AbuseIPDB » 31.58.18.163
31.58.18.163
This IP was reported 7 times. Confidence of
Abuse
is 0% : ?
ISP
PT Goer Network Indonesia
Usage Type
Data Center/Web Hosting/Transit
ASN
AS205544
Domain Name
atharva.co.id
Country
๐ฌ๐ง
United Kingdom of Great Britain and Northern Ireland
City
London, England
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 31.58.18.163 :
This IP address has been reported a total of
7
times from
3 distinct
sources.
31.58.18.163 was first reported on
June 1st 2025 , and the most recent report was
3 months ago
Old Reports:
The most recent abuse report for this IP address is from
3 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
HandyTreff.de
2026-02-21 17:41:13
(3 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -41.431 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -41.431 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-01-16 19:11:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 14:11:03.309360 2026] [security2:error] [pid 18946:tid 18946] [client 31.58.18.163:54179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nbcnewsradio.com"] [uri "/.env.save"] [unique_id "aWqNR8g7l2QEebM9kPfIbgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 18:11:17
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 14:11:12.162535 2025] [security2:error] [pid 28909:tid 28931] [client 31.58.18.163:41403] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.staging.kettlehill.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/404.php.bak"] [unique_id "aN1uwMqzZow6xCeNbL4HygAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SCHAPPY
2025-09-17 17:00:17
(8 months ago)
IP was involved in L7 DDoS attack.
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-08-01 08:45:34
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 04:45:28.212926 2025] [security2:error] [pid 3904812:tid 3904978] [client 31.58.18.163:45695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kettlehill.net"] [uri "/sftp-config.json"] [unique_id "aIx-qOifMJM5rDs5casrUQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-01 13:39:24
(1 year ago)
(mod_security) mod_security (id:248270) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:248270) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 09:39:18.217869 2025] [security2:error] [pid 2844919:tid 2844919] [client 31.58.18.163:51311] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?|rmi|dns|iiop|nis|nds|corba|\\\\$\\\\{(?:lower|upper)):" at ARGS:x. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j||nbcnewsradio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nbcnewsradio.com"] [uri "/"] [unique_id "aDxYBidSFpAkF2LrLtb8AAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-01 08:40:19
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 31.58.18.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 04:40:13.031475 2025] [security2:error] [pid 2863390:tid 2863527] [client 31.58.18.163:45877] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kettlehill.kettlehill.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/ssl/localhost.key"] [unique_id "aDwR7Ymk0cNjkOYTn0LYGAAAANc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: