CF%84%CE%AC%CE%BA%CE%B9-%CE%B1%CE%BC%CE%B5%CF%81%CE%B9%CE%BA%CE%AE%CF%82/ show less	Port Scan
🇫🇷 Sklurk	2026-06-25 08:31:55 (4 days ago)	Web App Attack	Web App Attack
🇺🇸 nodepile	2026-06-25 07:22:32 (4 days ago)	Requests denied due to active blacklist hits (tenant=82 method=GET path=/static/version1775170088/fr ... show more Requests denied due to active blacklist hits (tenant=82 method=GET path=/static/version1775170088/frontend/Smartwave/porto/en_US/Magento_Ui/template/messages.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36') show less	Web App Attack Exploited Host
🇬🇷 setupgr	2026-06-24 18:12:42 (4 days ago)	(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xi ... show more (mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 21:12:41.926558 2026] [security2:error] [pid 187436:tid 187626] [client 116.179.33.203:13938] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/plugins/justified-image-grid/timthumb.php"] [unique_id "ajweGRmu1xYHQgYUWv0QigAAAIY"], referer: https://ftiaxtomonosou.gr/%CF%80%CE%B1%CF%84%CF%8E%CE%BC%CE%B1%CF%84%CE%B1/page/6/ show less	Port Scan
🇫🇷 Sklurk	2026-06-24 08:12:09 (5 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 00:57:18 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 20:57:14.447789 2026] [security2:error] [pid 15217:tid 15217] [client 116.179.33.203:17907] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".theparishaustin.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/www.theparishaustin.com"] [unique_id "ajnZ6gtchrwdVdxFQEmxQQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-06-22 20:19:05 (6 days ago)	Brute force	Brute-Force

Showing 1 to 15 of 676 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.239

🇮🇳 182.95.228.106

🇰🇷 139.150.65.107

🇨🇳 117.78.33.253

🇺🇸 91.230.168.233

🇧🇬 91.191.209.118

🇮🇱 85.159.164.28

🇺🇸 64.62.156.105

🇺🇸 45.33.78.24

🇨🇳 27.17.182.120

🇺🇸 98.109.1.220

🇹🇷 85.104.0.89

🇧🇬 45.95.170.45

🇺🇸 44.96.245.23

🇿🇲 41.173.43.34

🇮🇳 20.204.23.206

🇺🇸 217.181.74.75

🇩🇪 207.154.250.9

🇧🇷 177.62.103.208

🇺🇸 143.244.165.176