JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.20.69

158.173.20.69 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.20.69

Whois 158.173.20.69

IP Abuse Reports for 158.173.20.69:

This IP address has been reported a total of 70 times from 41 distinct sources. 158.173.20.69 was first reported on December 31st 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 Ticlem	2026-04-03 18:24:59 (2 months ago)	2026-04-03T19:54:59.332768+02:00 clement-turlure kernel: [3618285.756028] [UFW BLOCK] IN=enp0s31f6 O ... show more 2026-04-03T19:54:59.332768+02:00 clement-turlure kernel: [3618285.756028] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.20.69 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=55 ID=33816 PROTO=UDP SPT=21725 DPT=6881 LEN=123 2026-04-03T20:09:59.287306+02:00 clement-turlure kernel: [3619185.718465] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.20.69 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=55 ID=59398 PROTO=UDP SPT=49537 DPT=6881 LEN=123 2026-04-03T20:24:59.258381+02:00 clement-turlure kernel: [3620085.697408] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.20.69 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=55 ID=59342 PROTO=UDP SPT=16058 DPT=1508 LEN=123 ... show less	Port Scan
🇩🇪 stinpriza	2026-04-01 10:24:22 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 mwgbr	2026-02-11 05:57:19 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.69 (NL/The Netherlands/-)	Brute-Force
🇺🇸 xmission.com	2026-02-10 10:47:10 (4 months ago)	Blocked by UFW (TCP on 51413) Source port: 54623 TTL: 47 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 51413) Source port: 54623 TTL: 47 Packet length: 60 TOS: 0x08 This report (for 158.173.20.69) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 gbzret4d	2026-01-31 09:03:36 (4 months ago)	Honeypot [uk-production01]: HTTP/1.1 request on 3128 CONNECT upload.wikimedia.org:443 User-Agent: J ... show more Honeypot [uk-production01]: HTTP/1.1 request on 3128 CONNECT upload.wikimedia.org:443 User-Agent: Java/1.8.0_432 Accept: text/html, image/gif, image/jpeg, ; q=.2, /*; q=.2; 3128 [1] TCP show less	Hacking Bad Web Bot
🇫🇮 Nullcore07	2026-01-30 14:08:32 (4 months ago)	2026-01-30 14:08:32 UTC Unauthorized activity to TCP port 3128. TCP connection established to port 3 ... show more 2026-01-30 14:08:32 UTC Unauthorized activity to TCP port 3128. TCP connection established to port 3128 (redirect=true). Banner sent; connection dropped. show less	Port Scan
🇫🇮 notalunar	2026-01-30 00:00:07 (4 months ago)	Massivepot \| Log: 2026-01-30 00:00:02 \| IP:158.173.20.69 \| PORT:8080 \| CAT:web_admin \| DATA:434f4e4e ... show more Massivepot \| Log: 2026-01-30 00:00:02 \| IP:158.173.20.69 \| PORT:8080 \| CAT:web_admin \| DATA:434f4e4e4543542075706c6f61642e77696b696d656469612e6f72673a34343320485454502f312e310d0a557365722d4167656e743a204a6176612f312e382e show less	Port Scan
🇩🇪 Lazentis	2026-01-29 10:58:23 (4 months ago)	Unauthorized access attempt to port 8080 (tcp)	Brute-Force SSH
🇫🇷 Kurom	2026-01-29 07:11:39 (4 months ago)	Port scanning detected on company server. Targeted ports: [8080]	Port Scan Hacking
🇩🇪 Mr-Money	2026-01-27 14:56:57 (4 months ago)	scenario: crowdsecurity/http-open-proxy - events: 1	Open Proxy Web App Attack
Anonymous	2026-01-27 06:10:01 (4 months ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇫🇮 payincog	2026-01-27 04:01:27 (4 months ago)	Date: 27/Jan/2026:06:12:50.141600 +0300 \| Reported IP: 158.173.20.69 mod_security \| id: 911100 94911 ... show more Date: 27/Jan/2026:06:12:50.141600 +0300 \| Reported IP: 158.173.20.69 mod_security \| id: 911100 949110 980170 \| NL/pay.my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; ; ; ; Warning. Unconditional match in SecAction. [file; Warning. Match of; Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file show less	SQL Injection Brute-Force Bad Web Bot
🇩🇪 Axel	2026-01-26 23:58:26 (4 months ago)	[2026-01-26 23:58:26 UTC] Honeypot HTTP-Alt connection attempt \| AXFRA HONEYPOT	Web App Attack
🇫🇷 Anonymous	2026-01-26 21:38:01 (4 months ago)	Fail2Ban detectó intento de acceso no autorizado en puerto 8080 a través de TLS HandShake	Port Scan
Anonymous	2026-01-26 20:42:54 (4 months ago)	Hit honeypot r.	Port Scan Hacking Exploited Host

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.73.150.43

🇺🇸 162.216.149.186

🇳🇵 116.66.198.10

🇱🇹 81.30.98.44

🇩🇪 46.101.242.153

🇬🇧 193.163.125.226

🇧🇷 186.215.107.189

🇮🇶 185.166.25.150

🇨🇳 180.125.99.243

🇸🇬 172.253.84.213

🇺🇸 162.216.150.16

🇦🇷 138.117.18.74

🇺🇸 107.150.111.67

🇰🇿 95.59.142.69

🇸🇬 68.183.229.3

🇲🇳 43.228.128.226

🇧🇪 35.187.45.111

🇫🇷 13.140.155.136

🇧🇷 205.210.31.246

🇪🇹 196.189.126.10