JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.58.9.158

116.58.9.158 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 73%: ?

73%

ISP	NEXLINX NETWORKS (PVT) LIMITED
Usage Type	Fixed Line ISP
ASN	AS17563
Hostname(s)	116-58-9-158.nexlinx.net.pk
Domain Name	nexlinx.net.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.58.9.158

Whois 116.58.9.158

IP Abuse Reports for 116.58.9.158:

This IP address has been reported a total of 16 times from 14 distinct sources. 116.58.9.158 was first reported on June 6th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-18 08:05:26 (1 hour ago)	(xmlrpc) Apache: Failed xmlrpc access from 116.58.9.158 (PK/Pakistan/116-58-9-158.nexlinx.net.pk): 1 ... show more (xmlrpc) Apache: Failed xmlrpc access from 116.58.9.158 (PK/Pakistan/116-58-9-158.nexlinx.net.pk): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-14 18:27:29 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 116.58.9.158 (116-58-9-158.nexlinx.net.pk): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 116.58.9.158 (116-58-9-158.nexlinx.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:27:23.834567 2026] [security2:error] [pid 24960:tid 24960] [client 116.58.9.158:59887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|allotrope.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "allotrope.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai7yi5n6dnUZDxEN9DSQgQAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 findlab	2026-06-14 14:20:02 (3 days ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 12:22:59 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 116.58.9.158 (116-58-9-158.nexlinx.net.pk): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 116.58.9.158 (116-58-9-158.nexlinx.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:22:55.263069 2026] [security2:error] [pid 2816:tid 2816] [client 116.58.9.158:50167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|realdoctorstories.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "realdoctorstories.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai6dH1X6Hv_wll4j-P56kQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-13 18:22:28 (4 days ago)	[SatJun1320:22:24.9810902026][security2:error][pid1497514:tid1497585][client116.58.9.158:0]ModSecuri ... show more [SatJun1320:22:24.9810902026][security2:error][pid1497514:tid1497585][client116.58.9.158:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"atelier-lara.ch\"][uri\"/xmlrpc.php\"][unique_id\"ai2f4KJPOen8yVEUllv7VQAAAIk\"] show less	Port Scan Brute-Force Web App Attack
🇮🇹 Progetto1	2026-06-13 14:25:03 (4 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇩🇪 LRob.fr	2026-06-12 06:45:15 (6 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-11 10:05:07 (6 days ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-11 04:06:04 (1 week ago)	Trying to access config files	Web App Attack
🇩🇪 4server	2026-06-10 08:27:20 (1 week ago)	[WedJun1010:27:16.1726042026][security2:error][pid62085:tid62222][client116.58.9.158:0]ModSecurity:A ... show more [WedJun1010:27:16.1726042026][security2:error][pid62085:tid62222][client116.58.9.158:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"ci-ticino.ch\"][uri\"/xmlrpc.php\"][unique_id\"aikf5G_bqOy1H3fRXOEwHQAAARM\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-09 09:05:09 (1 week ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (12/60 min)'; Requests=12	Port Scan
🇦🇺 screwlooseit.com.au	2026-06-08 07:00:01 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PK/Pakistan/116-58-9-158.nexlinx.net.pk	Web App Attack
🇩🇪 stinpriza	2026-06-06 18:59:21 (1 week ago)	Web App Attack	Web App Attack
Anonymous	2026-06-06 15:00:48 (1 week ago)	Web App Attack, Hacking	Hacking Web App Attack
🇸🇬 securejdprop	2026-06-06 13:31:58 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 157.66.80.97

🇲🇾 202.165.29.123

🇨🇳 171.43.134.254

🇸🇬 156.146.56.131

🇮🇳 122.187.229.220

🇨🇳 119.123.31.23

🇲🇦 105.154.92.225

🇷🇺 95.215.108.47

🇺🇸 91.230.168.17

🇳🇱 91.92.40.5

🇳🇱 87.121.79.250

🇦🇷 45.178.70.3

🇭🇰 8.218.43.108

🇨🇳 122.51.196.162

🇳🇱 81.19.216.107

🇨🇳 42.231.93.232

🇺🇸 8.229.76.116

🇨🇳 218.23.95.9

🇬🇾 181.41.71.81

🇨🇳 123.245.85.201