JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.158.58.152

94.158.58.152 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 16%: ?

16%

ISP	IPLUS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43060
Domain Name	comnet.uz
Country	🇺🇿 Uzbekistan
City	Tashkent, Tashkent

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.158.58.152

Whois 94.158.58.152

IP Abuse Reports for 94.158.58.152:

This IP address has been reported a total of 17 times from 14 distinct sources. 94.158.58.152 was first reported on January 31st 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-17 20:22:17 (12 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
Anonymous	2026-05-11 17:57:24 (1 month ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇨🇭 backslash	2026-04-21 15:12:13 (1 month ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇳🇱 maxxsense	2026-03-28 09:08:30 (2 months ago)	94.158.58.152 (UZ/Uzbekistan/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇺🇸 TPI-Abuse	2026-03-24 11:51:35 (2 months ago)	(mod_security) mod_security (id:210381) triggered by 94.158.58.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210381) triggered by 94.158.58.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 07:51:28.576656 2026] [security2:error] [pid 7422:tid 7444] [client 94.158.58.152:34830] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt\|\|www.mentzlaw.com\|F\|4"] [data "REQUEST_URI=/louisianacaraccidentlawyer/%url%"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mentzlaw.com"] [uri "/louisianacaraccidentlawyer/%url%"] [unique_id "acJ6wGsH3yVpFDvYF-UHhQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-03-20 11:19:50 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇪🇸 el-brujo	2026-03-01 03:56:03 (3 months ago)	Cloudflare WAF: Request Path: /webmasters.html Request Query: ?url=http%3A%2F%2F%22%2C%28CAST%28%27~ ... show more Cloudflare WAF: Request Path: /webmasters.html Request Query: ?url=http%3A%2F%2F%22%2C%28CAST%28%27~%27%7C%7C%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%285132%3D5132%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FELSE%2F%2A%2A%2F0%2F%2A%2A%2FEND%29%29%3A%3Atext%7C%7C%27~%27%2F%2A%2A%2FAS%2F%2A%2A%2FNUMERIC%29%29+AND+%22EoojwD8O%22+LIKE+%22EoojwD8O Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: log Source: firewallManaged ASN Description: IPLUS-AS Country: UZ Method: GET Timestamp: 2026-03-01T03:56:03Z ruleId: 3b0c61407d0b4f7d87e516472116d2fe. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇦 polycoda	2026-01-30 12:59:23 (4 months ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇫🇷 vtchost.com	2026-01-20 23:13:55 (4 months ago)	jummy, honey! --\> ignored robots.txt --\> crawler botnet ...	Bad Web Bot Exploited Host
🇨🇳 ThreatBook.io	2026-01-17 01:36:35 (5 months ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/94.158.58.152	SSH
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇩🇪 SMARTNET	2025-11-26 02:37:10 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
Anonymous	2025-11-25 04:45:53 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-20 05:38:05 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-14 07:52:05 (7 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.135.73

🇳🇱 104.23.172.44

🇳🇱 104.23.172.36

🇩🇪 91.92.240.157

🇺🇸 66.132.172.234

🇷🇴 2.57.121.25

🇮🇳 223.236.21.54

🇺🇸 208.84.100.130

🇸🇪 94.191.136.187

🇹🇷 78.182.105.230

🇺🇸 69.118.177.128

🇨🇳 43.136.81.242

🇺🇸 8.234.149.192

🇦🇪 217.165.109.141

🇺🇸 209.74.83.91

🇩🇪 194.88.98.107

🇺🇸 173.239.211.160

🇨🇦 158.69.126.52

🇺🇸 96.78.175.41

🇩🇪 95.85.238.209