JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.239.0.39

112.239.0.39 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 5%: ?

ISP	China Unicom Shandong province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Qingdao, Shandong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.239.0.39

Whois 112.239.0.39

IP Abuse Reports for 112.239.0.39:

This IP address has been reported a total of 8 times from 1 distinct source. 112.239.0.39 was first reported on May 24th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 21:44:12 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:43:55.987506 2026] [security2:error] [pid 25410:tid 25410] [client 112.239.0.39:26110] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|maerynray.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "maerynray.com"] [uri "/"] [unique_id "akBEG0hqUq8mZmIZL0cBsQAAABU"], referer: http://maerynray.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 20:06:10 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 16:05:55.961363 2026] [security2:error] [pid 8782:tid 8782] [client 112.239.0.39:26786] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|3dcounty.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "3dcounty.com"] [uri "/index.cgi"] [unique_id "ajmVo4l8pP2y6xClmFuiWAAAAAc"], referer: https://3dcounty.com/index.cgi show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 20:49:24 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 16:49:08.463986 2026] [security2:error] [pid 30023:tid 30023] [client 112.239.0.39:27441] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.aares2026.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.aares2026.net"] [uri "/index.html"] [unique_id "ajMIRCdib4CTZnPeOuA6pwAAABY"], referer: https://www.aares2026.net/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 22:30:34 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 18:30:17.056402 2026] [security2:error] [pid 11967:tid 11967] [client 112.239.0.39:27463] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|madbanana.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "madbanana.com"] [uri "/"] [unique_id "aiCq-fjhiDc4Q7Zz3jBzJwAAABk"], referer: http://madbanana.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 00:40:57 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 20:40:43.222479 2026] [security2:error] [pid 26798:tid 26798] [client 112.239.0.39:27158] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.happyvalleynh.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.happyvalleynh.org"] [uri "/"] [unique_id "ahzVC9tHawpxdeI_w_2dkAAAABQ"], referer: https://www.happyvalleynh.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 23:47:53 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 19:47:39.052161 2026] [security2:error] [pid 3476:tid 3476] [client 112.239.0.39:25964] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.brevardzen.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.brevardzen.org"] [uri "/"] [unique_id "aht3G-rw8_0xiNl7cOqgZwAAAAM"], referer: http://www.brevardzen.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 20:35:07 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 16:34:51.231476 2026] [security2:error] [pid 23575:tid 23575] [client 112.239.0.39:27097] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.jasonmcquain.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.jasonmcquain.com"] [uri "/"] [unique_id "ahn4a7EDz9It_e_SgaycvwAAAA4"], referer: http://www.jasonmcquain.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 04:12:04 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 112.239.0.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 00:11:47.602298 2026] [security2:error] [pid 20542:tid 20542] [client 112.239.0.39:27209] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|yohel.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "yohel.org"] [uri "/"] [unique_id "ahJ6g6IaaP21kSMRbHaMygAAAAk"], referer: http://yohel.org/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.27

🇺🇸 165.227.93.100

🇺🇸 147.185.132.118

🇺🇸 147.185.132.108

🇻🇳 125.212.244.35

🇺🇸 103.4.250.234

🇺🇸 64.62.197.224

🇺🇸 54.172.231.71

🇹🇭 49.231.148.152

🇲🇾 47.250.54.17

🇨🇱 34.176.82.100

🇸🇮 31.57.184.221

🇨🇳 223.93.165.11

🇳🇱 193.176.31.216

🇳🇱 185.226.197.9

🇰🇷 183.97.102.240

🇲🇴 182.93.7.194

🇫🇷 178.171.109.197

🇺🇸 165.22.180.136

🇺🇸 165.22.34.238