JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.59.33.139

31.59.33.139 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	PT Goer Network Indonesia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS205544
Domain Name	atharva.co.id
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.59.33.139

Whois 31.59.33.139

IP Abuse Reports for 31.59.33.139:

This IP address has been reported a total of 13 times from 5 distinct sources. 31.59.33.139 was first reported on January 25th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 kiokoman	2026-04-07 23:05:28 (2 months ago)	Apr 8 01:05:27 nanto dovecot: imap-login: Disconnected: Aborted login by logging out (auth failed, ... show more Apr 8 01:05:27 nanto dovecot: imap-login: Disconnected: Aborted login by logging out (auth failed, 1 attempts in 2 secs): user=<guest>, method=PLAIN, rip=31.59.33.139, lip=172.17.0.100, TLS, session=<jqWP0eZO36wfOyGL> ... show less	Email Spam
🇺🇸 TPI-Abuse	2026-03-01 20:13:44 (3 months ago)	(mod_security) mod_security (id:211190) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:11:54.541412 2026] [security2:error] [pid 3623:tid 3722] [client 31.59.33.139:42833] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.com"] [uri "/wp-content/plugins/tera-charts/charts/zoomabletreemap.php"] [unique_id "aaSdil4WolzQRuAXATJyBAAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 cheatmaster.store	2026-02-25 23:10:31 (4 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: United Kingdom Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 06:29:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:29:44.961844 2026] [security2:error] [pid 21080:tid 21080] [client 31.59.33.139:34339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/assets../.git/config"] [unique_id "aWssWGwh3YjW6Vr9UFNBMgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:33:05 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:33:01.392983 2025] [security2:error] [pid 29977:tid 29990] [client 31.59.33.139:36427] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.net\|F\|2"] [data ".kettlehill.net.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.net"] [uri "/www.kettlehill.net.db"] [unique_id "aVLXbTWelXmsIDHwJWbY-gAAAYs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:33:24 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:33:19.514643 2025] [security2:error] [pid 21636:tid 21636] [client 31.59.33.139:50887] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/MyErrors.log"] [unique_id "aS93P0d6q4X6k8Y9uy3D9QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:15:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:15:32.379311 2025] [security2:error] [pid 8488:tid 8566] [client 31.59.33.139:42727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/.git/config"] [unique_id "aS0yhNZHHfu_5jcVG6pkUgAAAYs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 10:36:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:36:32.264587 2025] [security2:error] [pid 10315:tid 10315] [client 31.59.33.139:42855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-content/plugins/wpsite-background-takeover/exports/download.php"] [unique_id "aRW0sHnGdOzP-__lF4wfwAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:42:03 (8 months ago)	(mod_security) mod_security (id:212750) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:212750) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:41:49.088210 2025] [security2:error] [pid 31612:tid 31748] [client 31.59.33.139:56311] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|www.kettlehill.com:443\|F\|2"] [data "Matched Data: onload= found within REQUEST_URI: /control/stream?contentid='\\x5c\\x22><svg/onload=alert(/xss/)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.com"] [uri "/control/stream"] [unique_id "aN09rfVYIT9TWn2lWzJoXwAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:10:58 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:10:23.971898 2025] [security2:error] [pid 146057:tid 146129] [client 31.59.33.139:54133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.net"] [uri "/.env.dev"] [unique_id "aIVubwtdUXc7wYRdaLO4XAAAAYM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-24 01:06:18 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 19:25:52 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.59.33.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 15:25:44.759432 2025] [security2:error] [pid 3288988:tid 3288988] [client 31.59.33.139:40725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.env.backup"] [unique_id "aDi0uFB9tn33tl8SRi3iZAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 19:10:02 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 194.165.16.166

🇫🇮 147.185.133.40

🇺🇸 147.185.132.81

🇺🇸 147.185.132.76

🇱🇻 81.30.98.44

🇳🇱 45.148.10.62

🇬🇧 35.203.210.94

🇪🇸 5.182.83.231

🇺🇸 205.210.31.84

🇷🇺 194.50.127.135

🇬🇧 188.240.59.37

🇺🇸 172.215.144.32

🇨🇳 171.108.182.210

🇺🇸 147.185.132.70

🇳🇱 88.210.63.69

🇫🇷 85.217.140.52

🇭🇰 74.125.179.151

🇺🇸 71.6.237.169

🇱🇹 45.227.254.170

🇹🇷 45.133.36.59