JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.94.208.36

158.94.208.36 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 100%: ?

100%

ISP	OMEGATECH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202412
Domain Name	omegatech.sc
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.94.208.36

Whois 158.94.208.36

IP Abuse Reports for 158.94.208.36:

This IP address has been reported a total of 154 times from 92 distinct sources. 158.94.208.36 was first reported on May 29th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BlueWire Hosting	2026-06-10 07:13:38 (1 hour ago)	Probing websites for vulnerabilities	Web App Attack
🇦🇺 2000cn.com.au	2026-06-10 05:36:42 (3 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇪🇸 el-brujo	2026-06-10 05:29:04 (3 hours ago)	Cloudflare WAF: Request Path: /dump.bak Request Query: Host: hwagm.elhacker.net userAgent: python-h ... show more Cloudflare WAF: Request Path: /dump.bak Request Query: Host: hwagm.elhacker.net userAgent: python-httpx/0.28.1 Action: block Source: firewallManaged ASN Description: Omegatech LTD Country: DE Method: GET Timestamp: 2026-06-10T05:29:04Z ruleId: c04705c7adee4ce3a763bd5e18135e0c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 securejdprop	2026-06-10 04:43:34 (4 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 31). Ip 158.94.208.36 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-10 04:43:33.256134996 +0000 UTC show less	Hacking Web App Attack
🇧🇷 SOC PR	2026-06-10 04:12:56 (4 hours ago)	IPS: Suspicious URL access.	Hacking
🇬🇧 SilverZippo	2026-06-10 03:44:12 (5 hours ago)	Web App Attack	Web App Attack
🇺🇸 mw	2026-06-10 03:35:02 (5 hours ago)	GET /.env HTTP/1.1	Web App Attack
🇩🇪 raph	2026-06-10 02:54:07 (5 hours ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇫🇷 Eldeberen	2026-06-10 01:53:26 (6 hours ago)	Vulnerability scan attempt through HTTP protocol	Web App Attack
🇩🇪 macrob	2026-06-10 01:51:27 (6 hours ago)	2026/06/10 01:51:26 [error] 1824566#1824566: 293866398 access forbidden by rule, client: 158.94.208 ... show more 2026/06/10 01:51:26 [error] 1824566#1824566: 293866398 access forbidden by rule, client: 158.94.208.36, server: fn.binixo.es, request: "GET /.env HTTP/1.1", host: "172.104.245.160" 2026/06/10 01:51:26 [error] 1824566#1824566: 293866401 access forbidden by rule, client: 158.94.208.36, server: fn.binixo.es, request: "GET /.env.local HTTP/1.1", host: "172.104.245.160" 2026/06/10 01:51:26 [error] 1824566#1824566: 293866404 access forbidden by rule, client: 158.94.208.36, server: fn.binixo.es, request: "GET /.env.production HTTP/1.1", host: "172.104.245.160" ... show less	Web App Attack
🇩🇪 MusicLibrary	2026-06-10 01:49:15 (6 hours ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
Anonymous	2026-06-10 01:07:09 (7 hours ago)	(caddyscan) Scanner path probe from 158.94.208.36 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 158.94.208.36 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 207.148.6.135 200 2627 158.94.208.36 - - [10/Jun/2026:01:07:04 +0000] "GET /.env HTTP/1.1" 207.148.6.135 200 2627 158.94.208.36 - - [10/Jun/2026:01:07:05 +0000] "GET /.env.local HTTP/1.1" 207.148.6.135 200 2627 158.94.208.36 - - [10/Jun/2026:01:07:06 +0000] "GET /.env.production HTTP/1.1" 207.148.6.135 200 2627 158.94.208.36 - - [10/Jun/2026:01:07:06 +0000] "GET /.env.development HTTP/1.1" 207.148.6.135 200 2627 158.94.208.36 - - [10/Jun/2026:01:07:07 +0000] "GET /.env.staging HTTP/1.1" show less	Port Scan
🇬🇧 Smish	2026-06-10 00:51:54 (7 hours ago)	HONEYPOT HIT --> Fail2ban time=1781052712 log=2026-06-10T01:51:52+01:00 ip=158.94.208.36 host=89.39. ... show more HONEYPOT HIT --> Fail2ban time=1781052712 log=2026-06-10T01:51:52+01:00 ip=158.94.208.36 host=89.39.211.6 method=GET uri="/.env" status=404 ua="python-httpx/0.28.1" ref="-" rid=b8effe2132ac19a77b29bbdfd467a524 show less	Web App Attack
🇩🇪 paissangroup	2026-06-10 00:41:47 (8 hours ago)	Multiple WAF Violations	Web App Attack
🇩🇪 london2038.com	2026-06-10 00:41:07 (8 hours ago)	Probing for exploits 158.94.208.36 - - [10/Jun/2026:02:41:02 +0200] "GET /.env HTTP/1.1" 422 0 "-" " ... show more Probing for exploits 158.94.208.36 - - [10/Jun/2026:02:41:02 +0200] "GET /.env HTTP/1.1" 422 0 "-" "python-httpx/0.28.1" 158.94.208.36 - - [10/Jun/2026:02:41:03 +0200] "GET /.env.local HTTP/1.1" 422 0 "-" "python-httpx/0.28.1" show less	Hacking Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.172.191

🇺🇸 162.216.150.187

🇨🇳 115.231.221.169

🇨🇳 114.250.44.71

🇷🇴 80.94.92.184

🇷🇴 80.94.92.168

🇱🇹 77.90.185.33

🇫🇮 46.62.157.119

🇧🇷 45.205.1.73

🇳🇱 45.148.10.200

🇸🇬 45.82.78.106

🇧🇪 35.187.16.254

🇨🇳 14.103.54.150

🇸🇬 8.219.166.162

🇺🇸 216.218.206.100

🇧🇪 198.235.24.145

🇩🇪 134.122.93.100

🇹🇼 114.34.106.146

🇺🇸 104.232.79.58

🇯🇵 43.165.170.19