JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.20.82

158.173.20.82 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 11%: ?

11%

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.20.82

Whois 158.173.20.82

IP Abuse Reports for 158.173.20.82:

This IP address has been reported a total of 11 times from 10 distinct sources. 158.173.20.82 was first reported on October 23rd 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-05 04:04:43 (1 week ago)	158.173.20.82 - - [05/Jun/2026:07:04:26 +0300] "GET /wp-content/plugins/ninja-forms-uploads/readme.t ... show more 158.173.20.82 - - [05/Jun/2026:07:04:26 +0300] "GET /wp-content/plugins/ninja-forms-uploads/readme.txt HTTP/1.1" 404 628 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 158.173.20.82 - - [05/Jun/2026:07:04:42 +0300] "GET /wp-content/plugins/advanced-custom-post-type/changelog.md HTTP/1.1" 404 628 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Edg/101.0.1210.47" ... show less	Web App Attack
Anonymous	2026-05-17 03:58:15 (4 weeks ago)	Attack Signature Blocked: /wishlist/index/add/product/4476/form_key/PhMAw3uWWVOiscfR/ (Magento Site) ... show more Attack Signature Blocked: /wishlist/index/add/product/4476/form_key/PhMAw3uWWVOiscfR/ (Magento Site) (Botnet activity attributed to: Angara Technologies Group / mikhail-smirnov-79830322) show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-06 17:26:18 (2 months ago)	(mod_security) mod_security (id:210801) triggered by 158.173.20.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 158.173.20.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 13:26:11.701719 2026] [security2:error] [pid 630589:tid 630589] [client 158.173.20.82:15351] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|writeitright.biz\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "writeitright.biz"] [uri "/wp-content/plugins/woocommerce/license.txt"] [unique_id "adPssxLsXI0NRKHeQ-c6iQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-06 17:05:22 (2 months ago)	(mod_security) mod_security (id:210801) triggered by 158.173.20.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 158.173.20.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 13:05:11.992514 2026] [security2:error] [pid 173981:tid 173981] [client 158.173.20.82:14928] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|mindtoken.app\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "mindtoken.app"] [uri "/wp-content/plugins/woocommerce/license.txt"] [unique_id "adPnx6ru4NV7cHnJQ7-ivgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-03-26 17:24:46 (2 months ago)	2026-03-26 18:24:45 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
Anonymous	2026-03-06 04:50:16 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 bigscoots.com	2026-02-11 08:03:41 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.20.82 (NL/The Netherlands/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 158.173.20.82 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-02-11 03:03:07 dovecot_plain authenticator failed for H=([10.2.18.181]) [158.173.20.82]:34551: 535 Incorrect authentication data ([email protected]) 2026-02-11 03:03:13 dovecot_login authenticator failed for H=([10.2.18.181]) [158.173.20.82]:34551: 535 Incorrect authentication data ([email protected]) 2026-02-11 03:03:20 dovecot_plain authenticator failed for H=([10.2.18.181]) [158.173.20.82]:56917: 535 Incorrect authentication data ([email protected]) 2026-02-11 03:03:22 dovecot_login authenticator failed for H=([10.2.18.181]) [158.173.20.82]:56917: 535 Incorrect authentication data ([email protected]) 2026-02-11 03:03:36 dovecot_plain authenticator failed for H=([10.2.18.181]) [158.173.20.82]:58339: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇩🇪 Paul Smith	2026-02-08 13:26:11 (4 months ago)	Email Auth Brute force attack 6/1 in last day	Brute-Force
Anonymous	2026-01-01 16:30:48 (5 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇩🇪 marzzzello	2025-11-08 02:36:15 (7 months ago)	Ports: 25x 38246	Port Scan
🇺🇸 www.winos.me	2025-10-23 04:59:41 (7 months ago)	stream fail	Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.23.51.79

🇮🇳 182.76.86.130

🇵🇭 61.9.2.57

🇰🇷 59.24.133.197

🇳🇱 45.156.87.253

🇮🇳 20.235.157.149

🇨🇳 8.131.224.192

🇺🇸 2607:f8b0:4001:c22::12d

🇬🇧 213.166.84.52

🇫🇷 194.163.174.214

🇧🇷 177.132.185.141

🇷🇺 176.118.22.128

🇹🇭 152.32.245.27

🇮🇳 128.185.219.38

🇱🇹 81.30.98.158

🇳🇱 45.198.224.188

🇳🇱 45.148.10.151

🇳🇱 45.142.193.161

🇫🇮 34.88.42.1

🇦🇺 34.40.212.146