JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.54.50.222

123.54.50.222 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 3%: ?

ISP	CHINANET HENAN PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	hntele.com
Country	🇨🇳 China
City	Zhengzhou, Henan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.54.50.222

Whois 123.54.50.222

IP Abuse Reports for 123.54.50.222:

This IP address has been reported a total of 6 times from 1 distinct source. 123.54.50.222 was first reported on June 10th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 01:05:27 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:05:22.318875 2026] [security2:error] [pid 6266:tid 6266] [client 123.54.50.222:31057] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.title26.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.title26.com"] [uri "/"] [unique_id "ai3-UhOJpqEhnv0NdjXHGwAAAB4"], referer: http://www.title26.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 22:30:20 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 18:30:10.089651 2026] [security2:error] [pid 22340:tid 22340] [client 123.54.50.222:23417] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|growtowork.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "growtowork.com"] [uri "/"] [unique_id "aiyIcU_E6BCIh9jXLIciFQAAAB8"], referer: http://growtowork.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 03:45:55 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 23:45:50.939129 2026] [security2:error] [pid 6855:tid 6855] [client 123.54.50.222:39782] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ctjcisenate.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ctjcisenate.org"] [uri "/"] [unique_id "aiuA7jfBSlRsi3gfhAvKSAAAAAI"], referer: http://ctjcisenate.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:05:13 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:04:56.089826 2026] [security2:error] [pid 26946:tid 26946] [client 123.54.50.222:15525] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thenursingsite.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thenursingsite.com"] [uri "/"] [unique_id "aitbOM9tUsyDQvFTQc4EvAAAABQ"], referer: https://thenursingsite.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 15:10:22 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:10:17.854730 2026] [security2:error] [pid 9496:tid 9496] [client 123.54.50.222:41351] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|icesoft.blog\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "icesoft.blog"] [uri "/"] [unique_id "airP2fF1H5qb0crHy1yitwAAAAk"], referer: https://icesoft.blog/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 23:41:29 (2 weeks ago)	(mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 123.54.50.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:41:21.513082 2026] [security2:error] [pid 24892:tid 24892] [client 123.54.50.222:3081] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.rockylranch.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.rockylranch.com"] [uri "/"] [unique_id "ain2Ic91wwo5BkNRK8oMVAAAAAw"], referer: https://www.rockylranch.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 200.8.109.26

🇧🇷 187.103.251.240

🇧🇷 177.61.176.110

🇮🇳 136.232.11.10

🇺🇸 96.31.94.89

🇺🇸 72.10.32.138

🇳🇱 45.148.10.121

🇻🇳 27.79.40.38

🇫🇷 187.124.55.157

🇧🇷 186.203.133.189

🇩🇪 185.220.101.176

🇮🇶 169.224.121.64

🇮🇶 169.224.5.203

🇪🇬 154.180.201.149

🇺🇸 151.240.92.215

🇺🇸 151.240.92.209

🇺🇸 151.240.92.174

🇺🇸 136.66.87.103

🇲🇰 109.121.162.212

🇻🇳 103.61.123.132