JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.241.119

158.173.241.119 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 30%: ?

30%

ISP	VPN Consumer Stockholm, Sweden
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.241.119

Whois 158.173.241.119

IP Abuse Reports for 158.173.241.119:

This IP address has been reported a total of 9 times from 5 distinct sources. 158.173.241.119 was first reported on May 11th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 LTM	2026-06-09 06:20:01 (1 week ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:36:02 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:35:54.108130 2026] [security2:error] [pid 1541:tid 1541] [client 158.173.241.119:42281] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|susansimmons.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "susansimmons.net"] [uri "/license.txt"] [unique_id "aiU7eiLWyfk8TMcIkgfchAAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:12:32 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:12:28.158349 2026] [security2:error] [pid 13871:tid 13871] [client 158.173.241.119:27963] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|oceandrivebeach.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "oceandrivebeach.net"] [uri "/license.txt"] [unique_id "aiU1_F0psGm-8x05L323eAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 04:15:24 (1 week ago)		Web App Attack
🇵🇱 sefinek.net	2026-06-06 23:07:40 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from SE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from SE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.4 Safari/605.1.15 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 consul.to	2026-06-04 02:26:50 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 23:39:41 (2 weeks ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:39:34.863472 2026] [security2:error] [pid 16846:tid 16846] [client 158.173.241.119:56777] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|bhsp.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "bhsp.org"] [uri "/license.txt"] [unique_id "aiC7NsCGEhCtZMcTKfd08AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-26 21:06:39 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-11 10:53:26 (1 month ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.58

🇸🇬 2a09:bac1:6520:8::3c1:25

🇺🇸 2001:19f0:6001:30ab:5400:5ff:fe87:2a5e

🇪🇸 212.227.235.203

🇳🇱 193.176.31.211

🇦🇷 181.23.84.240

🇺🇸 178.93.52.15

🇬🇧 167.99.197.34

🇺🇸 162.216.149.98

🇸🇬 129.226.152.67

🇮🇶 65.20.137.173

🇺🇸 64.23.161.101

🇨🇦 40.85.241.15

🇩🇪 37.228.164.91

🇰🇷 222.117.176.58

🇺🇸 165.154.162.111

🇱🇹 81.30.98.142

🇱🇹 77.90.185.97

🇺🇸 43.130.33.245

🇺🇸 20.14.73.63