JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.20.23

158.173.20.23 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 13%: ?

13%

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.20.23

Whois 158.173.20.23

IP Abuse Reports for 158.173.20.23:

This IP address has been reported a total of 13 times from 11 distinct sources. 158.173.20.23 was first reported on December 8th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-05-28 21:22:59 (2 weeks ago)	Blocked by UFW (TCP on 65535) Source port: 24249 TTL: 48 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 65535) Source port: 24249 TTL: 48 Packet length: 60 TOS: 0x08 This report (for 158.173.20.23) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Ba-Yu	2026-04-15 20:29:56 (1 month ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 debaba	2026-04-15 18:16:57 (1 month ago)	[15/Apr/2026:18:16:51.823874 +0000] ad_WE4hMtoTtATNpdRbbZQAAAIA 158.173.20.23 36630 127.0.0.1 7081 [ ... show more [15/Apr/2026:18:16:51.823874 +0000] ad_WE4hMtoTtATNpdRbbZQAAAIA 158.173.20.23 36630 127.0.0.1 7081 [15/Apr/2026:18:16:56.556020 +0000] ad_WGDpUhHa61kJ ... show less	Brute-Force Web App Attack
🇩🇪 Paul Smith	2026-02-15 14:06:30 (3 months ago)	Email Auth Brute force attack 6/1 in last day	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-11 00:11:29 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 bigscoots.com	2026-02-10 02:11:38 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.23 (NL/The Netherlands/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 158.173.20.23 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-02-09 21:11:09 dovecot_plain authenticator failed for H=([10.23.18.42]) [158.173.20.23]:52921: 535 Incorrect authentication data ([email protected]) 2026-02-09 21:11:15 dovecot_login authenticator failed for H=([10.23.18.42]) [158.173.20.23]:52921: 535 Incorrect authentication data ([email protected]) 2026-02-09 21:11:22 dovecot_plain authenticator failed for H=([10.23.18.42]) [158.173.20.23]:21118: 535 Incorrect authentication data ([email protected]) 2026-02-09 21:11:24 dovecot_login authenticator failed for H=([10.23.18.42]) [158.173.20.23]:21118: 535 Incorrect authentication data ([email protected]) 2026-02-09 21:11:37 dovecot_plain authenticator failed for H=([10.23.18.42]) [158.173.20.23]:28140: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇩🇪 Sparxx	2026-02-10 01:31:52 (4 months ago)	2026-02-10T02:31:44.480473+01:00 srv postfix/submission/smtpd[1305546]: lost connection after CONNEC ... show more 2026-02-10T02:31:44.480473+01:00 srv postfix/submission/smtpd[1305546]: lost connection after CONNECT from unknown[158.173.20.23] 2026-02-10T02:31:46.186702+01:00 srv postfix/submission/smtpd[1305546]: warning: unknown[158.173.20.23]: SASL PLAIN authentication failed: (reason unavailable), [email protected] 2026-02-10T02:31:52.253276+01:00 srv postfix/submission/smtpd[1305546]: warning: unknown[158.173.20.23]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-09 20:11:28 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2026-02-09 05:32:40 (4 months ago)	Authentication failure	Brute-Force
🇫🇷 dwmp	2026-02-09 05:32:16 (4 months ago)	Feb 9 06:32:15 webcore postfix/smtpd[1485423]: warning: unknown[158.173.20.23]: SASL CRAM-MD5 authe ... show more Feb 9 06:32:15 webcore postfix/smtpd[1485423]: warning: unknown[158.173.20.23]: SASL CRAM-MD5 authentication failed: authentication failure Feb 9 06:32:15 webcore postfix/smtpd[1485423]: warning: unknown[158.173.20.23]: SASL PLAIN authentication failed: authentication failure Feb 9 06:32:15 webcore postfix/smtpd[1485423]: warning: unknown[158.173.20.23]: SASL LOGIN authentication failed: authentication failure ... show less	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-08 20:11:27 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 Ghost Rider	2026-02-07 22:33:49 (4 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇧🇪 cmbplf	2025-12-08 07:22:08 (6 months ago)	1.928 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SM-F711U) AppleWebKit/537.3 ... show more 1.928 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SM-F711U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36 EdgA/114.0.1823.43 1.922 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021208 Debian/1.2.1-2 1.909 requests with user_agent.original Mozilla/5.0 (Linux; Android 6.0.1; SM-G532MT Build/MMB29T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/99.0.4844.88 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/436.0.0.35.101;] 1.886 requests with user_agent.original Mozilla/5.0 (iPhone; CPU iPhone OS 15_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/19G82 Instagram 306.0.0.20.118 (iPhone12,1; iOS 15_6_1; en_GB; en; scale=2.00; 828x1792; 529083166) NW/3 1.880 requests with user_agent.original Dalvik/2.1.0 (Linux; U; Android 11; Tibuta_MasterPad-E100 Build/RP1A.201005.006) 1.859 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0 show less	Brute-Force Bad Web Bot

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.96.139.19

🇸🇬 161.118.251.181

🇳🇱 160.119.76.23

🇮🇳 125.21.59.218

🇺🇸 104.253.77.110

🇩🇪 103.241.51.126

🇮🇩 34.101.173.11

🇺🇸 18.213.163.146

🇩🇪 213.209.159.231

🇲🇽 207.248.113.45

🇺🇸 198.37.116.122

🇨🇳 183.164.241.116

🇩🇪 176.65.132.149

🇫🇷 158.220.107.48

🇮🇩 157.15.40.77

🇨🇳 124.222.230.178

🇨🇳 123.56.157.254

🇺🇸 104.164.173.156

🇷🇸 77.105.37.219

🇮🇶 65.20.174.49