JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2.58.56.42

2.58.56.42 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 75%: ?

75%

ISP	1337 Services GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210558
Hostname(s)	2.58.56.42.powered.by.rdp.sh
Domain Name	as210558.net
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2.58.56.42

Whois 2.58.56.42

IP Abuse Reports for 2.58.56.42:

This IP address has been reported a total of 131 times from 97 distinct sources. 2.58.56.42 was first reported on December 4th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-24 19:47:03 (1 month ago)	$f2bV_matches	Brute-Force
🇧🇪 boxed-it	2026-05-18 10:47:36 (1 month ago)	GET //.env (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
Anonymous	2026-05-17 19:47:57 (1 month ago)	$f2bV_matches	Brute-Force
🇫🇷 geot	2026-05-17 12:02:49 (1 month ago)	GET //.env HTTP/1.1	Hacking Web App Attack
Anonymous	2026-05-17 04:35:23 (1 month ago)	Banned by Fail2Ban on server	Web App Attack
🇺🇸 TPI-Abuse	2026-05-17 03:41:00 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2.58.56.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 2.58.56.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 23:40:43.337523 2026] [security2:error] [pid 22014:tid 22014] [client 2.58.56.42:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hvacs-aircon.com"] [uri "/.env"] [unique_id "agk4u2tJ3vj47RZDYgZftAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 pixelboost.kr	2026-05-17 03:37:02 (1 month ago)	2.58.56.42 - - [17/May/2026:12:37:01 +0900] "GET //.env HTTP/1.1" 444 0 "-" "Go-http-client/1.1" ...	Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-05-17 03:08:26 (1 month ago)	(y3) Failed access -byebye- from 2.58.56.42 (NL/Netherlands/-): (CF_ENABLE)	Hacking
🇻🇪 LUISE	2026-05-17 03:00:53 (1 month ago)	Vulnerability scanning for Web files on server 2-3VE.	Hacking Bad Web Bot
🇺🇸 conrad10781	2026-05-17 02:53:21 (1 month ago)	nginx-dot-env	Web App Attack
🇺🇸 almazick	2026-05-17 02:43:11 (1 month ago)	Fail2Ban jail window on srv1.windowrepair.us banned 2.58.56.42 after 1 attempts	Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-05-16 22:40:19 (1 month ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇫🇷 tecnicorioja	2026-05-16 22:01:50 (1 month ago)	(Mod_security)	Web App Attack Brute-Force Bad Web Bot
🇳🇱 oisecnet	2026-05-16 21:01:25 (1 month ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-05-16. 7 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-05-16. 7 requests from this IP. show less	Brute-Force Web App Attack SSH
🇦🇺 Anytech	2026-05-16 20:01:22 (1 month ago)	Blocked by Conn-Monitor	Hacking Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 158.174.211.17

🇳🇱 104.28.217.139

🇳🇱 45.148.10.62

🇯🇵 8.216.3.218

🇺🇸 3.239.168.19

🇺🇸 2602:80d:1007::32

🇩🇰 185.129.61.4

🇨🇳 183.24.176.255

🇺🇸 147.185.132.229

🇹🇼 128.14.229.76

🇸🇬 101.47.156.21

🇱🇻 81.30.98.49

🇺🇸 64.62.197.66

🇮🇳 49.42.162.174

🇯🇵 220.150.246.7

🇭🇰 199.45.155.111

🇨🇬 197.157.252.162

🇺🇸 162.216.149.149

🇫🇮 147.185.133.11

🇳🇱 134.209.92.189