JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.58.43.34

116.58.43.34 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 48%: ?

48%

ISP	NEXLINX NETWORKS (PVT) LIMITED
Usage Type	Fixed Line ISP
ASN	AS17563
Hostname(s)	exchange.wasalhr.pk
Domain Name	nexlinx.net.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.58.43.34

Whois 116.58.43.34

IP Abuse Reports for 116.58.43.34:

This IP address has been reported a total of 76 times from 26 distinct sources. 116.58.43.34 was first reported on February 27th 2021, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Nick Lewis	2026-06-05 06:27:36 (23 hours ago)	(wordpress) Failed wordpress login from 116.58.43.34 (PK/Pakistan/exchange.wasalhr.pk)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 06:27:33 (23 hours ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:27:27.831459 2026] [security2:error] [pid 29916:tid 29916] [client 116.58.43.34:52176] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|apuntesdeinversion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "aiJsT-nSlSqHsC5Y3LzG0QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 05:41:05 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 01:41:01.986757 2026] [security2:error] [pid 17760:tid 17820] [client 116.58.43.34:54105] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|landmarkocchealth.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "landmarkocchealth.com"] [uri "/xmlrpc.php"] [unique_id "aiJhbYHDjVBY4pi2dzNopAAAAcE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 08:46:16 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:46:07.737173 2026] [security2:error] [pid 14234:tid 14294] [client 116.58.43.34:58599] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|morganswarsong.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "morganswarsong.com"] [uri "/xmlrpc.php"] [unique_id "aiE7T7hm3Hvf8DRahW-jaAAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 07:06:50 (1 day ago)	(wordpress) Failed wordpress login from 116.58.43.34 (PK/Pakistan/Punjab/-/exchange.wasalhr.pk/[reda ... show more (wordpress) Failed wordpress login from 116.58.43.34 (PK/Pakistan/Punjab/-/exchange.wasalhr.pk/[redacted]) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-01 08:50:32 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 04:50:24.338903 2026] [security2:error] [pid 19801:tid 19801] [client 116.58.43.34:54136] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|varnadorefamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "varnadorefamily.com"] [uri "/xmlrpc.php"] [unique_id "ah1H0AqZD-2wH9pKU5jObgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 10:41:25 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 06:41:19.265218 2026] [security2:error] [pid 29801:tid 29801] [client 116.58.43.34:52115] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|modalsoftware.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modalsoftware.com"] [uri "/xmlrpc.php"] [unique_id "ahQnTwPa3qJEPqOVa5RMbgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-25 06:33:13 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-23 07:08:46 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 03:08:38.262425 2026] [security2:error] [pid 20178:tid 20178] [client 116.58.43.34:56732] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|roguetechtalks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechtalks.com"] [uri "/xmlrpc.php"] [unique_id "ahFSdspSc0KgYBAP-3tRPQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 07:56:17 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-21 04:36:10 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-20 04:43:14 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.58.43.34 (exchange.wasalhr.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 00:43:06.443861 2026] [security2:error] [pid 24409:tid 24431] [client 116.58.43.34:65055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.58.43.34 (+1 hits since last alert)\|lancasterdesignercraftsmen.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lancasterdesignercraftsmen.org"] [uri "/xmlrpc.php"] [unique_id "ag072lSULTyRws6ldY-IdwAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-19 11:06:48 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-18 05:05:14 (2 weeks ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (101/60 min)'; Requests=101	Port Scan
🇩🇪 Marc	2026-05-08 05:48:48 (4 weeks ago)		Brute-Force Web App Attack

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 172.98.168.253

🇺🇸 71.6.199.87

🇺🇸 47.253.205.161

🇨🇳 203.56.198.45

🇧🇪 198.235.24.255

🇬🇧 193.176.29.27

🇬🇧 193.176.29.22

🇨🇳 182.42.93.139

🇩🇪 167.94.146.48

🇫🇮 147.185.133.192

🇫🇮 147.185.133.165

🇨🇳 117.146.110.78

🇷🇴 80.94.92.182

🇺🇸 47.42.131.93

🇳🇱 45.148.10.183

🇬🇧 35.203.210.75

🇬🇧 31.14.254.115

🇨🇳 27.153.157.138

🇩🇪 213.209.159.236

🇩🇪 213.209.159.231