JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.49.119.193

112.49.119.193 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 4%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Jiaxing, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.49.119.193

Whois 112.49.119.193

IP Abuse Reports for 112.49.119.193:

This IP address has been reported a total of 7 times from 1 distinct source. 112.49.119.193 was first reported on January 30th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 06:28:19 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:28:14.090282 2026] [security2:error] [pid 29627:tid 29627] [client 112.49.119.193:7744] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|alphaplanning.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "alphaplanning.com"] [uri "/index.html"] [unique_id "aiZg_m4Cp00JlPEZ3LfbiwAAADg"], referer: http://alphaplanning.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 21:07:46 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:07:41.351485 2026] [security2:error] [pid 29862:tid 29862] [client 112.49.119.193:8051] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.sfholidayrentals.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sfholidayrentals.com"] [uri "/"] [unique_id "aiHpHSesafSK22Z-Ux_0dQAAABE"], referer: http://www.sfholidayrentals.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-30 05:51:24 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 01:51:16.825476 2026] [security2:error] [pid 13626:tid 13626] [client 112.49.119.193:8954] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|swhowell.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "swhowell.com"] [uri "/"] [unique_id "acoPVK7qw535nCF3SGEq2QAAAAQ"], referer: https://swhowell.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 08:11:05 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 04:10:59.586994 2026] [security2:error] [pid 18501:tid 18501] [client 112.49.119.193:9070] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|grasslakepizzatime.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "grasslakepizzatime.com"] [uri "/"] [unique_id "acOYk6dAVJ_AslW5iQJmLgAAAA4"], referer: http://grasslakepizzatime.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-21 23:31:42 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 19:31:34.303136 2026] [security2:error] [pid 2540:tid 2540] [client 112.49.119.193:18657] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.bonvivantorganics.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bonvivantorganics.com"] [uri "/"] [unique_id "ab8qVg3yWAvB7jb9M_XiBQAAAAc"], referer: http://www.bonvivantorganics.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 22:34:28 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 17:34:24.551145 2026] [security2:error] [pid 2457:tid 2457] [client 112.49.119.193:18307] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|804websolutions.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "804websolutions.com"] [uri "/"] [unique_id "aYPJcJQY_qfZZBxPolj_MwAAAAs"], referer: https://804websolutions.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-30 19:46:56 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 112.49.119.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 14:46:51.719977 2026] [security2:error] [pid 17502:tid 17502] [client 112.49.119.193:18130] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.yeswedeliver.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.yeswedeliver.org"] [uri "/"] [unique_id "aX0Kq44gb9g_v1mqaULtLAAAAAs"], referer: http://www.yeswedeliver.org/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.243.137.204

🇬🇧 149.102.144.215

🇺🇸 135.237.126.231

🇫🇷 91.196.152.179

🇺🇸 66.240.236.119

🇺🇸 66.132.172.187

🇳🇱 185.93.89.73

🇧🇷 181.218.9.86

🇺🇸 166.62.41.190

🇵🇰 157.10.7.36

🇫🇮 147.185.133.218

🇹🇼 128.14.237.120

🇫🇷 62.171.141.174

🇺🇸 64.62.156.208

🇳🇱 45.148.10.147

🇬🇧 35.203.211.109

🇬🇧 35.203.211.82

🇬🇧 35.203.211.70

🇬🇧 35.203.210.106

🇺🇸 205.210.31.11