JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.255.237.5

58.255.237.5 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.255.237.5

Whois 58.255.237.5

IP Abuse Reports for 58.255.237.5:

This IP address has been reported a total of 8 times from 2 distinct sources. 58.255.237.5 was first reported on July 15th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 20:21:27 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:21:21.427083 2026] [security2:error] [pid 21415:tid 21482] [client 58.255.237.5:12228] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.gotlib.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.gotlib.net"] [uri "/"] [unique_id "aiMvwTAyzF8WBBgrPZrdtQAAAEU"], referer: http://www.gotlib.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-06 03:52:06 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 23:52:02.451424 2026] [security2:error] [pid 17518:tid 17518] [client 58.255.237.5:21837] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|templebarns.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "templebarns.org"] [uri "/"] [unique_id "adMt4tK0WdDIVGOt_fBc0AAAAAA"], referer: https://templebarns.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 16:15:35 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 12:15:26.431075 2026] [security2:error] [pid 19685:tid 19685] [client 58.255.237.5:21892] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|heathbartley.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "heathbartley.com"] [uri "/"] [unique_id "ac_nnrMz5T1lbGeKvDj6bwAAAAI"], referer: http://heathbartley.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 06:27:12 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 58.255.237.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 02:27:05.748384 2026] [security2:error] [pid 13093:tid 13123] [client 58.255.237.5:2085] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.classactionlawsuit.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.classactionlawsuit.org"] [uri "/"] [unique_id "ac9duV_HWORKuEAfoc1TCAAAAZY"], referer: https://www.classactionlawsuit.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-08-19 23:57:54 (9 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-08-19 00: ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-08-19 00:46:15 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-08-17 23:59:59 (9 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-08-17 03: ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-08-17 03:42:11 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-07-17 00:02:15 (10 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-07-16 06: ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-07-16 06:28:03 /favicon.ico show less	Web App Attack
🇨🇳 ThreatBook.io	2025-07-15 00:26:07 (10 months ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-07-14 03: ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/58.255.237.5 2025-07-14 03:06:18 /robots.txt show less	Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 186.189.99.189

🇺🇸 98.109.173.244

🇷🇺 95.188.91.101

🇺🇸 44.249.28.9

🇺🇸 34.139.168.111

🇺🇸 195.184.76.201

🇦🇷 190.220.172.154

🇲🇽 189.163.24.242

🇬🇧 185.116.172.240

🇺🇸 107.175.114.16

🇳🇱 80.82.70.228

🇬🇧 45.82.76.139

🇸🇬 43.133.54.83

🇳🇱 5.83.143.111

🇨🇳 220.167.233.27

🇺🇸 216.73.161.160

🇳🇱 195.178.110.48

🇩🇪 192.109.200.220

🇮🇳 152.59.88.40

🇺🇸 135.132.67.167