JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.216.109.7

58.216.109.7 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 36%: ?

36%

ISP	CHINANET jiangsu province network
Usage Type	Fixed Line ISP
ASN	AS140293
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.216.109.7

Whois 58.216.109.7

IP Abuse Reports for 58.216.109.7:

This IP address has been reported a total of 24 times from 15 distinct sources. 58.216.109.7 was first reported on March 10th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-23 21:59:41 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-23	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-23 18:08:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 58.216.109.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 58.216.109.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 14:08:27.645027 2026] [security2:error] [pid 30694:tid 30694] [client 58.216.109.7:22943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apexhumanoidrobots.com"] [uri "/wp-config.php~"] [unique_id "ahHtG9TpuIl_btQTiLXRgAAAAAM"], referer: https://www.google.com/search?q=apexhumanoidrobots.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-05-11 01:05:22 (3 weeks ago)	[Mon May 11 11:04:44.741180 2026] [authz_core:error] [pid 2264217:tid 2264273] [client 58.216.109.7: ... show more [Mon May 11 11:04:44.741180 2026] [authz_core:error] [pid 2264217:tid 2264273] [client 58.216.109.7:58497] AH01630: client denied by server configuration: /srv/http/ [Mon May 11 11:05:18.472268 2026] [authz_core:error] [pid 2262809:tid 2262865] [client 58.216.109.7:65533] AH01630: client denied by server configuration: /srv/http/ [Mon May 11 11:05:20.961257 2026] [authz_core:error] [pid 2264217:tid 2264263] [client 58.216.109.7:34237] AH01630: client denied by server configuration: /srv/http/ ... show less	Brute-Force Web App Attack
🇺🇸 cheatmaster.store	2026-05-08 11:34:51 (4 weeks ago)	Proxy parsed from 58.216.109.7:800	Brute-Force SSH
🇸🇮 administrator	2026-05-04 16:57:59 (1 month ago)	2026-04-09 02:10:37,657 fail2ban.actions [1117]: NOTICE [apache-badbots] Ban 58.216.109.7 20 ... show more 2026-04-09 02:10:37,657 fail2ban.actions [1117]: NOTICE [apache-badbots] Ban 58.216.109.7 2026-04-09 02:10:37,657 fail2ban.actions [1117]: NOTICE [apache-badbots] Ban 58.216.109.7 2026-04-09 02:10:37,657 fail2ban.actions [1117]: NOTICE [apache-badbots] Ban 58.216.109.7 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-04-30 01:55:04 (1 month ago)	Blocked by CSF 13 firewall - Rule: PERMBLOCK CN/China/-	Web App Attack
🇦🇺 screwlooseit.com.au	2026-04-29 08:39:02 (1 month ago)	Blocked by CSF 13 firewall - Rule: CN/China/-	Web App Attack
🇦🇺 screwlooseit.com.au	2026-04-27 20:25:02 (1 month ago)	Blocked by CSF 13 firewall - Rule: CN/China/-	Web App Attack
🇵🇱 webadmin	2026-04-27 13:09:28 (1 month ago)	58.216.109.7 - - [27/Apr/2026:15:09:28 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216 ... show more 58.216.109.7 - - [27/Apr/2026:15:09:28 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [27/Apr/2026:15:09:28 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [27/Apr/2026:15:09:28 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [27/Apr/2026:15:09:28 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [27/Apr/2026:15:09:28 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" show less	Web App Attack
🇺🇸 octageeks.com	2026-04-27 04:06:21 (1 month ago)	Wordpress malicious attack:[octamissingdomain]	Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 22:31:46 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 58.216.109.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 58.216.109.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 18:31:39.932523 2026] [security2:error] [pid 13188:tid 13188] [client 58.216.109.7:25933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "balirealestateadvertiser.com"] [uri "/.env"] [unique_id "ae6SS3AgrfycXrYuIQAwZwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-21 03:36:51 (1 month ago)	Forum/form spam	Web Spam
🇺🇸 xmission.com	2026-04-19 13:20:52 (1 month ago)	58.216.109.7 - - [19/Apr/2026:06:45:37 -0600] "CONNECT www.dooce.com:443 HTTP/1.1" 400 150 "-" "-" 5 ... show more 58.216.109.7 - - [19/Apr/2026:06:45:37 -0600] "CONNECT www.dooce.com:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:07:17:04 -0600] "CONNECT www.dooce.com:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:07:17:36 -0600] "CONNECT www.dooce.com:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:07:18:08 -0600] "CONNECT www.dooce.com:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:07:20:52 -0600] "CONNECT www.dooce.com:443 HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇵🇱 webadmin	2026-04-19 02:59:02 (1 month ago)	58.216.109.7 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216 ... show more 58.216.109.7 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:04:59:02 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:04:59:02 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:04:59:02 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 58.216.109.7 - - [19/Apr/2026:04:59:02 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇩🇪 Skyrider	2026-04-17 18:42:16 (1 month ago)	crowdsecurity/http-open-proxy	Hacking

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 101.89.141.184

🇷🇴 92.118.39.236

🇻🇳 183.91.11.36

🇺🇸 147.185.132.187

🇫🇷 85.69.240.210

🇮🇷 37.255.239.81

🇺🇸 20.171.8.42

🇩🇪 213.209.159.227

🇩🇪 194.187.176.174

🇨🇳 182.138.158.248

🇺🇸 162.216.150.254

🇺🇸 107.175.23.48

🇦🇪 92.99.170.217

🇫🇷 91.134.255.222

🇨🇳 14.103.95.175

🇷🇴 2.57.121.25

🇺🇸 204.44.67.103

🇪🇸 196.196.150.6

🇵🇱 195.3.220.7

🇸🇬 194.164.107.4