JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.90.49.138

223.90.49.138 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 14%: ?

14%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS24445
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Jiaxing, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.90.49.138

Whois 223.90.49.138

IP Abuse Reports for 223.90.49.138:

This IP address has been reported a total of 5 times from 2 distinct sources. 223.90.49.138 was first reported on May 25th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 03:01:16 (9 hours ago)	(mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 23:01:01.761084 2026] [security2:error] [pid 16344:tid 16346] [client 223.90.49.138:56953] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|2020comeback.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "2020comeback.com"] [uri "/"] [unique_id "ait2bXwsGVtq1DKGiFtqSwAAAMA"], referer: https://2020comeback.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 00:58:27 (11 hours ago)	(mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 20:58:11.744976 2026] [security2:error] [pid 18286:tid 18286] [client 223.90.49.138:56587] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.bearssd.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bearssd.org"] [uri "/"] [unique_id "aitZo2eV53wc1xynYlDTdgAAABo"], referer: https://www.bearssd.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 04:46:44 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 00:46:30.564094 2026] [security2:error] [pid 4615:tid 4615] [client 223.90.49.138:57014] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.accu-tuner.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.accu-tuner.com"] [uri "/403.shtml"] [unique_id "aio9pufdjr1MxzxGVNIYHwAAABY"], referer: https://www.accu-tuner.com/403.shtml show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:28:29 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 223.90.49.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:28:16.146236 2026] [security2:error] [pid 3289:tid 3289] [client 223.90.49.138:57022] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ieas.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ieas.org"] [uri "/"] [unique_id "ainW8DhMmI9RptObmdqlhwAAAAg"], referer: https://ieas.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-25 14:16:51 (2 weeks ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 170.247.206.158

🇬🇧 95.141.17.195

🇩🇪 2.27.20.149

🇩🇴 190.167.237.191

🇰🇷 175.207.251.62

🇵🇰 125.209.108.150

🇻🇳 113.188.144.129

🇻🇳 113.181.203.99

🇺🇸 104.194.9.81

🇮🇳 103.54.101.203

🇮🇪 82.22.223.91

🇺🇸 82.22.211.237

🇺🇸 34.73.81.39

🇺🇸 208.84.100.167

🇺🇸 199.48.128.86

🇩🇪 178.63.100.86

🇺🇸 172.121.159.68

🇸🇬 146.190.95.179

🇨🇳 111.228.0.205

🇺🇸 104.233.12.252