JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.106.67.230

39.106.67.230 was found in our database!

This IP was reported 228 times. Confidence of Abuse is 37%: ?

37%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.106.67.230

Whois 39.106.67.230

IP Abuse Reports for 39.106.67.230:

This IP address has been reported a total of 228 times from 19 distinct sources. 39.106.67.230 was first reported on August 23rd 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 afleventoffice.com.au	2026-06-14 21:41:38 (1 week ago)	GET /data/%235Dp8Gh.asp HTTP/1.1	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-11 05:07:02 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-11 04:05:04 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-09 21:04:37 (2 weeks ago)	GET /demo.asp HTTP/1.1	Web App Attack
🇫🇷 ELYAZ	2026-06-07 13:22:12 (2 weeks ago)	(y4) Failed scan -byebye- from 39.106.67.230 (CN/China/-): (CF_ENABLE)	Hacking
🇺🇸 TPI-Abuse	2026-06-07 12:45:15 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 39.106.67.230 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 39.106.67.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:45:11.088532 2026] [security2:error] [pid 11744:tid 11759] [client 39.106.67.230:61527] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.gmentz.com\|F\|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gmentz.com"] [uri "/css/add.cer"] [unique_id "aiVn12q5mlPRuMgomlJvggAAAY0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 12:15:13 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 39.106.67.230 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 39.106.67.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:15:05.770075 2026] [security2:error] [pid 27193:tid 27193] [client 39.106.67.230:54890] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pinballhistory.com\|F\|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pinballhistory.com"] [uri "/css/add.cer"] [unique_id "aiVgyZ5QA28pt1qUO2hxogAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-07 10:13:58 (2 weeks ago)	GET /css/add.cer HTTP/1.1	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-07 02:05:06 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-07 01:15:27 (2 weeks ago)	(php_susp_dir) srv103 PHP in suspicious dir 39.106.67.230 (CN/China/-): 1 in the last 3600 secs; Por ... show more (php_susp_dir) srv103 PHP in suspicious dir 39.106.67.230 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-06 15:41:54 (2 weeks ago)	GET /runtime/cache/fuckyouwaf.php HTTP/1.1	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-05 08:08:01 (3 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-05 07:06:01 (3 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-04 17:59:02 (3 weeks ago)	GET /caches/log/info.php HTTP/1.1	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 00:37:50 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 39.106.67.230 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 39.106.67.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:37:46.169183 2026] [security2:error] [pid 23355:tid 23355] [client 39.106.67.230:52552] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pbdot3.com\|F\|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pbdot3.com"] [uri "/dd.cer"] [unique_id "ah93WvmPrahniXMq01LUagAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 228 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.185.255.227

🇨🇳 218.92.251.198

🇲🇽 201.151.221.46

🇬🇧 188.240.59.59

🇧🇴 181.188.176.242

🇨🇳 171.106.66.130

🇺🇸 162.216.149.184

🇺🇸 67.207.93.64

🇮🇶 65.20.250.93

🇺🇸 52.180.159.71

🇬🇧 206.189.29.55

🇳🇱 104.28.217.137

🇮🇶 62.201.243.205

🇳🇱 51.158.205.203

🇺🇸 47.254.71.131

🇫🇮 2a01:4f9:c013:9003::1

🇻🇳 171.244.48.137

🇨🇱 143.255.104.21

🇺🇸 104.243.38.174

🇳🇱 104.23.170.20