JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.0.237.214

49.0.237.214 was found in our database!

This IP was reported 812 times. Confidence of Abuse is 89%: ?

89%

ISP	Huawei Cloud Hongkong Region
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Hostname(s)	ecs-49-0-237-214.compute.hwclouds-dns.com
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.0.237.214

Whois 49.0.237.214

IP Abuse Reports for 49.0.237.214:

This IP address has been reported a total of 812 times from 88 distinct sources. 49.0.237.214 was first reported on November 7th 2024, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇰 SaltySoftworks	2026-06-17 16:24:23 (14 hours ago)	User agent spoofing Making suspicious HEAD requests	Spoofing Port Scan Hacking Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-16 15:17:49 (1 day ago)	[TueJun1617:17:43.8214652026][security2:error][pid2006194:tid2006197][client49.0.237.214:0]ModSecuri ... show more [TueJun1617:17:43.8214652026][security2:error][pid2006194:tid2006197][client49.0.237.214:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"wildpferde.ch\"][uri\"/\"][unique_id\"ajFpF6oCoXjCiGs10_xl-AAAAAA\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-14 22:31:23 (3 days ago)		Brute-Force Web App Attack
🇩🇪 4server	2026-06-14 14:33:36 (3 days ago)	[SunJun1416:33:33.7340162026][security2:error][pid2397642:tid2397745][client49.0.237.214:0]ModSecuri ... show more [SunJun1416:33:33.7340162026][security2:error][pid2397642:tid2397745][client49.0.237.214:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"hdcadvisory.ch\"][uri\"/\"][unique_id\"ai67vd15MTOqNeYm5uzFeQAAANE\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-13 22:30:02 (4 days ago)		Brute-Force Web App Attack
Anonymous	2026-06-13 14:20:47 (4 days ago)	Fail2Ban triggered	Web App Attack
🇨🇭 4server	2026-06-12 17:51:45 (5 days ago)	[FriJun1219:51:39.6324162026][security2:error][pid1257080:tid1257330][client49.0.237.214:0]ModSecuri ... show more [FriJun1219:51:39.6324162026][security2:error][pid1257080:tid1257330][client49.0.237.214:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"marcionetti.es\"][uri\"/\"][unique_id\"aixHK3bmkvV0v_aAMOXJggAAAMg\"] show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-10 15:10:37 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 49.0.237.214 (HK/Hong Kong/ecs-49-0-2 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 49.0.237.214 (HK/Hong Kong/ecs-49-0-237-214.compute.hwclouds-dns.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇨🇭 4server	2026-06-08 18:16:26 (1 week ago)	[MonJun0820:16:20.0555132026][security2:error][pid1211270:tid1211559][client49.0.237.214:0]ModSecuri ... show more [MonJun0820:16:20.0555132026][security2:error][pid1211270:tid1211559][client49.0.237.214:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.aid-web.ch\"][uri\"/\"][unique_id\"aicG9Cbe9mAP335QlrVd2wAAAIk\"] show less	Hacking Web App Attack
🇩🇪 4server	2026-06-08 14:25:07 (1 week ago)	[MonJun0816:25:04.1902442026][security2:error][pid1363410:tid1363538][client49.0.237.214:0]ModSecuri ... show more [MonJun0816:25:04.1902442026][security2:error][pid1363410:tid1363538][client49.0.237.214:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"pytag.ch\"][uri\"/\"][unique_id\"aibQwDboE4XK1mxAIq9tNgAAAQ0\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 Vegascosmetics	2026-06-07 15:08:25 (1 week ago)	Kingcopy(AI-IDS) Report: IP automatically blocked after harassing activity. Vegas Security System	DDoS Attack Hacking Exploited Host
🇬🇧 poundawebsiteltd	2026-06-04 18:23:58 (1 week ago)	Web App Attack (ModSecurity Block). Evidence: beanietools.dev:443 49.0.237.214 - - [04/Jun/2026:19:2 ... show more Web App Attack (ModSecurity Block). Evidence: beanietools.dev:443 49.0.237.214 - - [04/Jun/2026:19:23:54 +0100] HEAD / HTTP/1.1 403 2588 - Java/1.8.0_322 show less	Web App Attack
🇷🇺 DZBOT	2026-06-03 17:38:08 (2 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇷🇺 genokrad	2026-06-02 16:37:42 (2 weeks ago)	Website scan TCP 80/443 "/" "Java/1.8.0_322"	Port Scan Web App Attack
Anonymous	2026-06-02 14:50:05 (2 weeks ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot

Showing 1 to 15 of 812 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.76.176.49

🇳🇱 176.65.132.129

🇯🇵 172.253.235.18

🇫🇮 147.185.133.42

🇧🇷 129.121.54.208

🇮🇳 122.187.251.73

🇳🇿 121.73.163.8

🇮🇳 103.70.40.36

🇸🇬 101.47.155.9

🇳🇱 91.92.40.7

🇭🇺 89.134.16.144

🇵🇱 37.109.164.102

🇧🇷 20.197.232.12

🇧🇷 201.86.100.26

🇭🇰 199.45.155.99

🇳🇱 185.107.80.93

🇺🇸 172.173.67.22

🇺🇸 162.216.150.110

🇮🇩 160.25.196.11

🇺🇸 157.245.1.7