JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.58.29.140

31.58.29.140 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	PT Goer Network Indonesia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS397423
Domain Name	atharva.co.id
Country	🇺🇸 United States of America
City	SeaTac, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.58.29.140

Whois 31.58.29.140

IP Abuse Reports for 31.58.29.140:

This IP address has been reported a total of 9 times from 5 distinct sources. 31.58.29.140 was first reported on April 7th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 03:02:27 (4 months ago)	(mod_security) mod_security (id:211190) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 22:02:23.073691 2026] [security2:error] [pid 1914:tid 1935] [client 31.58.29.140:40623] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3Eezht.txt"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/include/exportUser.php"] [unique_id "aXgqv8Pq0E0MroPkyLy8mwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 00:22:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:21:03.995755 2026] [security2:error] [pid 8451:tid 8451] [client 31.58.29.140:46553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.prod"] [unique_id "aWrV7xvMNi1rSvr_g8NQpQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:56:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:55:54.685563 2025] [security2:error] [pid 26423:tid 26423] [client 31.58.29.140:49673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env"] [unique_id "aRWdGkYjqOA5UDb1kzsotgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:56:49 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:56:10.707634 2025] [security2:error] [pid 24710:tid 24836] [client 31.58.29.140:39841] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webdisk.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/cgi-bin/test-cgi"] [unique_id "aIVrGiSM-1e_BWGZtWaf-AAAAIw"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 21:16:50 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.58.29.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 17:16:43.564211 2025] [security2:error] [pid 3526133:tid 3526133] [client 31.58.29.140:37255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.farmers123.com"] [uri "/.env.development.local"] [unique_id "aDjOu6zcvr-EV-Gy1Jq1rgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-26 02:40:29 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇨🇳 ThreatBook.io	2023-04-24 22:19:51 (3 years ago)	ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/31.58.29.140 2023-04-24 06:3 ... show more ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/31.58.29.140 2023-04-24 06:37:26 / show less	Web App Attack
🇺🇸 RAP	2023-04-23 23:52:47 (3 years ago)	2023-04-23 23:52:47 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2023-04-07 20:50:27 (3 years ago)	Unsollicted Connect (1 Times)	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:10ff:7::

🇳🇱 45.148.10.5

🇩🇪 209.38.245.167

🇵🇰 203.101.186.149

🇺🇸 162.216.149.225

🇨🇳 121.18.117.198

🇮🇳 103.203.36.234

🇺🇸 100.29.192.16

🇳🇱 45.156.128.149

🇫🇮 45.128.235.246

🇦🇺 34.40.145.110

🇬🇧 31.14.254.77

🇻🇳 14.228.96.175

🇷🇴 2.57.121.112

🇺🇸 2a03:2880:10ff:71::

🇩🇪 213.95.191.47

🇳🇱 176.65.139.84

🇳🇱 45.148.10.204

🇳🇱 45.148.10.157

🇬🇧 35.203.211.132