JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.149.34.239

39.149.34.239 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 13%: ?

13%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS24445
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.149.34.239

Whois 39.149.34.239

IP Abuse Reports for 39.149.34.239:

This IP address has been reported a total of 4 times from 2 distinct sources. 39.149.34.239 was first reported on January 18th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-25 20:00:21 (1 day ago)	[ThuJun2522:00:15.7389642026][security2:error][pid861540:tid861556][client39.149.34.239:0]ModSecurit ... show more [ThuJun2522:00:15.7389642026][security2:error][pid861540:tid861556][client39.149.34.239:0]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof\"rx$http://bsalsa\\\\\\\\.com\\|\^site24x7$\"against\"REQUEST_HEADERS:user-agent\"required.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"282\"][id\"330094\"][rev\"5\"][msg\"Atomicorp.comWAFRules:CompromisedUser-AgentAgentAttackblocked\"][severity\"CRITICAL\"][hostname\"www.swisservers.com\"][uri\"/\"][unique_id\"aj2Iz1nRCgwse45DbMW-xAAAAAY\"]\,referer:https://www.swisservers.com/ show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 21:07:54 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 39.149.34.239 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 39.149.34.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:07:46.559077 2026] [security2:error] [pid 6987:tid 6987] [client 39.149.34.239:60259] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.coffeewitheinstein.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.coffeewitheinstein.com"] [uri "/"] [unique_id "aiHpIoVMoR1vb20hEJYsuwAAABE"], referer: http://www.coffeewitheinstein.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 03:06:31 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 39.149.34.239 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 39.149.34.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 23:06:22.162202 2026] [security2:error] [pid 31583:tid 31583] [client 39.149.34.239:59946] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|internationalavionics.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "internationalavionics.com"] [uri "/"] [unique_id "ahz3LtHnE9zGVF6Kw4owzAAAAAQ"], referer: https://internationalavionics.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 19:26:23 (5 months ago)	(mod_security) mod_security (id:210831) triggered by 39.149.34.239 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 39.149.34.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 14:26:15.398695 2026] [security2:error] [pid 16569:tid 16569] [client 39.149.34.239:34939] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|stewhist.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "stewhist.org"] [uri "/index.html"] [unique_id "aW0z12ze5mugS0el8j5EDwAAAAA"], referer: http://stewhist.org/index.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.71.192.108

🇺🇸 164.92.106.15

🇬🇧 118.193.65.212

🇳🇱 103.74.132.255

🇨🇳 101.36.228.201

🇺🇸 52.225.83.209

🇸🇬 47.128.119.145

🇨🇳 36.154.134.146

🇲🇽 187.245.215.114

🇹🇷 89.252.157.42

🇷🇺 31.173.4.22

🇬🇧 31.14.254.88

🇰🇷 14.48.246.33

🇸🇪 195.178.191.5

🇺🇸 142.147.191.53

🇩🇪 130.185.120.224

🇺🇸 104.164.8.79

🇺🇸 50.116.72.42

🇵🇱 194.180.49.220

🇷🇺 193.243.172.13