JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.249.100.49

119.249.100.49 was found in our database!

This IP was reported 585 times. Confidence of Abuse is 85%: ?

85%

ISP	China Unicom Heibei Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Luancheng, Hebei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.249.100.49

Whois 119.249.100.49

IP Abuse Reports for 119.249.100.49:

This IP address has been reported a total of 585 times from 71 distinct sources. 119.249.100.49 was first reported on October 2nd 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-13 09:31:31 (1 hour ago)	FortiWeb WAF: 22 attacks detected. Threat Score: 7800. Types: Client Management(11), GEO IP(11). Ori ... show more FortiWeb WAF: 22 attacks detected. Threat Score: 7800. Types: Client Management(11), GEO IP(11). Origin: China. show less	Web App Attack
🇪🇸 librebit	2026-06-13 07:39:22 (3 hours ago)	Brute force	Brute-Force
🇫🇷 Sklurk	2026-06-13 06:54:41 (4 hours ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-06-13 02:35:41 (8 hours ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /www.albeu.com/bota/prinderit-e-melania-trumpit-marrin-shtetesine-amerikane/414386/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 fortypoundhead	2026-06-12 17:44:39 (17 hours ago)	Banned IP Address	Hacking Web App Attack
🇫🇷 Sklurk	2026-06-12 06:53:10 (1 day ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-06-12 05:19:38 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lifestyle/flori-ne-fytyre/51040/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 librebit	2026-06-12 03:55:53 (1 day ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 14:05:11 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 119.249.100.49 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 119.249.100.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 10:05:03.318999 2026] [security2:error] [pid 16147:tid 16147] [client 119.249.100.49:56195] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|austli.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "austli.com"] [uri "/norkyn.com"] [unique_id "airAj1Ik6KQTOVDIVJQIxAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 09:35:06 (2 days ago)	FortiWeb WAF: 22 attacks detected. Threat Score: 5200. Types: Client Management(11), GEO IP(11). Ori ... show more FortiWeb WAF: 22 attacks detected. Threat Score: 5200. Types: Client Management(11), GEO IP(11). Origin: China. show less	Web App Attack
🇫🇷 Sklurk	2026-06-11 06:45:21 (2 days ago)	Web App Attack	Web App Attack
🇨🇦 1gz	2026-06-11 00:51:45 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /foto-lajm/ilda-bejleri-pozon-nga-abu-dhabi-gazetarja-e-lidhur-me-sheik-foto-lajm/441694/2/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 librebit	2026-06-10 10:39:20 (3 days ago)	Brute force	Brute-Force
🇨🇦 1gz	2026-06-10 07:30:25 (3 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /kerko.php UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-10 07:15:03 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 119.249.100.49 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 119.249.100.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 03:14:57.211429 2026] [security2:error] [pid 6738:tid 6738] [client 119.249.100.49:1486] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.scoutinsignia.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.scoutinsignia.com"] [uri "/achadv_files/WS_FTP.LOG"] [unique_id "aikO8UCXAV1NnDyyrsm4SAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 585 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.101

🇬🇧 217.154.61.249

🇺🇸 172.253.9.216

🇧🇷 152.32.200.213

🇱🇦 139.5.156.254

🇺🇸 109.105.210.64

🇺🇸 104.137.193.247

🇧🇩 103.183.62.3

🇬🇭 102.223.92.101

🇨🇦 85.217.149.62

🇨🇳 81.68.84.123

🇯🇵 79.127.129.203

🇧🇬 79.124.62.134

🇺🇸 70.91.135.181

🇳🇱 45.142.193.118

🇺🇸 34.26.156.41

🇷🇺 31.173.247.254

🇪🇪 31.59.160.12

🇺🇸 20.65.194.96

🇨🇳 220.250.53.211