AbuseIPDB » 158.173.22.92
158.173.22.92 was found in our database!
This IP was reported 5 times. Confidence of
Abuse
is 0% : ?
ISP
VPN Consumer Atlanta, United States of America
Usage Type
Data Center/Web Hosting/Transit
ASN
AS212238
Domain Name
vpnconsumer.com
Country
๐บ๐ธ
United States of America
City
Atlanta, Georgia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 158.173.22.92 :
This IP address has been reported a total of
5
times from
5 distinct
sources.
158.173.22.92 was first reported on
October 16th 2025 , and the most recent report was
1 month ago .
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ซ๐ฎ
Ticlem
2026-05-16 10:01:15
(1 month ago)
2026-05-16T11:34:48.016034+02:00 clement-turlure kernel: [2775399.377433] [UFW BLOCK] IN=enp0s31f6 O ...
show more
2026-05-16T11:34:48.016034+02:00 clement-turlure kernel: [2775399.377433] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.22.92 DST=95.216.21.136 LEN=125 TOS=0x00 PREC=0x00 TTL=54 ID=20862 DF PROTO=UDP SPT=15131 DPT=6881 LEN=105
2026-05-16T12:00:52.513923+02:00 clement-turlure kernel: [2776963.891504] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.22.92 DST=95.216.21.136 LEN=125 TOS=0x00 PREC=0x00 TTL=54 ID=41493 DF PROTO=UDP SPT=22838 DPT=6881 LEN=105
2026-05-16T12:01:14.003956+02:00 clement-turlure kernel: [2776985.381520] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.22.92 DST=95.216.21.136 LEN=125 TOS=0x00 PREC=0x00 TTL=54 ID=51725 DF PROTO=UDP SPT=22838 DPT=6881 LEN=105
...
show less
Port Scan
๐จ๐ฟ
unhfree.net
2026-01-21 12:05:36
(5 months ago)
Jan 21 13:05:35 canopus postfix/smtpd[3103691]: improper command pipelining after EHLO from unknown[ ...
show more
Jan 21 13:05:35 canopus postfix/smtpd[3103691]: improper command pipelining after EHLO from unknown[158.173.22.92]: QUIT\r\n
Jan 21 13:05:35 canopus postfix/smtpd[3103663]: improper command pipelining after EHLO from unknown[158.173.22.92]: QUIT\r\n
Jan 21 13:05:35 canopus postfix/smtpd[3103690]: improper command pipelining after EHLO from unknown[158.173.22.92]: QUIT\r\n
Jan 21 13:05:35 canopus postfix/smtpd[3103685]: improper command pipelining after EHLO from unknown[158.173.22.92]: QUIT\r\n
Jan 21 13:05:35 canopus postfix/smtpd[3103691]: improper command pipelining after EHLO from unknown[158.173.22.92]: QUIT\r\n
...
show less
Brute-Force
Exploited Host
Anonymous
2025-12-29 04:30:06
(6 months ago)
Failed login attempt detected by Fail2Ban in plesk-postfix jail
Brute-Force
๐บ๐ธ
bigscoots.com
2025-12-19 06:08:50
(6 months ago)
(smtpauth) Failed SMTP AUTH login from 158.173.22.92 (US/United States/-): 5 in the last 3600 secs; ...
show more
(smtpauth) Failed SMTP AUTH login from 158.173.22.92 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-12-19 01:08:41 dovecot_login authenticator failed for (ADMIN) [158.173.22.92]:20527: 535 Incorrect authentication data ([email protected] )
2025-12-19 01:08:49 dovecot_login authenticator failed for (ADMIN) [158.173.22.92]:42256: 535 Incorrect authentication data ([email protected] )
2025-12-19 01:08:49 dovecot_login authenticator failed for (ADMIN) [158.173.22.92]:7856: 535 Incorrect authentication data ([email protected] )
2025-12-19 01:08:49 dovecot_login authenticator failed for (ADMIN) [158.173.22.92]:15180: 535 Incorrect authentication data ([email protected] )
2025-12-19 01:08:49 dovecot_login authenticator failed for (ADMIN) [158.173.22.92]:30193: 535 Incorrect authentication data ([email protected] )
show less
Brute-Force
SSH
๐ฎ๐น
VHosting
2025-10-16 09:45:03
(8 months ago)
Detected mail brute force attack from 4 different servers
Brute-Force
Showing 1 to
5
of 5 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: