JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.16.114.130

58.16.114.130 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 12%: ?

12%

ISP	China Unicom Guizhou province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Guiyang, Guizhou

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.16.114.130

Whois 58.16.114.130

IP Abuse Reports for 58.16.114.130:

This IP address has been reported a total of 27 times from 3 distinct sources. 58.16.114.130 was first reported on November 16th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 18:59:57 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:59:51.942489 2026] [security2:error] [pid 19015:tid 19015] [client 58.16.114.130:41600] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.davesievers.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.davesievers.com"] [uri "/"] [unique_id "aim0J8kK93s-Toyera10awAAAAE"], referer: http://www.davesievers.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 23:51:42 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 19:51:34.654757 2026] [security2:error] [pid 22424:tid 22424] [client 58.16.114.130:30253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.directoryofdrugs.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.directoryofdrugs.com"] [uri "/"] [unique_id "aiNhBvOuPwbew7vZW9GmtgAAAAQ"], referer: http://www.directoryofdrugs.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-13 01:55:45 (4 weeks ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2026-05-12 10:38:28 / show less	Web App Attack
🇨🇳 ThreatBook.io	2026-03-25 01:48:46 (2 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2026-03-24 12:17:35 / show less	SSH
🇺🇸 TPI-Abuse	2026-03-22 23:37:53 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 19:37:45.446722 2026] [security2:error] [pid 29587:tid 29587] [client 58.16.114.130:6354] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.ibeautyexchange.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ibeautyexchange.com"] [uri "/"] [unique_id "acB9SXcUotPIQB14pZ3-NwAAAAE"], referer: https://www.ibeautyexchange.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-25 21:12:58 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 16:12:52.473541 2026] [security2:error] [pid 13741:tid 13741] [client 58.16.114.130:26949] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|carolinafootprints.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "carolinafootprints.com"] [uri "/"] [unique_id "aZ9l1LP-CiuwiSCQPbrN2QAAABY"], referer: https://carolinafootprints.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 21:13:22 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 16:13:15.623468 2026] [security2:error] [pid 32391:tid 32391] [client 58.16.114.130:21361] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.moonfest.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.moonfest.net"] [uri "/"] [unique_id "aZd864vlvwSQJ6xvx4d_mAAAAAA"], referer: http://www.moonfest.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-02-13 01:48:04 (3 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2026-02-12 11:53:37 /sitemap.xml show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:45:13 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:45:09.357001 2026] [security2:error] [pid 8669:tid 8669] [client 58.16.114.130:42840] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|amtnm.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "amtnm.com"] [uri "/index.html"] [unique_id "aY6CJS0TrsYXv-Q9rqtM1QAAABE"], referer: https://amtnm.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 19:10:58 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 58.16.114.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 14:10:52.844819 2026] [security2:error] [pid 31935:tid 31935] [client 58.16.114.130:22623] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.alexgitlin.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.alexgitlin.com"] [uri "/index.htm"] [unique_id "aXe8PDI68C43Fp-DGTIFFgAAAAU"], referer: http://www.alexgitlin.com/index.htm show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-12-23 01:52:12 (5 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2025-12-22 07:44:30 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-12-20 01:25:32 (5 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2025-12-19 14:20:52 /config.json 2025-12-19 10:12:24 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-10-21 00:27:22 (7 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2025-10-20 20:46:38 /sitemap.xml show less	Web App Attack
🇨🇳 ThreatBook.io	2025-09-06 00:47:20 (9 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2025-09-05 03:35:53 / 2025-09-05 03:54:46 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-09-01 00:32:51 (9 months ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/58.16.114.130 2025-08-31 08:23:59 /robots.txt show less	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 77.91.71.10

🇬🇧 217.146.80.119

🇨🇳 182.110.173.18

🇧🇷 177.12.182.149

🇮🇹 172.213.140.80

🇲🇽 149.88.22.18

🇨🇳 117.159.39.226

🇸🇰 91.223.69.87

🇸🇬 43.153.204.181

🇺🇸 23.95.217.16

🇬🇧 216.226.76.10

🇨🇭 209.99.189.177

🇫🇷 158.220.111.161

🇮🇳 122.187.237.122

🇺🇸 104.243.35.104

🇫🇷 82.66.224.173

🇺🇸 47.88.93.232

🇧🇷 45.229.91.34

🇨🇳 42.193.187.47

🇩🇪 213.209.159.236