JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.6.49.18

123.6.49.18 was found in our database!

This IP was reported 910 times. Confidence of Abuse is 84%: ?

84%

ISP	China Unicom Henan province network
Usage Type	Fixed Line ISP
ASN	AS4837
Hostname(s)	hn.kd.ny.adsl
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Zhengzhou, Henan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.6.49.18

Whois 123.6.49.18

IP Abuse Reports for 123.6.49.18:

This IP address has been reported a total of 910 times from 132 distinct sources. 123.6.49.18 was first reported on July 7th 2023, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-04 01:35:35 (10 hours ago)	Brute force	Brute-Force
🇨🇦 1gz	2026-06-03 13:00:33 (23 hours ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: /auth/discord/callback UA: Mozilla/5.0 (Linux; U; Android 8.1.0; zh-cn; MI 8 Build/OPM1.171019.011) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 Anytech	2026-06-03 10:31:16 (1 day ago)	Blocked by Conn-Monitor: Automated bot activity	Web App Attack
🇨🇦 1gz	2026-06-01 08:23:18 (3 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: CHALLENGE Protocol: HTTP/3 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: CHALLENGE Protocol: HTTP/3 (GET method) Endpoint: / UA: Mozilla/5.0 (Linux; Android 11; V2055A) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Hugopvigo	2026-05-30 20:35:12 (4 days ago)	"2026-05-30 20:35:12+00:00 123.6.49.18 IP con score alto (83) detectada en el log."	Brute-Force SSH
🇪🇸 librebit	2026-05-30 00:29:39 (5 days ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 15:41:25 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 123.6.49.18 (hn.kd.ny.adsl): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 123.6.49.18 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 11:41:19.048908 2026] [security2:error] [pid 6697:tid 6697] [client 123.6.49.18:51741] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gapanda.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gapanda.com"] [uri "/php-old.ini"] [unique_id "ahmznxd0YWonuXKcIGJKoQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-05-29 12:02:45 (6 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/2 (GET ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Linux; Android 10; HUAWEI P30 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.105 Mobile Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 HandyTreff.de	2026-05-28 14:11:40 (6 days ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -44.331 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -44.331 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Linux; Android 10; HUAWEI P30 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4 show less	Web App Attack Bad Web Bot
🇨🇦 design2web.ca	2026-05-27 08:35:13 (1 week ago)	[UniFi FW] Web application attack on port 80 (HTTP) \| Policy: Region Blocking \| Proto: TCP \| Src: 12 ... show more [UniFi FW] Web application attack on port 80 (HTTP) \| Policy: Region Blocking \| Proto: TCP \| Src: 123.6.49.18:60751 \| SrcRegion: CN \| Svc: HTTP \| Detected: 2026-05-27 07:30:28 UTC \| ISP: CNC Group CHINA169 Henan Province Network \| D2W UniFi AbuseIPDB Reporter v2 show less	Port Scan
🇺🇸 fortypoundhead	2026-05-22 23:39:37 (1 week ago)	Banned IP Address	Hacking Web App Attack
🇳🇱 BellFix	2026-05-22 14:13:05 (1 week ago)	Fail2ban reported 123.6.49.18 for npm-docker	Web App Attack
🇫🇷 masterguru	2026-05-22 00:22:30 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 123.6.49.18 (CN/China/hn.kd.ny.adsl): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 123.6.49.18 (CN/China/hn.kd.ny.adsl): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇺 MAGIC	2026-05-20 02:03:12 (2 weeks ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇱 BellFix	2026-05-19 15:57:30 (2 weeks ago)	Fail2ban reported 123.6.49.18 for npm-docker	Web App Attack

Showing 1 to 15 of 910 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 157.10.26.24

🇮🇳 152.59.83.156

🇺🇸 142.93.78.109

🇮🇩 103.147.159.91

🇷🇴 92.118.39.236

🇮🇷 89.144.134.189

🇩🇪 69.5.169.33

🇨🇳 58.49.26.202

🇲🇦 45.216.82.196

🇳🇱 45.140.222.119

🇦🇺 34.40.193.143

🇩🇪 2400:cb00:696:1000:4287:5164:845f:8f83

🇳🇱 185.242.226.108

🇵🇰 153.117.32.166

🇮🇳 152.59.40.16

🇧🇷 138.117.220.182

🇮🇹 130.25.91.44

🇳🇵 124.41.228.116

🇮🇳 122.161.242.92

🇨🇳 119.127.127.203