JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.58.29.22

31.58.29.22 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	PT Goer Network Indonesia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS397423
Domain Name	atharva.co.id
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.58.29.22

Whois 31.58.29.22

IP Abuse Reports for 31.58.29.22:

This IP address has been reported a total of 9 times from 3 distinct sources. 31.58.29.22 was first reported on February 8th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 00:22:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:21:03.597770 2026] [security2:error] [pid 4823:tid 4823] [client 31.58.29.22:45213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.dev"] [unique_id "aWrV7_n7f-i6g1UHHgZAQwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:07:38 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211190) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:07:28.164557 2025] [security2:error] [pid 22842:tid 23024] [client 31.58.29.22:57575] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /comm.php?id=../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.com"] [uri "/comm.php"] [unique_id "aVLRcFKoonkfA7MmLZcR5AAAARM"], referer: http://www.kettlehill.com/comm.php?id=../../../../../../../../../../etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 23:47:37 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:221260) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 18:47:29.953151 2025] [security2:error] [pid 20156:tid 20167] [client 31.58.29.22:47595] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.com"] [uri "/debug.cgi"] [unique_id "aSjjEf86Ku6eT0yxFdVfeQAAAIY"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 02:01:50 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 22:01:45.706325 2025] [security2:error] [pid 729657:tid 729705] [client 31.58.29.22:46917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.net"] [uri "/.svn/entries"] [unique_id "aIWIiRUVDjlJfvQpjEJeZwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 21:08:52 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 17:08:49.210583 2025] [security2:error] [pid 3516171:tid 3516171] [client 31.58.29.22:34395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.whm"] [unique_id "aDjM4UeI94-CPaxEX7v0BQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 14:13:07 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:221260) triggered by 31.58.29.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:12:41.933707 2025] [security2:error] [pid 13564:tid 13613] [client 31.58.29.22:38947] [client 31.58.29.22] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|autodiscover.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kettlehill.net"] [uri "/"] [unique_id "Z8By2R1H7NLw7pprsrFQtQAAAUU"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 15:50:44 (1 year ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack
🇿🇦 IrisFlower	2023-05-22 21:58:12 (3 years ago)	Unauthorized connection attempt detected from IP address 31.58.29.22 to port 80 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2023-02-08 00:08:05 (3 years ago)	Unauthorized connection attempt detected from IP address 31.58.29.22 to port 8080 [J]	Port Scan Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 195.35.4.24

🇺🇸 66.55.64.204

🇳🇱 45.148.10.147

🇳🇱 5.255.122.197

🇩🇪 213.209.159.226

🇹🇷 212.87.199.64

🇮🇹 188.152.238.126

🇨🇳 182.117.70.69

🇧🇷 179.93.178.1

🇨🇳 157.0.0.10

🇺🇸 66.132.224.26

🇧🇪 35.210.61.208

🇩🇪 34.179.214.253

🇮🇩 34.128.93.18

🇻🇳 27.71.230.31

🇮🇳 2a02:4780:11:1974:0:3266:f462:1

🇧🇷 205.210.31.182

🇬🇧 185.247.137.58

🇭🇰 165.154.1.18

🇮🇳 125.23.203.138