JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.249.100.241

119.249.100.241 was found in our database!

This IP was reported 549 times. Confidence of Abuse is 100%: ?

100%

ISP	China Unicom Heibei Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Luancheng, Hebei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.249.100.241

Whois 119.249.100.241

IP Abuse Reports for 119.249.100.241:

This IP address has been reported a total of 549 times from 66 distinct sources. 119.249.100.241 was first reported on October 2nd 2025, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-18 07:53:37 (18 hours ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-06-18 07:53:07 (18 hours ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /showbiz/celine-dion-tmerrohet-nga-fansja-ja-cfare-i-ndodhi/364892/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇷 setupgr	2026-06-18 06:21:12 (19 hours ago)	(mod_security) mod_security (id:100011) triggered by 119.249.100.241 (CN/China/Hebei/Shijiazhuang/-/ ... show more (mod_security) mod_security (id:100011) triggered by 119.249.100.241 (CN/China/Hebei/Shijiazhuang/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 18 09:21:09.954004 2026] [security2:error] [pid 3040547:tid 3040592] [client 119.249.100.241:25587] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/robots.txt"] [unique_id "ajOOVXJQXt_97GWFlLmgLgAAAFI"] show less	Port Scan
🇮🇩 soc-yk	2026-06-17 17:54:11 (1 day ago)	Type: suspicious_network_activity Risk: 68 Events: 2357 Evidence: - Persistent suspicious network a ... show more Type: suspicious_network_activity Risk: 68 Events: 2357 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇪🇸 el-brujo	2026-06-17 10:40:01 (1 day ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 (W ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 Action: block Source: firewallManaged ASN Description: CHINA UNICOM China169 Backbone Country: CN Method: GET Timestamp: 2026-06-17T10:40:01Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-17 09:41:12 (1 day ago)	Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 241.100.249.119.rbl.mal ... show more Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 241.100.249.119.rbl.malware.expert succeeded at REQUEST_HEADERS:x-forwarded-for. (1001000-mnz6-3) show less	Hacking
Anonymous	2026-06-17 09:26:41 (1 day ago)	FortiWeb WAF: 64 attacks detected. Threat Score: 14800. Types: Client Management(32), GEO IP(32). Or ... show more FortiWeb WAF: 64 attacks detected. Threat Score: 14800. Types: Client Management(32), GEO IP(32). Origin: China. show less	Web App Attack
🇨🇦 1gz	2026-06-17 06:46:46 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /maqedoni/shkupi-moratorium-per-negociatat-per-emrin/25497/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 bmino.pl	2026-06-17 03:17:47 (1 day ago)	Autoban IP(2): 119.249.100.241 - Hostname: China Unicom China169 Network - City: Shijiazhuang - Regi ... show more Autoban IP(2): 119.249.100.241 - Hostname: China Unicom China169 Network - City: Shijiazhuang - Region: Hebei - Country: China - Location: 38.036,114.47 - Organization: AS4837 CHINA UNICOM China169 Backbone - failed attempts. show less	Bad Web Bot
🇬🇷 setupgr	2026-06-16 19:55:35 (2 days ago)	(mod_security) mod_security (id:100011) triggered by 119.249.100.241: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:100011) triggered by 119.249.100.241: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 22:55:32.642514 2026] [security2:error] [pid 2280080:tid 2280119] [client 119.249.100.241:10639] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/robots.txt"] [unique_id "ajGqNMsskNLCXd8cDXSTrAAAAAw"] show less	Port Scan
🇮🇩 soc-yk	2026-06-16 17:18:10 (2 days ago)	Type: suspicious_network_activity Risk: 67 Events: 2021 Evidence: - Persistent suspicious network a ... show more Type: suspicious_network_activity Risk: 67 Events: 2021 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇺🇸 fortypoundhead	2026-06-16 13:47:48 (2 days ago)	Banned IP Address	Hacking Web App Attack
🇩🇪 Phenix Info	2026-06-16 09:22:07 (2 days ago)	SmallGuard.fr/Prestashop Massive 403	Web App Attack
🇨🇦 1gz	2026-06-16 04:07:47 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /kerko.php UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 soc-yk	2026-06-15 16:54:11 (3 days ago)	Type: suspicious_network_activity Risk: 67 Events: 1719 Evidence: - Persistent suspicious network a ... show more Type: suspicious_network_activity Risk: 67 Events: 1719 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking

Showing 1 to 15 of 549 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.238

🇬🇧 193.163.125.85

🇳🇱 188.166.25.251

🇺🇸 157.245.9.59

🇨🇳 117.50.226.213

🇪🇸 200.234.236.58

🇬🇧 194.50.235.146

🇬🇧 193.163.125.3

🇷🇴 193.46.255.86

🇺🇸 192.178.115.212

🇷🇺 95.26.152.35

🇺🇿 84.54.70.79

🇺🇸 75.67.144.240

🇩🇪 69.5.169.238

🇻🇪 45.182.141.173

🇳🇱 5.255.117.127

🇳🇱 193.176.31.148

🇳🇱 176.65.148.158

🇧🇴 131.0.197.173

🇹🇭 118.193.56.171