AbuseIPDB » 31.59.20.170
31.59.20.170
This IP was reported 7 times. Confidence of
Abuse
is 0% : ?
ISP
PT Goer Network Indonesia
Usage Type
Data Center/Web Hosting/Transit
ASN
AS205544
Domain Name
atharva.co.id
Country
๐ฌ๐ง
United Kingdom of Great Britain and Northern Ireland
City
London, England
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 31.59.20.170 :
This IP address has been reported a total of
7
times from
6 distinct
sources.
31.59.20.170 was first reported on
January 19th 2021 , and the most recent report was
4 months ago
Old Reports:
The most recent abuse report for this IP address is from
4 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-01-27 02:37:05
(4 months ago)
(mod_security) mod_security (id:221260) triggered by 31.59.20.170 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:221260) triggered by 31.59.20.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:34:36.515515 2026] [security2:error] [pid 23296:tid 23320] [client 31.59.20.170:56901] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpanel.kettlehill.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/cgi-bin/test"] [unique_id "aXgkPEnBpq4P6Y3u9V76OgAAANQ"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 22:31:05
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 31.59.20.170 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.59.20.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 17:30:59.335184 2026] [security2:error] [pid 10747:tid 10747] [client 31.59.20.170:39487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.svn/entries"] [unique_id "aWwNo27YANKwEuMIfdMJcAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2025-01-20 18:06:43
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ช
nyuuzyou
2024-12-14 03:49:29
(1 year ago)
Intensive scraping: /web?s=%22Contact%20MyBB%20Group%22%20depuis&scraper=mwmbl. User-Agent: Mozilla/ ...
show more
Intensive scraping: /web?s=%22Contact%20MyBB%20Group%22%20depuis&scraper=mwmbl. User-Agent: Mozilla/5.0 (X11; Linux i686; rv:114.0) Gecko/20100101 Firefox/114.0.
show less
Bad Web Bot
2024-12-06 03:10:01
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ง๐ช
PBI
2021-01-25 15:57:06
(5 years ago)
mail auth brute force
Brute-Force
๐ท๐ธ
Smel
2021-01-19 17:50:10
(5 years ago)
SMTP/25/465/587 Probe, BadAuth, SPAM, Hack -
Email Spam
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: