JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.20.67

158.173.20.67 was found in our database!

This IP was reported 67 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.20.67

Whois 158.173.20.67

IP Abuse Reports for 158.173.20.67:

This IP address has been reported a total of 67 times from 51 distinct sources. 158.173.20.67 was first reported on October 18th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2026-02-11 20:11:31 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-02-10 20:11:30 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 snasfu	2026-02-10 08:10:58 (4 months ago)	Blocked for trying passwords against Email-submission	Email Spam Brute-Force
🇮🇩 xveil	2026-02-10 07:58:41 (4 months ago)	2026-02-10T14:57:40.265275 mail-honeypot postfix/submission/smtpd[26532]: warning: unknown[158.173.2 ... show more 2026-02-10T14:57:40.265275 mail-honeypot postfix/submission/smtpd[26532]: warning: unknown[158.173.20.67]: SASL PLAIN authentication failed: authentication failure ... show less	Brute-Force
🇸🇮 basing	2026-02-10 05:14:16 (4 months ago)	2026-02-10 06:14:16 kb SASL PLAIN auth failed: rhost=158.173.20.67...	Brute-Force
🇮🇩 aaKenshin	2026-02-10 04:04:02 (4 months ago)	Suspicious activity detected from IP 158.173.20.67 based on mailserver logs. Sample logs: 2026-02-10 ... show more Suspicious activity detected from IP 158.173.20.67 based on mailserver logs. Sample logs: 2026-02-10 12:03:49,713 INFO [qtp2102534528-24380] [name=*@.id;ip=172.16.0.182;oip=158.173.20.67;oport=59257;oproto=smtp;port=45878;soapId=2e788a08;] soap - AuthRequest elapsed=1 2026-02-10 12:04:01,365 INFO [qtp2102534528-24380] [name=*@.id;ip=172.16.0.182;oip=158.173.20.67;oport=43665;oproto=smtp;port=39608;soapId=2e788a09;] SoapEngine - handler exception: authentication failed for [], LDAP error: - unable to ldap authenticate: invalid credentials 2026-02-10 12:04:01,365 INFO [qtp2102534528-24380] [name=@.id;ip=172.16.0.182;oip=158.173.20.67;oport=43665;oproto=smtp;port=39608;soapId=2e788a09;] soap - AuthRequest elapsed=2 2026-02-10 12:04:01,882 INFO [qtp2102534528-24277] [name=@.id;ip=172.16.0.182;oip=158.173.20.67;oport=43665;oproto=smtp;port=39614;soapId=2e788a0a;] SoapEngine - handler exception: authentication failed for [**], LDAP error: - unable to ldap authenticate: inva show less	Brute-Force
🇭🇺 Lacika555	2026-02-10 03:14:09 (4 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
Anonymous	2026-02-10 03:01:28 (4 months ago)	Authentication failure	Brute-Force
🇦🇺 aglenday	2026-02-10 02:59:22 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.67 (NL/The Netherlands/-): 1 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 158.173.20.67 (NL/The Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2026-02-10T13:59:21.078764+11:00 mail postfix/submission/smtpd[1355779]: warning: unknown[158.173.20.67]: SASL PLAIN authentication failed: (reason unavailable), [email protected] show less	Port Scan
🇨🇦 polycoda	2026-02-10 02:06:07 (4 months ago)	AutoBlock: 📡 Port Scan (Non Decay-Based) - 🔐 SMTP Auth Failure (Decay-Based)	Port Scan Brute-Force
🇩🇪 FeG Deutschland	2026-02-10 02:04:03 (4 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇳🇱 rroethof	2026-02-10 01:42:39 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.67 (NL/The Netherlands/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 158.173.20.67 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SMTPAUTH; Logs: 2026-02-10 02:42:27 plain authenticator failed for H=([10.27.18.4]) [158.173.20.67]: 535 Incorrect authentication data ([email protected]) 2026-02-10 02:42:27 login authenticator failed for H=([10.27.18.4]) [158.173.20.67]: 535 Incorrect authentication data ([email protected]) 2026-02-10 02:42:27 plain authenticator failed for H=([10.27.18.4]) [158.173.20.67]: 535 Incorrect authentication data ([email protected]) 2026-02-10 02:42:27 login authenticator failed for H=([10.27.18.4]) [158.173.20.67]: 535 Incorrect authentication data ([email protected]) 2026-02-10 02:42:33 plain authenticator failed for H=([10.27.18.4]) [158.173.20.67]: 535 Incorrect authentication data ([email protected]) show less	Spoofing Brute-Force Bad Web Bot Web App Attack SSH
🇩🇪 Nerdscave Hosting	2026-02-10 01:40:39 (4 months ago)	SMTP brute-force detected by Fail2Ban in plesk-postfix jail	Email Spam Brute-Force
🇫🇷 dwmp	2026-02-10 00:56:54 (4 months ago)	Feb 10 01:56:53 webcore postfix/smtpd[1743696]: warning: unknown[158.173.20.67]: SASL CRAM-MD5 authe ... show more Feb 10 01:56:53 webcore postfix/smtpd[1743696]: warning: unknown[158.173.20.67]: SASL CRAM-MD5 authentication failed: authentication failure Feb 10 01:56:53 webcore postfix/smtpd[1743696]: warning: unknown[158.173.20.67]: SASL PLAIN authentication failed: authentication failure Feb 10 01:56:53 webcore postfix/smtpd[1743696]: warning: unknown[158.173.20.67]: SASL LOGIN authentication failed: authentication failure ... show less	Brute-Force
🇬🇧 openstrike.co.uk	2026-02-09 23:51:04 (4 months ago)	Email auth failures (3)	Brute-Force

Showing 1 to 15 of 67 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.214.209.153

🇺🇸 162.216.150.163

🇺🇸 161.38.202.253

🇻🇳 125.212.244.35

🇨🇳 120.193.249.150

🇯🇵 110.66.165.12

🇧🇷 108.179.252.35

🇺🇸 71.6.199.65

🇺🇸 54.234.223.158

🇩🇪 43.228.157.220

🇺🇸 34.105.7.187

🇫🇷 13.140.181.53

🇵🇭 2001:4451:a3d:ae00:509e:496c:6b13:976e

🇨🇳 222.128.15.132

🇰🇷 218.157.205.238

🇯🇲 208.163.34.67

🇳🇱 183.81.169.76

🇺🇸 141.11.88.101

🇮🇳 139.59.18.80

🇧🇷 108.179.252.200