JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.13.190.2

31.13.190.2 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 19%: ?

19%

ISP	M247 LTD Frankfurt Infrastructure
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	m247.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.13.190.2

Whois 31.13.190.2

IP Abuse Reports for 31.13.190.2:

This IP address has been reported a total of 53 times from 24 distinct sources. 31.13.190.2 was first reported on July 31st 2025, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-05-18 04:54:27 (4 weeks ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -40.541 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -40.541 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/122.0 show less	Web App Attack Bad Web Bot
🇺🇸 xmission.com	2026-05-09 13:37:39 (1 month ago)	Blocked by UFW (TCP on 46262) Source port: 39427 TTL: 43 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 46262) Source port: 39427 TTL: 43 Packet length: 60 TOS: 0x08 This report (for 31.13.190.2) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 sumnone	2026-05-01 13:55:16 (1 month ago)	Port probing on unauthorized port 2086	Port Scan Hacking Exploited Host
Anonymous	2026-04-30 06:36:34 (1 month ago)	REPM WEBFORM SPAM 31.13.190.2 (31.13.190.2)	Web Spam
Anonymous	2026-04-29 04:42:47 (1 month ago)	Try to connect to Port_Scan_8888_stealth	Port Scan
🇨🇳 pengpeng	2026-04-10 00:12:09 (2 months ago)	monitor: on VM-0-7-ubuntu \| port: 34263 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 34263 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-08 08:00:22 (2 months ago)	suspicious request in access.log	Web App Attack
🇫🇷 IRISIO	2026-04-06 22:09:06 (2 months ago)	scans/SQL injection/spam posts : 5 queries	Web App Attack SQL Injection
🇩🇪 HandyTreff.de	2026-04-02 10:54:02 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -66.42 (Bad < -10 / Very Bad < -20 / ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -66.42 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Sa show less	Web App Attack Bad Web Bot
🇫🇷 IRISIO	2026-04-02 08:32:41 (2 months ago)	scans/SQL injection/spam posts : 3 queries	Web App Attack SQL Injection
🇫🇷 IRISIO	2026-03-31 09:47:59 (2 months ago)	scans/SQL injection/spam posts : 1 queries	Web App Attack SQL Injection
🇺🇸 xmission.com	2026-03-30 19:02:36 (2 months ago)	Blocked by UFW (TCP on 396) Source port: 50604 TTL: 237 Packet length: 40 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 396) Source port: 50604 TTL: 237 Packet length: 40 TOS: 0x00 This report (for 31.13.190.2) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Starburst SysOp Team	2026-03-24 16:56:48 (2 months ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-stl2-17) show less	Hacking
🇺🇸 TPI-Abuse	2026-03-21 03:00:08 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 31.13.190.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.13.190.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 22:58:24.375025 2026] [security2:error] [pid 29934:tid 29934] [client 31.13.190.2:34610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.modmove.com"] [uri "/.env.backup"] [unique_id "ab4JUGG7MLBKsKRrqcmMQwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-21 01:00:08 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 31.13.190.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.13.190.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 20:59:14.452463 2026] [security2:error] [pid 8132:tid 8132] [client 31.13.190.2:39440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.disenowebprofesional.com"] [uri "/.wp-config.php.swp"] [unique_id "ab3tYjeWsD6vxHAwCPV07QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 118.33.113.91

🇺🇸 104.152.52.215

🇮🇩 103.249.19.137

🇮🇳 103.106.232.28

🇳🇬 102.88.137.213

🇺🇸 91.230.168.32

🇨🇦 85.217.149.36

🇮🇩 69.5.23.222

🇪🇬 62.193.91.121

🇸🇬 45.78.235.96

🇧🇪 34.38.149.165

🇮🇩 202.155.157.145

🇦🇷 200.89.159.59

🇵🇦 200.46.177.242

🇩🇪 151.243.11.37

🇺🇸 138.113.23.170

🇮🇳 135.235.138.43

🇰🇷 110.14.190.221

🇺🇸 74.125.17.248

🇻🇳 42.116.119.34