JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.99.237.62

139.99.237.62 was found in our database!

This IP was reported 294 times. Confidence of Abuse is 22%: ?

22%

ISP	OVH Australia PTY LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	vps-18b67d6d.vps.ovh.ca
Domain Name	ovh.net
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.99.237.62

Whois 139.99.237.62

IP Abuse Reports for 139.99.237.62:

This IP address has been reported a total of 294 times from 79 distinct sources. 139.99.237.62 was first reported on October 10th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 23:39:33 (1 day ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:39:26.206064 2026] [security2:error] [pid 4195:tid 4195] [client 139.99.237.62:60856] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|colorwize.com:443\|F\|4"] [data "CONNECT colorwize.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "colorwize.com"] [uri "/"] [unique_id "ajxqrv63IDoXk4v2Uh44vwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 15:43:05 (5 days ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 11:42:59.447113 2026] [security2:error] [pid 7837:tid 7837] [client 139.99.237.62:41398] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|marshallcurry.com:443\|F\|4"] [data "CONNECT marshallcurry.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "marshallcurry.com"] [uri "/"] [unique_id "aja1AxXBQJ29VbufWMwFrgAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 23:29:35 (1 week ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:29:27.635318 2026] [security2:error] [pid 15547:tid 15547] [client 139.99.237.62:60426] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.nrvoutdoors.com:443\|F\|4"] [data "CONNECT www.nrvoutdoors.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nrvoutdoors.com"] [uri "/"] [unique_id "ajCK18Ne79SlrhMIoSBjJgAAAF4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:56:31 (1 week ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:56:24.491617 2026] [security2:error] [pid 9027:tid 9027] [client 139.99.237.62:53628] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.illinois-online.org:443\|F\|4"] [data "CONNECT www.illinois-online.org:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.illinois-online.org"] [uri "/"] [unique_id "ajA8yKLFXgukMkUPDdObtwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 03:35:06 (2 weeks ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:35:00.261235 2026] [security2:error] [pid 21924:tid 21932] [client 139.99.237.62:56612] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|super-8mm.com:443\|F\|4"] [data "CONNECT super-8mm.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "super-8mm.com"] [uri "/"] [unique_id "aiTm5LCho1djFM1sbqWZigAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 22:54:18 (3 weeks ago)	(mod_security) mod_security (id:210740) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:210740) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 18:54:14.155632 2026] [security2:error] [pid 32547:tid 32547] [client 139.99.237.62:56930] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|teleplussolutions.com:443\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "teleplussolutions.com"] [uri "/"] [unique_id "aiICFkpe3H1JCm46uVyLqAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 17:48:17 (3 weeks ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 13:48:12.852270 2026] [security2:error] [pid 28813:tid 28813] [client 139.99.237.62:58542] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|mikelynchphoto.com:443\|F\|4"] [data "CONNECT mikelynchphoto.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mikelynchphoto.com"] [uri "/"] [unique_id "aiG6XCaXkMGsmPn6r5XRrgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 04:31:37 (3 weeks ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 00:31:29.870402 2026] [security2:error] [pid 25825:tid 25845] [client 139.99.237.62:42014] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|bullfrogspond.com:443\|F\|4"] [data "CONNECT bullfrogspond.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bullfrogspond.com"] [uri "/"] [unique_id "ahpoIa4KXr3SyM2elaUmhAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-28 15:44:52 (4 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-44.139.99.237.62.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-44.139.99.237.62.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-28 15:37:52 (4 weeks ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇨🇭 Origon	2026-05-28 06:47:22 (4 weeks ago)	http-open-proxy - IP: 139.99.237.62 - time="2026-05-28T08:47:22+02:00" level=info msg="(555f66b4f6a ... show more http-open-proxy - IP: 139.99.237.62 - time="2026-05-28T08:47:22+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-open-proxy by ip 139.99.237.62 (AU/16276) : 4h ban on Ip 139.99.237.62" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-15 21:40:34 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:217210) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 17:40:29.954388 2026] [security2:error] [pid 3838:tid 3933] [client 139.99.237.62:59414] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.myrtlebeachdiet.com:443\|F\|4"] [data "CONNECT www.myrtlebeachdiet.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.myrtlebeachdiet.com"] [uri "/"] [unique_id "ageSzTGzORduN-LqHO5OdQAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cheatmaster.store	2026-05-08 11:34:51 (1 month ago)	Proxy parsed from 139.99.237.62:80	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-05-07 18:55:45 (1 month ago)	(mod_security) mod_security (id:210740) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:210740) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 14:55:41.284536 2026] [security2:error] [pid 2461:tid 2461] [client 139.99.237.62:53308] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|beatthegm.com:443\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "beatthegm.com"] [uri "/"] [unique_id "afzgLUB4ZurB4pzOuC9ztwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 16:11:59 (1 month ago)	(mod_security) mod_security (id:210740) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in t ... show more (mod_security) mod_security (id:210740) triggered by 139.99.237.62 (vps-18b67d6d.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 12:11:51.236598 2026] [security2:error] [pid 10137:tid 10137] [client 139.99.237.62:50362] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|herrell.net:443\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "herrell.net"] [uri "/"] [unique_id "aftoR5_sR3iV7DT8QlHsIQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 294 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.86

🇺🇸 205.210.31.50

🇲🇽 187.192.86.153

🇷🇺 109.195.14.161

🇺🇸 107.173.218.37

🇺🇸 45.156.129.68

🇺🇸 45.156.129.66

🇳🇱 45.148.10.141

🇳🇱 45.139.122.80

🇺🇸 34.197.70.90

🇳🇱 195.178.110.26

🇱🇹 194.165.16.166

🇩🇪 165.245.222.200

🇨🇳 139.170.72.133

🇮🇳 139.59.58.140

🇨🇳 111.26.6.111

🇵🇱 95.214.53.157

🇫🇷 51.158.120.121

🇱🇹 45.227.254.170

🇳🇱 45.155.90.234