JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.24.31.55

121.24.31.55 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

ISP	China Unicom Hebei province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Handan, Hebei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.24.31.55

Whois 121.24.31.55

IP Abuse Reports for 121.24.31.55:

This IP address has been reported a total of 8 times from 2 distinct sources. 121.24.31.55 was first reported on January 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-05 19:20:22 (1 day ago)	1780687210.540541 121.24.31.55 103.166.156.58 29200_2-4-8-1-3_1412_6 2026-06-06 02:20:10 WIB ...	Email Spam Hacking
🇺🇸 TPI-Abuse	2026-02-03 21:12:14 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 16:11:57.622675 2026] [security2:error] [pid 23018:tid 23018] [client 121.24.31.55:18700] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|visage-nico.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "visage-nico.com"] [uri "/"] [unique_id "aYJkndZ13y9ks-gMxVm4WgAAAAQ"], referer: http://visage-nico.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-02 20:26:39 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 15:26:22.228561 2026] [security2:error] [pid 8116:tid 8116] [client 121.24.31.55:18851] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.professorjunk.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.professorjunk.com"] [uri "/"] [unique_id "aYEIbhFDHGlYPP2FsSVaFwAAAAw"], referer: http://www.professorjunk.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-31 19:41:15 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 14:41:02.725464 2026] [security2:error] [pid 25434:tid 25434] [client 121.24.31.55:18106] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|westoaksurgentcare.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "westoaksurgentcare.com"] [uri "/"] [unique_id "aX5azjy1mi2VeKB4T2aabQAAAA4"], referer: http://westoaksurgentcare.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-30 21:47:19 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 16:47:04.100156 2026] [security2:error] [pid 1276835:tid 1276835] [client 121.24.31.55:19832] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.townies.rocks\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.townies.rocks"] [uri "/"] [unique_id "aX0m2Hs2ZKDgwvIqgSyQawAAABI"], referer: http://www.townies.rocks/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-30 19:31:47 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 14:31:31.807959 2026] [security2:error] [pid 7995:tid 8085] [client 121.24.31.55:18138] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.miraclearts.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.miraclearts.com"] [uri "/"] [unique_id "aX0HE7_9js6nMe3qGxzRXQAAAII"], referer: http://www.miraclearts.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 21:48:58 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 16:48:43.848913 2026] [security2:error] [pid 15828:tid 15828] [client 121.24.31.55:20326] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|reunionking.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "reunionking.com"] [uri "/"] [unique_id "aXfhO_ZYS9rwxiSih17h2wAAAAg"], referer: https://reunionking.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 19:04:20 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 121.24.31.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 14:04:06.573052 2026] [security2:error] [pid 14922:tid 14922] [client 121.24.31.55:19345] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.murphylumber.ca\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.murphylumber.ca"] [uri "/index.html"] [unique_id "aXe6puAEFHTrcNOnUqiNrgAAAAM"], referer: https://www.murphylumber.ca/index.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 2.180.210.18

🇰🇷 1.227.228.131

🇺🇸 216.25.89.120

🇨🇳 171.114.226.126

🇳🇬 152.32.140.22

🇹🇭 147.50.227.79

🇮🇳 139.167.225.126

🇺🇸 107.150.101.57

🇻🇳 103.237.144.204

🇪🇸 90.68.171.156

🇺🇸 65.23.78.126

🇸🇬 47.82.53.238

🇧🇷 45.6.34.68

🇺🇸 34.127.54.59

🇧🇪 34.77.179.184

🇩🇪 2.26.11.8

🇺🇸 209.141.41.212

🇨🇳 183.218.59.20

🇬🇧 137.220.84.221

🇩🇪 104.28.155.178