JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.149.242.220

39.149.242.220 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 2%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS24445
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Zhengzhou, Henan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.149.242.220

Whois 39.149.242.220

IP Abuse Reports for 39.149.242.220:

This IP address has been reported a total of 7 times from 2 distinct sources. 39.149.242.220 was first reported on January 28th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 12:09:50 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 08:09:43.658120 2026] [security2:error] [pid 3896:tid 3896] [client 39.149.242.220:28736] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.judgehall.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.judgehall.com"] [uri "/"] [unique_id "aiK8hzOc2t5zaccPmnH_IAAAAAs"], referer: http://www.judgehall.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:03:37 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:03:33.151942 2026] [security2:error] [pid 14147:tid 14147] [client 39.149.242.220:29243] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|digifonics.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "digifonics.com"] [uri "/"] [unique_id "aiKQ5aw8axsfd3gcC1X2LgAAAAQ"], referer: http://digifonics.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-04 03:28:20 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 23:28:14.038981 2026] [security2:error] [pid 10324:tid 10324] [client 39.149.242.220:45481] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thebumans.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thebumans.com"] [uri "/"] [unique_id "adCFTmfc7H4wZ-eUtSiZGgAAAA4"], referer: http://thebumans.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-04-03 01:58:40 (2 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/39.149.242.220 2026-04-02 2 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/39.149.242.220 2026-04-02 22:53:19 /sitemap.xml show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-17 23:15:58 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 18:15:52.896692 2026] [security2:error] [pid 490926:tid 490926] [client 39.149.242.220:56974] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.nearfieldchrist.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.nearfieldchrist.com"] [uri "/"] [unique_id "aZT2qOolZlRfnyuG_mgt3QAAABM"], referer: http://www.nearfieldchrist.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-07 22:22:50 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 17:22:43.075851 2026] [security2:error] [pid 20548:tid 20548] [client 39.149.242.220:4891] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|keithwillwynne.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "keithwillwynne.com"] [uri "/"] [unique_id "aYe7MwhSjGjtdXDpGj1-MwAAABU"], referer: http://keithwillwynne.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-28 20:34:47 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 39.149.242.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 28 15:34:42.381287 2026] [security2:error] [pid 13764:tid 13870] [client 39.149.242.220:23444] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|appraisalteam.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "appraisalteam.net"] [uri "/"] [unique_id "aXpy4h59NsQLpi8eTkoI8AAAAsY"], referer: http://appraisalteam.net/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.36

🇺🇸 159.223.134.45

🇹🇭 118.193.56.246

🇳🇱 93.123.109.105

🇧🇪 34.52.248.77

🇯🇵 2a00:1633:409:91:9999::231

🇺🇸 216.226.77.10

🇨🇳 182.242.168.29

🇺🇸 172.236.228.115

🇫🇷 172.71.135.76

🇦🇪 146.70.102.5

🇧🇷 138.97.243.41

🇧🇷 138.97.243.40

🇨🇳 119.53.253.2

🇬🇧 80.195.196.42

🇭🇰 45.142.154.95

🇺🇸 3.5.87.195

🇬🇧 165.22.116.223

🇧🇬 149.62.239.4

🇧🇷 138.97.243.39