JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.166.200

158.173.166.200 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 22%: ?

22%

ISP	VPN Consumer Oslo, Norway
Usage Type	Data Center/Web Hosting/Transit
ASN	AS42708
Domain Name	vpnconsumer.com
Country	🇳🇴 Norway
City	Oslo, Oslo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.166.200

Whois 158.173.166.200

IP Abuse Reports for 158.173.166.200:

This IP address has been reported a total of 11 times from 4 distinct sources. 158.173.166.200 was first reported on April 17th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 08:37:06 (1 hour ago)	(mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:36:58.934903 2026] [security2:error] [pid 7700:tid 7700] [client 158.173.166.200:61561] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|byles.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "byles.net"] [uri "/license.txt"] [unique_id "aiUtqiGAlsEvdLGqf7_2XwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 07:50:50 (2 hours ago)	(mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 03:50:44.769847 2026] [security2:error] [pid 32134:tid 32134] [client 158.173.166.200:57627] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|ryanc.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "ryanc.net"] [uri "/license.txt"] [unique_id "aiUi1LrCf5yAroeAv2hlrgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:08:47 (3 hours ago)	(mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:08:42.243445 2026] [security2:error] [pid 26778:tid 26778] [client 158.173.166.200:42981] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|got-stuff.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "got-stuff.net"] [uri "/license.txt"] [unique_id "aiUK6nOoup-LeKudJrhnTgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 05:49:52 (4 hours ago)	(mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.166.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:49:45.371516 2026] [security2:error] [pid 7556:tid 7556] [client 158.173.166.200:23701] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|www.soundtrax.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "www.soundtrax.net"] [uri "/license.txt"] [unique_id "aiUGebG5PJsB9Bv5J6gEugAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-23 14:51:21 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-17 08:06:52 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-11 06:38:41 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-01 15:54:23 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 VMHeaven.io	2026-04-24 21:50:53 (1 month ago)	Blocked by UFW [80/tcp] Source port: 33857 TTL: 55 Packet length: 60	Port Scan Web App Attack
🇬🇧 consul.to	2026-04-21 00:22:16 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇮🇳 liveaspankaj	2026-04-17 23:34:27 (1 month ago)	DDoS attack: 102 requests in 5m (GET / or repair.php).	DDoS Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.233.69.217

🇸🇪 176.10.197.168

🇵🇰 153.117.9.143

🇺🇸 107.167.122.22

🇮🇳 106.221.253.14

🇮🇳 43.251.172.3

🇧🇷 186.238.210.226

🇳🇱 185.242.226.97

🇭🇰 185.227.153.56

🇺🇸 184.105.139.94

🇨🇳 122.224.240.99

🇹🇭 110.49.146.23

🇳🇱 45.148.10.151

🇯🇵 43.165.170.19

🇺🇸 20.64.105.238

🇺🇸 195.214.120.171

🇧🇷 191.54.80.93

🇳🇱 176.65.139.210

🇺🇿 144.124.192.129

🇨🇳 123.14.82.243