JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.158.247.241

94.158.247.241 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 36%: ?

36%

ISP	MivoCloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39798
Hostname(s)	94-158-247-241.mivocloud.com
Domain Name	mivocloud.com
Country	🇺🇸 United States of America
City	Bend, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.158.247.241

Whois 94.158.247.241

IP Abuse Reports for 94.158.247.241:

This IP address has been reported a total of 17 times from 5 distinct sources. 94.158.247.241 was first reported on June 16th 2026, and the most recent report was 33 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 08:23:17 (33 minutes ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 04:23:11.302038 2026] [security2:error] [pid 18557:tid 18557] [client 94.158.247.241:48994] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/backup.sql"] [unique_id "ajJZbzVYjytKWCmr8QUPcQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 08:06:25 (50 minutes ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 04:06:16.951835 2026] [security2:error] [pid 5227:tid 5227] [client 94.158.247.241:53026] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|whodatnation.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "whodatnation.com"] [uri "/wp-content/debug.log"] [unique_id "ajJVeCXilhhnOO9dTsweAAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:50:59 (2 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:50:54.914778 2026] [security2:error] [pid 18059:tid 18059] [client 94.158.247.241:38686] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|waterspell.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "waterspell.net"] [uri "/backup.sql"] [unique_id "ajJDzidFZd7zLlpyWWXnKQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:19:55 (2 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:19:50.055229 2026] [security2:error] [pid 25026:tid 25026] [client 94.158.247.241:60234] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vzan.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vzan.org"] [uri "/backup.sql"] [unique_id "ajI8hjrRPBqulljJt14A1QAAADY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Victor López	2026-06-17 05:17:41 (3 hours ago)	videoprenatal.com 94.158.247.241 - - [17/Jun/2026:00:17:38 -0500] "GET /.env HTTP/1.1" 404 15891 "-" ... show more videoprenatal.com 94.158.247.241 - - [17/Jun/2026:00:17:38 -0500] "GET /.env HTTP/1.1" 404 15891 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" videoprenatal.com 94.158.247.241 - - [17/Jun/2026:00:17:39 -0500] "GET /wp-config.php.bak HTTP/1.1" 404 15898 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" videoprenatal.com 94.158.247.241 - - [17/Jun/2026:00:17:41 -0500] "GET /wp-config.php~ HTTP/1.1" 404 15896 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 04:07:22 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210492) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 00:07:16.515025 2026] [security2:error] [pid 30562:tid 30562] [client 94.158.247.241:42750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ussthresher.com"] [uri "/.env"] [unique_id "ajIddHZIwqgqLomPBsrXIQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-17 03:47:51 (5 hours ago)	WP Config Probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 03:28:20 (5 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 23:28:12.909576 2026] [security2:error] [pid 11054:tid 11054] [client 94.158.247.241:55338] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|unionega.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "unionega.com"] [uri "/backup.sql"] [unique_id "ajIUTN9txY-IOjw_LSy4awAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:54:40 (8 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:54:33.865342 2026] [security2:error] [pid 6835:tid 6842] [client 94.158.247.241:60788] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|tomithai.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tomithai.com"] [uri "/backup.sql"] [unique_id "ajHwSQhwOqz_jQ1V_5CNGQAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-17 00:34:19 (8 hours ago)	Abuse Detected (6)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 23:53:59 (9 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:53:52.593504 2026] [security2:error] [pid 19495:tid 19495] [client 94.158.247.241:52834] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thingstodonude.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thingstodonude.com"] [uri "/backup.sql"] [unique_id "ajHiEK1DE29g9zE_6-_vdwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 22:40:32 (10 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 18:40:29.020443 2026] [security2:error] [pid 29705:tid 29705] [client 94.158.247.241:33664] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thenursingsite.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thenursingsite.com"] [uri "/backup.sql"] [unique_id "ajHQ3VpC0kN7bvPLUm599AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 21:08:21 (11 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:08:14.679440 2026] [security2:error] [pid 7340:tid 7340] [client 94.158.247.241:44746] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thebrotherhoodlounge.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thebrotherhoodlounge.com"] [uri "/backup.sql"] [unique_id "ajG7Plhu9dTjBtdNADrKZAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 19:07:12 (13 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (94-158-247-241.mivocloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 15:07:06.566926 2026] [security2:error] [pid 849:tid 849] [client 94.158.247.241:35626] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|takemehomedogrescue.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "takemehomedogrescue.org"] [uri "/backup.sql"] [unique_id "ajGe2jFacqCTFzP4k8KXbQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2026-06-16 18:45:59 (14 hours ago)	(mod_security) mod_security (id:210730) triggered by 94.158.247.241 (US/United States/94-158-247-241 ... show more (mod_security) mod_security (id:210730) triggered by 94.158.247.241 (US/United States/94-158-247-241.mivocloud.com): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 85.198.19.242

🇸🇬 47.79.11.121

🇳🇱 45.198.224.245

🇱🇹 216.132.188.220

🇱🇹 216.132.188.146

🇮🇳 182.70.182.223

🇸🇬 168.144.34.131

🇸🇬 165.154.29.93

🇩🇪 159.65.112.25

🇹🇭 147.50.231.135

🇮🇳 103.160.70.160

🇰🇬 85.113.28.180

🇺🇸 74.7.229.118

🇳🇱 45.148.10.141

🇳🇱 45.142.193.223

🇵🇱 45.141.233.69

🇧🇪 35.241.199.222

🇬🇧 35.203.210.11

🇷🇺 5.104.40.118

🇺🇸 216.25.89.82