JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.149.178.117

123.149.178.117 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 4%: ?

ISP	CHINANET henan province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	hntele.com
Country	🇨🇳 China
City	Zhengzhou, Henan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.149.178.117

Whois 123.149.178.117

IP Abuse Reports for 123.149.178.117:

This IP address has been reported a total of 6 times from 2 distinct sources. 123.149.178.117 was first reported on November 10th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 01:39:09 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:39:01.116325 2026] [security2:error] [pid 28943:tid 28943] [client 123.149.178.117:2671] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.pkmachine.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.pkmachine.com"] [uri "/"] [unique_id "aitjNVxoHJGuofccAD-Q6wAAAAw"], referer: http://www.pkmachine.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 23:44:18 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:44:14.491211 2026] [security2:error] [pid 1582:tid 1582] [client 123.149.178.117:2151] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.stewhist.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.stewhist.org"] [uri "/"] [unique_id "ain2zo_a24y8ZTmDh0nxOgAAABA"], referer: http://www.stewhist.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 21:50:25 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:50:22.162471 2026] [security2:error] [pid 17272:tid 17272] [client 123.149.178.117:27964] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|empire-fire.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "empire-fire.net"] [uri "/"] [unique_id "aiHzHiECMk600n5uC6HTAgAAAAc"], referer: http://empire-fire.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-31 20:06:54 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 15:06:45.972164 2026] [security2:error] [pid 2383:tid 2383] [client 123.149.178.117:4149] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|rockylranch.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "rockylranch.com"] [uri "/"] [unique_id "aX5g1ejHKwgt4uxTUufSIQAAAAI"], referer: https://rockylranch.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-27 21:48:28 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 123.149.178.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 27 16:48:22.239939 2026] [security2:error] [pid 25093:tid 25093] [client 123.149.178.117:4207] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|reyadecostarica.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "reyadecostarica.com"] [uri "/"] [unique_id "aXkypvY29GJkVB-m7B0mrAAAAAo"], referer: http://reyadecostarica.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇿🇦 IrisFlower	2021-11-10 10:54:57 (4 years ago)	Unauthorized connection attempt detected from IP address 123.149.178.117 to port 5555 [J]	Port Scan Hacking

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.32.209.253

🇸🇪 185.246.130.20

🇯🇵 31.57.90.162

🇨🇦 20.151.217.54

🇻🇳 14.186.34.93

🇲🇽 187.191.48.24

🇮🇷 185.208.174.54

🇫🇷 85.217.140.43

🇺🇸 2607:f8b0:400e:c09::12d

🇮🇳 205.254.168.21

🇳🇱 188.166.99.21

🇯🇵 172.68.119.122

🇩🇪 151.243.11.37

🇧🇷 147.15.20.173

🇨🇳 120.48.135.189

🇵🇰 103.19.252.48

🇺🇸 66.132.172.229

🇮🇳 13.205.160.37

🇺🇸 8.230.96.173

🇩🇪 2.27.20.149