JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.94.210.111

158.94.210.111 was found in our database!

This IP was reported 501 times. Confidence of Abuse is 100%: ?

100%

ISP	OMEGATECH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202412
Domain Name	omegatech.sc
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.94.210.111

Whois 158.94.210.111

IP Abuse Reports for 158.94.210.111:

This IP address has been reported a total of 501 times from 217 distinct sources. 158.94.210.111 was first reported on January 5th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-04 22:27:33 (3 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-03 22:27:26 (4 days ago)		Brute-Force Web App Attack
🇫🇷 LRNP	2026-06-03 16:04:53 (4 days ago)	_:80 158.94.210.111 - - [03/Jun/2026:16:04:52 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 ( ... show more _:80 158.94.210.111 - - [03/Jun/2026:16:04:52 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-03 13:18:44 (4 days ago)	158.94.210.111 - - [03/Jun/2026:13:18:43 +0000] "GET /.env HTTP/1.1" 302 489 "-" "Mozilla/5.0 (Macin ... show more 158.94.210.111 - - [03/Jun/2026:13:18:43 +0000] "GET /.env HTTP/1.1" 302 489 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-03 11:32:32 (4 days ago)	Kingcopy(AI-IDS) Report: IP automatically blocked after attack pattern. Vegas Security System	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 11:14:57 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 158.94.210.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.94.210.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:14:49.742225 2026] [security2:error] [pid 15953:tid 15953] [client 158.94.210.111:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/.env"] [unique_id "aiAMqW9fii4KEyi051X4aQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 macrob	2026-06-03 11:00:30 (4 days ago)	2026/06/03 11:00:29 [error] 787473#787473: 277884727 access forbidden by rule, client: 158.94.210.1 ... show more 2026/06/03 11:00:29 [error] 787473#787473: 277884727 access forbidden by rule, client: 158.94.210.111, server: finami.mx, request: "GET /.env HTTP/2.0", host: "finami.mx" 2026/06/03 11:00:29 [error] 787471#787471: 277886382 access forbidden by rule, client: 158.94.210.111, server: finami.mx, request: "GET /api/.env HTTP/2.0", host: "finami.mx" 2026/06/03 11:00:29 [error] 787473#787473: 277884697 access forbidden by rule, client: 158.94.210.111, server: finami.mx, request: "GET /laravel/.env HTTP/2.0", host: "finami.mx" ... show less	Web App Attack
🇸🇬 Starburst SysOp Team	2026-06-03 10:44:52 (4 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-sin2-2)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:25:24 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 158.94.210.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.94.210.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:25:20.690816 2026] [security2:error] [pid 23994:tid 23994] [client 158.94.210.111:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sportsbookcommission.com"] [uri "/.env"] [unique_id "aiABECfksFdOp-Y1gwqdjAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-01 22:28:05 (6 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-05-31 22:27:42 (1 week ago)		Brute-Force Web App Attack
🇳🇱 Eric	2026-05-31 10:26:41 (1 week ago)	[Sun May 31 10:26:40.230939 2026] [security2:error] [pid 2661373:tid 2661373] [client 158.94.210.111 ... show more [Sun May 31 10:26:40.230939 2026] [security2:error] [pid 2661373:tid 2661373] [client 158.94.210.111:0] [client 158.94.210.111] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "pop-the-slots.com"] [uri "/.env"] [unique_id "ahwM4BMHDaIS6B_cSOj-KAAAAAg"] [Sun May 31 10:26:40.898323 2026] [security2:error] [pid 3194218:tid 3194218] [client 158.94.210.111:0] [client 158.94.210.111] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [sev ... show less	Hacking Web App Attack
🇫🇷 Baking333	2026-05-31 09:35:57 (1 week ago)	[redacted] 158.94.210.111 - - [31/May/2026:10:35:53 +0100] "GET /.env HTTP/1.1" 302 5283 0/380178 "- ... show more [redacted] 158.94.210.111 - - [31/May/2026:10:35:53 +0100] "GET /.env HTTP/1.1" 302 5283 0/380178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" [redacted] 158.94.210.111 - - [31/May/2026:10:35:54 +0100] "GET /api/.env HTTP/1.1" 302 1586 0/561307 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-05-31 07:47:08 (1 week ago)	(mod_security-custom) mod_security (id:210492) triggered by 158.94.210.111 (NL/The Netherlands/North ... show more (mod_security-custom) mod_security (id:210492) triggered by 158.94.210.111 (NL/The Netherlands/North Holland/Amsterdam/-/[AS202412 OMEGATECH-AS]): 1 in the last 3600 secs (0-srv1) show less	Hacking
🇺🇸 S.O.B.A. Dev.	2026-05-31 06:58:22 (1 week ago)	Threat Blocked by BeeHive from (ASN:202412) (Network:Omegatech LTD) (Host:soba.dev) (Method:GET) (Pr ... show more Threat Blocked by BeeHive from (ASN:202412) (Network:Omegatech LTD) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-05-31T06:58:22Z) show less	Brute-Force Web Spam Web App Attack

Showing 1 to 15 of 501 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.240.59.7

🇮🇩 182.253.153.132

🇷🇴 80.94.95.115

🇩🇪 47.245.133.99

🇬🇧 217.146.80.103

🇬🇧 185.216.145.164

🇻🇳 183.81.86.112

🇩🇪 156.236.31.85

🇮🇳 143.110.183.65

🇧🇪 104.199.1.135

🇮🇩 103.94.7.50

🇬🇧 81.19.219.208

🇸🇬 68.183.178.130

🇫🇷 62.210.142.173

🇻🇳 27.71.85.183

🇺🇸 20.65.194.73

🇮🇪 2a05:d018:bb5:3302:b924:7591:5e04:7d98

🇩🇪 213.209.159.56

🇨🇭 209.99.187.169

🇬🇧 195.206.182.199