JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.20.64

158.173.20.64 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 2%: ?

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.20.64

Whois 158.173.20.64

IP Abuse Reports for 158.173.20.64:

This IP address has been reported a total of 20 times from 15 distinct sources. 158.173.20.64 was first reported on October 25th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-05-31 15:20:52 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 xmission.com	2026-03-27 01:56:28 (2 months ago)	Blocked by UFW (TCP on 9050) Source port: 30094 TTL: 49 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 9050) Source port: 30094 TTL: 49 Packet length: 60 TOS: 0x08 This report (for 158.173.20.64) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-03-21 20:33:31 (2 months ago)	Blocked by UFW (TCP on 58476) Source port: 23802 TTL: 47 Packet length: 120 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 58476) Source port: 23802 TTL: 47 Packet length: 120 TOS: 0x08 This report (for 158.173.20.64) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇩 aaKenshin	2026-02-09 12:22:28 (4 months ago)	Suspicious activity detected from IP 158.173.20.64 based on mailserver logs. Sample logs: 2026-02-09 ... show more Suspicious activity detected from IP 158.173.20.64 based on mailserver logs. Sample logs: 2026-02-09 20:22:01,123 INFO [qtp2102534528-21130] [ip=172.16.0.182;oip=158.173.20.64;oport=51761;oproto=smtp;port=39846;soapId=2e787f56;] SoapEngine - handler exception: authentication failed for [], account not found 2026-02-09 20:22:01,123 INFO [qtp2102534528-21130] [ip=172.16.0.182;oip=158.173.20.64;oport=51761;oproto=smtp;port=39846;soapId=2e787f56;] soap - AuthRequest elapsed=0 2026-02-09 20:22:14,330 INFO [qtp2102534528-21126] [ip=172.16.0.182;oip=158.173.20.64;oport=62897;oproto=smtp;port=50514;soapId=2e787f58;] account - Error occurred during authentication: authentication failed for []. Reason: account not found. 2026-02-09 20:22:14,330 INFO [qtp2102534528-21126] [ip=172.16.0.182;oip=158.173.20.64;oport=62897;oproto=smtp;port=50514;soapId=2e787f58;] SoapEngine - handler exception: authentication failed for [**], account not found 2026-02-09 20:22:14,330 INFO [qtp2102534528-21126 show less	Brute-Force
🇪🇸 Nudisco	2026-02-09 10:40:37 (4 months ago)		Brute-Force
🇩🇪 FeG Deutschland	2026-02-09 10:40:03 (4 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇺🇸 bigscoots.com	2026-02-09 10:36:31 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.64 (NL/The Netherlands/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 158.173.20.64 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-02-09 04:55:47 dovecot_login authenticator failed for H=([10.24.18.6]) [158.173.20.64]:32268: 535 Incorrect authentication data 2026-02-09 05:36:12 dovecot_plain authenticator failed for H=([10.24.18.6]) [158.173.20.64]:62794: 535 Incorrect authentication data ([email protected]) 2026-02-09 05:36:18 dovecot_login authenticator failed for H=([10.24.18.6]) [158.173.20.64]:62794: 535 Incorrect authentication data ([email protected]) 2026-02-09 05:36:27 dovecot_plain authenticator failed for H=([10.24.18.6]) [158.173.20.64]:51476: 535 Incorrect authentication data ([email protected]) 2026-02-09 05:36:29 dovecot_login authenticator failed for H=([10.24.18.6]) [158.173.20.64]:51476: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇨🇿 lp	2026-02-09 10:25:16 (4 months ago)	Email account brute force: 8 attempts were recorded from 158.173.20.64 2026-02-09T10:38:05+01:00 war ... show more Email account brute force: 8 attempts were recorded from 158.173.20.64 2026-02-09T10:38:05+01:00 warning: unknown[158.173.20.64]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-09T10:38:05+01:00 warning: unknown[158.173.20.64]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-09T10:38:05+01:00 warning: unknown[158.173.20.64]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-09T10:38:05+01:00 warning: unknown[158.173.20.64]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-09T10:38:06+01:00 warning: unknown[158.173.20.64]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-09T10:38:06+01:00 warning: unknown[158.173.20.64]: SASL PLAIN authentication failed: authen show less	Brute-Force
🇺🇸 bigscoots.com	2026-02-09 09:53:00 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.64 (NL/The Netherlands/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 158.173.20.64 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-02-09 04:51:11 dovecot_plain authenticator failed for H=([10.24.18.6]) [158.173.20.64]:52835: 535 Incorrect authentication data ([email protected]) 2026-02-09 04:51:17 dovecot_login authenticator failed for H=([10.24.18.6]) [158.173.20.64]:52835: 535 Incorrect authentication data ([email protected]) 2026-02-09 04:51:24 dovecot_plain authenticator failed for H=([10.24.18.6]) [158.173.20.64]:31158: 535 Incorrect authentication data ([email protected]) 2026-02-09 04:51:26 dovecot_login authenticator failed for H=([10.24.18.6]) [158.173.20.64]:31158: 535 Incorrect authentication data ([email protected]) 2026-02-09 04:52:58 dovecot_plain authenticator failed for H=([10.24.18.6]) [158.173.20.64]:32268: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
Anonymous	2026-02-09 09:48:39 (4 months ago)	Authentication failure	Brute-Force
Anonymous	2026-01-31 12:35:10 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇷🇺 Agrohim	2026-01-28 20:29:14 (4 months ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇧🇪 cmbplf	2025-12-10 22:24:23 (6 months ago)	210 requests with user_agent.original AppleCoreMedia/1.0.0.23A344 (Macintosh; U; Intel Mac OS X 14_ ... show more 210 requests with user_agent.original AppleCoreMedia/1.0.0.23A344 (Macintosh; U; Intel Mac OS X 14_0; da_dk) 209 requests with user_agent.original Dalvik/2.1.0 (Linux; U; Android 11; Tibuta_MasterPad-E100 Build/RP1A.201005.006) 208 requests with user_agent.original Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.6) Gecko/20050319 208 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1 207 requests with user_agent.original Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:0.9.3) Gecko/20010802 203 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021208 Debian/1.2.1-2 196 requests with user_agent.original Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 [LinkedInApp]/9.28.7586 194 requests with user_agent.original Mozilla/5.0 (iPhone; CPU iPhone OS 15_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/19G82 I show less	Brute-Force Bad Web Bot
Anonymous	2025-12-01 14:05:48 (6 months ago)	Web Server atack ...	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-11-04 05:08:33 (7 months ago)	10.419 requests in 1 hour (4d8h59m)	Brute-Force Bad Web Bot

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 101.126.153.162

🇬🇧 185.247.137.236

🇳🇱 91.92.40.204

🇺🇸 2604:a00:12:1664:216:3eff:fe2c:3ad0

🇰🇷 218.154.181.71

🇹🇼 198.235.24.56

🇫🇷 185.177.72.58

🇲🇾 183.171.7.162

🇧🇴 181.188.176.242

🇧🇷 170.254.133.102

🇺🇸 74.7.175.171

🇰🇷 14.34.85.99

🇳🇱 176.65.139.234

🇬🇧 147.148.205.252

🇺🇸 128.203.204.199

🇮🇳 122.177.242.181

🇨🇳 120.239.135.65

🇺🇸 91.230.168.252

🇺🇸 66.132.186.223

🇭🇰 8.217.232.214