JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.21.148

158.173.21.148 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 3%: ?

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.21.148

Whois 158.173.21.148

IP Abuse Reports for 158.173.21.148:

This IP address has been reported a total of 29 times from 15 distinct sources. 158.173.21.148 was first reported on October 6th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-07 20:08:06 (1 week ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-08.158.173.21.148.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-08.158.173.21.148.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2026-02-25 16:05:25 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇮🇩 sockominfo	2026-02-13 20:00:46 (4 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 4.9/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 4.9/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-13 19:00:07 (4 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 7.3/10 (HIGH). CVSS: 6.8/10 (Medium). ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 7.3/10 (HIGH). CVSS: 6.8/10 (Medium). Bayesian: 83%. MITRE: T1071. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Exploited Host
🇮🇩 sockominfo	2026-02-13 18:00:46 (4 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.1/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.1/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-13 17:00:07 (4 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 7.4/10 (HIGH). CVSS: 6.8/10 (Medium). ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 7.4/10 (HIGH). CVSS: 6.8/10 (Medium). Bayesian: 87%. MITRE: T1071. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Exploited Host
🇮🇩 sockominfo	2026-02-13 16:00:46 (4 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.4/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.4/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-13 15:03:54 (4 months ago)	[WAZUH] Postfix: Multiple SASL authentication failures.	Hacking Web App Attack
🇩🇪 gnb	2026-02-11 22:11:00 (4 months ago)	158.173.21.148 - - [11/Feb/2026:23:10:59 +0100] www.(redacted) "GET /mail_bestellung.php?from=http%3 ... show more 158.173.21.148 - - [11/Feb/2026:23:10:59 +0100] www.(redacted) "GET /mail_bestellung.php?from=http%3A%2F%2Fkickass.best HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:114.0) Gecko/20100101 Firefox/114.0" ... show less	Web Spam Bad Web Bot
🇮🇩 xveil	2026-02-11 11:08:11 (4 months ago)	2026-02-11T18:08:09.244514 mail-honeypot postfix/submission/smtpd[21933]: warning: unknown[158.173.2 ... show more 2026-02-11T18:08:09.244514 mail-honeypot postfix/submission/smtpd[21933]: warning: unknown[158.173.21.148]: SASL PLAIN authentication failed: authentication failure ... show less	Brute-Force
🇺🇸 pixelmemory.us	2026-02-11 11:07:59 (4 months ago)	2026-02-11T03:07:28.816853-08:00 pixelmemory auth[29638]: pam_unix(dovecot:auth): authentication fai ... show more 2026-02-11T03:07:28.816853-08:00 pixelmemory auth[29638]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=158.173.21.148 2026-02-11T03:07:36.477912-08:00 pixelmemory auth[29638]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=158.173.21.148 2026-02-11T03:07:54.014249-08:00 pixelmemory auth[29638]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=158.173.21.148 2026-02-11T03:07:58.371306-08:00 pixelmemory auth[29638]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=158.173.21.148 ... show less	Brute-Force
🇵🇱 sefinek.net	2026-02-07 01:14:49 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 MAGIC	2026-02-06 01:06:12 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-01-16 22:45:13 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-12-29 02:40:12 (5 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.29.196.162

🇺🇸 192.3.145.26

🇳🇱 185.226.197.12

🇨🇭 179.43.146.227

🇺🇸 172.208.13.49

🇧🇬 78.128.113.22

🇸🇬 47.236.178.25

🇬🇧 193.163.125.208

🇲🇽 189.203.163.10

🇮🇷 178.131.45.189

🇪🇨 157.100.69.92

🇵🇰 59.103.220.22

🇸🇳 41.82.50.218

🇧🇷 34.151.245.28

🇮🇳 34.93.128.179

🇺🇸 20.85.246.45

🇮🇳 8.231.84.53

🇺🇸 172.215.231.118

🇲🇾 103.175.16.86

🇮🇳 59.93.242.40