JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.59.33.132

31.59.33.132 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 15%: ?

15%

ISP	PT Goer Network Indonesia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS205544
Domain Name	atharva.co.id
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.59.33.132

Whois 31.59.33.132

IP Abuse Reports for 31.59.33.132:

This IP address has been reported a total of 11 times from 5 distinct sources. 31.59.33.132 was first reported on January 15th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Blue Pumpkin	2026-06-16 23:32:56 (1 week ago)	31.59.33.132 - - [16/Jun/2026:23:32:54 +0000] "GET /component/comprofiler/userprofile/Bone HTTP/1.1" ... show more 31.59.33.132 - - [16/Jun/2026:23:32:54 +0000] "GET /component/comprofiler/userprofile/Bone HTTP/1.1" 200 13304 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-01 01:47:58 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:46:22.770280 2026] [security2:error] [pid 11733:tid 12057] [client 31.59.33.132:43375] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/wp-content/mysql.sql"] [unique_id "ahzkbh1bJq1aGF8ItKdehQAAAEA"], referer: https://www.kettlehill.com/wp-content/mysql.sql show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 13:35:13 (1 month ago)	LH-Watcher: FAKE_ID [Fake Googlebot]	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-29 18:06:48 (5 months ago)	(mod_security) mod_security (id:212880) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:212880) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:06:39.927349 2025] [security2:error] [pid 12486:tid 12529] [client 31.59.33.132:51625] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:<style.{0,399}?>.{0,399}?(?:@[i\\\\\\\\]\|(?:[:=]\|&#x?0(?:58\|3A\|61\|3D);?).{0,399}?(?:[(\\\\\\\\]\|&#x?0(?:40\|28\|92\|5C);?)))" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "95"] [id "212880"] [rev "4"] [msg "COMODO WAF: IE XSS Filters - Attack Detected.\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: 31.59.33.132 found within MATCHED_VAR: <style><j:jelly xmlns:j=\\x22jelly\\x22 xmlns:g='glide'><g:evaluate>gs.adderrormessage(13371337);</g:evaluate></j:jelly></style>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.kettlehill.com"] [uri "/login.do"] [unique_id "aVLDL5Einm-CivtncBSbtwAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 14:32:29 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 09:32:24.941175 2025] [security2:error] [pid 19202:tid 19202] [client 31.59.33.132:46907] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".cs"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/nonauth/guestConfirm.cs"] [unique_id "aRXr-MRfBCznpWAA_ubqzAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 17:28:20 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 13:28:17.237333 2025] [security2:error] [pid 30110:tid 30157] [client 31.59.33.132:56115] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/log.log"] [unique_id "aN1ksckWrLLgoGKIU59SvAAAAcw"], referer: http://ftp.kettlehill.com/log.log show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:16:46 (11 months ago)	(mod_security) mod_security (id:212620) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:212620) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:16:39.259197 2025] [security2:error] [pid 172229:tid 172478] [client 31.59.33.132:34859] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /api/api.php/<script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.net"] [uri "/api/api.php/<script>alert(document.domain)</script>"] [unique_id "aIVv5-Zd-uShJ73phjvlQQAAAQ0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-22 20:30:45 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 21:33:36 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 17:33:30.832143 2025] [security2:error] [pid 3552882:tid 3552882] [client 31.59.33.132:55585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/.env.stage"] [unique_id "aDjSqi36qPKGhFDCdETzZAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:29:25 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 31.59.33.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:29:04.468875 2025] [security2:error] [pid 26434:tid 26449] [client 31.59.33.132:45545] [client 31.59.33.132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.blog.spinningdesigns.com\|F\|2"] [data ".blog.spinningdesigns.com.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blog.spinningdesigns.com"] [uri "/www.blog.spinningdesigns.com.db"] [unique_id "aAM0oEBDF0hFmouiiEBHRAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 09:30:12 (1 year ago)	\| Shellshock attack detected	Hacking SQL Injection Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.224.20

🇭🇰 194.187.178.57

🇧🇷 189.51.35.106

🇫🇷 172.71.135.15

🇲🇾 149.118.135.252

🇳🇱 128.90.128.9

🇨🇳 116.167.200.124

🇳🇱 91.92.42.61

🇺🇸 74.235.100.0

🇧🇷 45.160.231.26

🇳🇱 45.148.10.151

🇨🇳 43.248.108.217

🇨🇳 36.35.165.20

🇧🇷 189.51.34.253

🇧🇷 177.37.18.8

🇩🇪 167.94.146.44

🇩🇪 161.35.25.211

🇨🇳 125.94.106.113

🇫🇷 85.217.140.12

🇵🇭 61.9.8.127