JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.21.122

158.173.21.122 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 7%: ?

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.21.122

Whois 158.173.21.122

IP Abuse Reports for 158.173.21.122:

This IP address has been reported a total of 28 times from 24 distinct sources. 158.173.21.122 was first reported on October 5th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 JimArchon72	2026-05-11 00:25:01 (1 month ago)	2026/05/11 00:22:16 "GET /wp-login.php HTTP/1.1"	Web App Attack
🇺🇸 bitblockit	2026-04-24 08:47:42 (1 month ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 23910/tcp. Observed event time: 2026-04-24 08:47:42 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-04-24 08:32:40 (1 month ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 23910/tcp. Observed event time: 2026-04-24 08:32:40 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-04-24 08:17:39 (1 month ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 23910/tcp. Observed event time: 2026-04-24 08:17:39 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇦🇺 oncord	2026-04-01 09:54:19 (2 months ago)	Form spam	Web Spam
🇭🇺 Lacika555	2026-03-11 23:44:59 (3 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇸🇪 KIDOS	2026-03-08 22:26:31 (3 months ago)	malicious activity	Web App Attack
🇸🇮 administrator	2026-03-08 20:49:14 (3 months ago)	2026-03-08 16:52:26,183 fail2ban.actions [1259]: NOTICE [ninjafirewall-syslog] Ban 158.173.2 ... show more 2026-03-08 16:52:26,183 fail2ban.actions [1259]: NOTICE [ninjafirewall-syslog] Ban 158.173.21.122 2026-03-08 19:00:13,306 fail2ban.actions [1259]: NOTICE [ninjafirewall-syslog] Ban 158.173.21.122 2026-03-08 21:49:13,634 fail2ban.actions [1259]: NOTICE [ninjafirewall-syslog] Ban 158.173.21.122 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-03-08 17:15:04 (3 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 rroethof	2026-02-15 16:26:28 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 158.173.21.122 (NL/The Netherlands/-): 5 in the last 3600 sec ... show more (smtpauth) Failed SMTP AUTH login from 158.173.21.122 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SMTPAUTH; Logs: 2026-02-15 17:26:18 plain authenticator failed for H=([10.38.18.214]) [158.173.21.122]: 535 Incorrect authentication data ([email protected]) 2026-02-15 17:26:18 login authenticator failed for H=([10.38.18.214]) [158.173.21.122]: 535 Incorrect authentication data ([email protected]) 2026-02-15 17:26:18 plain authenticator failed for H=([10.38.18.214]) [158.173.21.122]: 535 Incorrect authentication data ([email protected]) 2026-02-15 17:26:18 login authenticator failed for H=([10.38.18.214]) [158.173.21.122]: 535 Incorrect authentication data ([email protected]) 2026-02-15 17:26:25 plain authenticator failed for H=([10.38.18.214]) [158.173.21.122]: 535 Incorrect authentication data ([email protected]) show less	Spoofing Brute-Force Bad Web Bot Web App Attack SSH
🇮🇹 VHosting	2026-02-08 10:22:43 (4 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇧🇪 cmbplf	2025-12-29 05:10:35 (5 months ago)	733 limiting connections by zone (9m59s)	DDoS Attack
🇩🇪 conseilgouz	2025-10-31 21:02:39 (7 months ago)	avw-(visforms) : try to access forms...	Hacking
🇺🇸 ezsystems.com	2025-10-31 16:09:19 (7 months ago)		Web Spam
🇩🇪 paissangroup	2025-10-31 15:39:08 (7 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.90.233.165

🇺🇸 216.25.89.77

🇨🇳 182.244.0.150

🇮🇹 176.125.230.14

🇸🇬 101.47.158.56

🇳🇱 91.92.40.10

🇺🇸 45.79.177.245

🇧🇷 43.164.192.40

🇧🇪 35.205.242.102

🇺🇸 20.65.194.143

🇨🇳 14.18.122.240

🇰🇷 218.144.90.41

🇬🇧 195.206.182.194

🇳🇱 176.65.139.114

🇺🇸 154.40.36.4

🇩🇪 134.122.79.54

🇨🇳 112.86.225.15

🇳🇬 105.112.18.225

🇸🇬 103.136.221.55

🇮🇳 103.107.60.45