JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.59.31.99

194.59.31.99 was found in our database!

This IP was reported 1,611 times. Confidence of Abuse is 0%: ?

ISP	Virtuo Networks France SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS399486
Domain Name	virtuo.host
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.59.31.99

Whois 194.59.31.99

IP Abuse Reports for 194.59.31.99:

This IP address has been reported a total of 1,611 times from 42 distinct sources. 194.59.31.99 was first reported on June 2nd 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 bohl-aiG5aef	2026-02-16 09:59:58 (4 months ago)	Suricata Alert [SID:2031502] ET INFO Request to Hidden Environment File - Inbound	Hacking
🇮🇩 hermawan	2026-02-16 08:42:26 (4 months ago)	[Mon Feb 16 15:42:25.379401 2026] [security2:error] [pid 279852:tid 140298747352768] [client 194.59. ... show more [Mon Feb 16 15:42:25.379401 2026] [security2:error] [pid 279852:tid 140298747352768] [client 194.59.31.99:62720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.22.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "358"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aZLYcRugfThgFfarRJVRPQAAARU"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[279982] [lQAo7+xxby4] [aZLYcRugfThgFfarRJVRPQAAARU] keep_alive=[0] [2026-02-16 15:42:25.379406] [R:aZLYcRugfThgFfarRJVRPQAAARU] UA:'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; es-es) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1' Host:'staklim-jatim.bmkg.go.id' Accept-Encoding:'gzip ... show less	Hacking Web App Attack
🇩🇪 check-the-sum.fr	2026-02-16 08:20:00 (4 months ago)	Port Scanning	Port Scan
🇩🇪 conseilgouz	2026-02-09 17:48:07 (4 months ago)	coe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=artic ... show more coe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=article&id=153:composant-cg-secure&catid=8&lang=f...(') show less	Hacking
🇺🇸 TPI-Abuse	2024-09-10 05:12:51 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 194.59.31.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 194.59.31.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 01:12:43.395126 2024] [security2:error] [pid 11554:tid 11554] [client 194.59.31.99:64583] [client 194.59.31.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pfmarch.com"] [uri "/.env"] [unique_id "Zt_VS2DkTPKTpeE9cXnccQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-10 02:41:33 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 194.59.31.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 194.59.31.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 22:41:25.625363 2024] [security2:error] [pid 20626:tid 20626] [client 194.59.31.99:52283] [client 194.59.31.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abundancecompany.com"] [uri "/.env"] [unique_id "Zt-x1SOTol3D5MQOqVKRGAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-10 02:25:29 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 194.59.31.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 194.59.31.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 22:25:22.377099 2024] [security2:error] [pid 15098:tid 15098] [client 194.59.31.99:62573] [client 194.59.31.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swwpccpa.com"] [uri "/.env"] [unique_id "Zt-uEhQkaB5gji5SeZwigQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 psauxit	2024-07-23 11:29:30 (1 year ago)	Fail2Ban - POSTFIX dropped in one of sasl-auth,rbl,ddos,too-many-errors,address-rejected	Brute-Force
🇵🇱 sefinek.net	2024-07-23 05:34:50 (1 year ago)	IP: 194.59.31.99 Protocol: TCP Source port: 34318 Destination port: 8080 TTL: 45 Packet length: 60 T ... show more IP: 194.59.31.99 Protocol: TCP Source port: 34318 Destination port: 8080 TTL: 45 Packet length: 60 TOS: 0x00 Timestamp: Jul 23 07:34:47 (07:34:47, 23.07.2024) The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details indicate a possible unauthorized access attempt or network scan. show less	Port Scan Web App Attack
🇩🇪 IP Analyzer	2024-07-22 22:30:24 (1 year ago)	Unauthorized connection attempt from IP address 194.59.31.99 on Port 80	Port Scan
🇩🇪 IP Analyzer	2024-07-22 15:30:56 (1 year ago)	Unauthorized connection attempt from IP address 194.59.31.99 on Port 465(SMTPS)	Port Scan
🇵🇱 sefinek.net	2024-07-22 13:14:10 (1 year ago)	IP: 194.59.31.99 Protocol: TCP Source port: 49700 Destination port: 8080 TTL: 45 Packet length: 60 T ... show more IP: 194.59.31.99 Protocol: TCP Source port: 49700 Destination port: 8080 TTL: 45 Packet length: 60 TOS: 0x00 Timestamp: Jul 22 10:34:54 (10:34:54, 22.07.2024) The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details indicate a possible unauthorized access attempt or network scan. show less	Port Scan Web App Attack
🇸🇪 webbfabriken	2024-07-22 08:06:22 (1 year ago)	spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbf ... show more spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbfabiken Security API - WFSecAPI show less	Web Spam
🇺🇸 drewf.ink	2024-07-22 07:47:57 (1 year ago)	[07:47] Port scanning. Port(s) scanned: TCP/3389	Port Scan
🇩🇪 IP Analyzer	2024-07-22 07:01:28 (1 year ago)	Unauthorized connection attempt from IP address 194.59.31.99 on Port 443	Port Scan

Showing 1 to 15 of 1611 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 188.247.54.50

🇺🇸 162.216.149.20

🇩🇪 151.243.11.35

🇺🇸 66.132.172.237

🇮🇶 65.20.237.119

🇮🇳 223.185.59.66

🇭🇰 203.91.72.190

🇨🇱 200.89.69.247

🇺🇸 184.105.139.69

🇵🇰 116.71.136.125

🇫🇷 91.231.89.184

🇷🇺 46.138.40.155

🇳🇱 45.198.224.187

🇳🇱 45.148.10.151

🇩🇪 45.135.194.113

🇮🇹 37.182.178.51

🇮🇳 157.32.200.148

🇨🇳 111.12.152.230

🇮🇳 103.168.57.31

🇷🇺 95.188.91.101