JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.199.59.136

138.199.59.136 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 0%: ?

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	datacamp.co.uk
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.199.59.136

Whois 138.199.59.136

IP Abuse Reports for 138.199.59.136:

This IP address has been reported a total of 123 times from 51 distinct sources. 138.199.59.136 was first reported on August 29th 2021, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-11 04:17:43 (2 months ago)	Apr 11 00:17:42 localhost kernel: [104226482.376432] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Apr 11 00:17:42 localhost kernel: [104226482.376432] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=138.199.59.136 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x00 TTL=37 ID=0 DF PROTO=TCP SPT=50291 DPT=8529 SEQ=3154535135 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B40402080A2D9112250000000001030307) Apr 11 00:17:42 localhost kernel: [104226482.387144] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=138.199.59.136 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=TCP SPT=58381 DPT=9000 SEQ=1230623152 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B40402080A2D9112240000000001030307) Apr 11 00:17:42 localhost kernel: [104226482.403505] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=138.199.59.136 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=0 DF PROTO=TCP SPT=34321 DPT=3001 SEQ=2051688760 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B40402080A2D9112240000000001030307) show less	Port Scan
🇨🇭 Origon	2026-04-11 04:02:59 (2 months ago)	postfix-non-smtp-command - IP: 138.199.59.136 - time="2026-04-11T06:02:59+02:00" level=info msg="(5 ... show more postfix-non-smtp-command - IP: 138.199.59.136 - time="2026-04-11T06:02:59+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/postfix-non-smtp-command by ip 138.199.59.136 (PL/212238) : 4h ban on Ip 138.199.59.136" module=db show less	Email Spam
🇫🇷 Kurom	2026-03-14 06:16:56 (3 months ago)	Port scanning detected on company server. Targeted ports: [8080]	Port Scan Hacking
🇫🇷 GoodOldTOS	2026-03-11 20:32:47 (3 months ago)	Connection to FTP honeypot	Hacking
🇨🇭 Origon	2026-03-11 11:32:32 (3 months ago)	postfix-non-smtp-command - IP: 138.199.59.136 - time="2026-03-11T12:32:32+01:00" level=info msg="(5 ... show more postfix-non-smtp-command - IP: 138.199.59.136 - time="2026-03-11T12:32:32+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/postfix-non-smtp-command by ip 138.199.59.136 (PL/212238) : 4h ban on Ip 138.199.59.136" module=db show less	Email Spam
🇺🇸 TPI-Abuse	2024-10-12 20:00:30 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 12 16:00:25.012954 2024] [security2:error] [pid 20672:tid 20672] [client 138.199.59.136:60767] [client 138.199.59.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pinballhistory.com"] [uri "/.git/HEAD"] [unique_id "ZwrVWXWZW36JfBQ1WO61pwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-12 18:01:38 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 12 14:01:33.477951 2024] [security2:error] [pid 13876:tid 13899] [client 138.199.59.136:53631] [client 138.199.59.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wasula.com"] [uri "/.git/HEAD"] [unique_id "Zwq5fVthZDHBgPdkqYmjGQAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-12 13:12:17 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 12 09:12:09.919766 2024] [security2:error] [pid 3062:tid 3062] [client 138.199.59.136:62433] [client 138.199.59.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.williamcline.com"] [uri "/.git/HEAD"] [unique_id "Zwp1qeFldiVXeqIwU0dXVQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-12 11:37:20 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 138.199.59.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 12 07:37:15.341091 2024] [security2:error] [pid 2682:tid 2682] [client 138.199.59.136:63401] [client 138.199.59.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.geckoturner.com"] [uri "/.git/HEAD"] [unique_id "Zwpfa3GXsWhEvLLxSCsZowAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-12 07:00:45 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-08-24 15:32:44 (1 year ago)	Aggressive web scan	Web App Attack
🇺🇸 quicksand	2024-08-16 09:18:05 (1 year ago)	Malicious URI path [GET /composer.json] [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.3 ... show more Malicious URI path [GET /composer.json] [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36] Reported from WAF sampled requests show less	Bad Web Bot Web App Attack
Anonymous	2024-08-16 08:01:24 (1 year ago)		Web App Attack
Anonymous	2024-08-16 07:27:05 (1 year ago)	Aggressive web scan	Web App Attack
🇺🇸 rcsb	2024-07-20 23:06:33 (1 year ago)	Spam Post In Forums	Web Spam

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4882:9000::b4

🇧🇪 198.235.24.164

🇺🇸 195.184.76.22

🇺🇦 176.36.139.231

🇪🇨 149.50.197.253

🇵🇪 132.191.0.66

🇵🇱 109.205.211.147

🇺🇸 100.28.153.226

🇨🇦 74.244.159.139

🇪🇸 46.6.124.216

🇬🇧 5.226.140.17

🇺🇸 2a04:c300:400::17e

🇳🇱 192.42.116.19

🇳🇱 176.65.148.27

🇻🇳 171.252.189.84

🇸🇬 159.223.84.220

🇻🇳 103.110.85.89

🇻🇳 103.77.215.165

🇰🇪 102.208.164.196

🇳🇱 91.92.40.47