JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.154.5.55

39.154.5.55 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 5%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.154.5.55

Whois 39.154.5.55

IP Abuse Reports for 39.154.5.55:

This IP address has been reported a total of 7 times from 2 distinct sources. 39.154.5.55 was first reported on May 1st 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-23 07:52:27 (8 hours ago)	(mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 03:52:16.776566 2026] [security2:error] [pid 30239:tid 30239] [client 39.154.5.55:9931] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.picayunity.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.picayunity.com"] [uri "/index.html"] [unique_id "ajo7MEz53_nvuKFf53eq1QAAACU"], referer: http://www.picayunity.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 21:57:04 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:56:53.035449 2026] [security2:error] [pid 30810:tid 30810] [client 39.154.5.55:2860] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|darensicecream.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "darensicecream.com"] [uri "/"] [unique_id "ajMYJT-arwa_mjWhbTmH7AAAABQ"], referer: http://darensicecream.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 22:36:43 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 18:36:34.509222 2026] [security2:error] [pid 7024:tid 7024] [client 39.154.5.55:1719] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.powerkiteforum.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.powerkiteforum.com"] [uri "/"] [unique_id "ajB-crUhppPrSJQ_rs4v7gAAAAg"], referer: http://www.powerkiteforum.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:52:22 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:52:10.323759 2026] [security2:error] [pid 16590:tid 16655] [client 39.154.5.55:1684] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.hawk-av.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.hawk-av.com"] [uri "/"] [unique_id "ajBX6oNxjxxxQOxJ-FT2nwAAAcE"], referer: http://www.hawk-av.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:12:05 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210831) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:11:51.871550 2026] [security2:error] [pid 26171:tid 26183] [client 39.154.5.55:22261] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.tusappsonline.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.tusappsonline.com"] [uri "/index.html"] [unique_id "ajBOd6MYyUpxS_MGt9M7RAAAAEk"], referer: https://www.tusappsonline.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-09 17:29:16 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210350) triggered by 39.154.5.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 09 13:29:06.680671 2025] [security2:error] [pid 16407:tid 16407] [client 39.154.5.55:7278] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/817/game/44938/"] [unique_id "aMBj4owOBkhbOCTLcu2pywAAAAY"], referer: https://www.renju.net/tournament/817/game/44938 show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-05-01 23:57:55 (1 year ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/39.154.5.55 2025-05-01 00:5 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/39.154.5.55 2025-05-01 00:58:35 /robots.txt show less	Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 128.14.239.38

🇶🇦 2600:1900:4260:40e::e5

🇳🇱 192.253.248.97

🇺🇸 172.253.86.118

🇺🇸 162.216.149.122

🇺🇸 159.26.101.145

🇮🇳 116.74.138.109

🇬🇧 89.37.172.157

🇺🇸 62.132.18.142

🇳🇱 45.142.193.35

🇬🇧 45.82.76.120

🇩🇪 8.209.126.67

🇮🇪 2a05:d018:10df:d400:369e:ef65:1956:6843

🇰🇭 203.189.137.34

🇺🇸 172.253.9.213

🇯🇵 172.104.126.191

🇧🇷 129.121.35.21

🇮🇹 93.147.164.60

🇬🇧 2a00:1450:4009:c19::121

🇨🇳 223.223.199.221