JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.241.33

158.173.241.33 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 67%: ?

67%

ISP	VPN Consumer Stockholm, Sweden
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.241.33

Whois 158.173.241.33

IP Abuse Reports for 158.173.241.33:

This IP address has been reported a total of 45 times from 25 distinct sources. 158.173.241.33 was first reported on April 3rd 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 COMAITE	2026-06-21 03:01:29 (16 hours ago)	Suspicious URL access.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:41:06 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:41:01.590429 2026] [security2:error] [pid 13136:tid 13136] [client 158.173.241.33:27453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cynosurephotography.com"] [uri "/wp-config.php.bak"] [unique_id "ajcI7ZcPtF_hbCdj1f1YJwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 13:42:03 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:41:54.747094 2026] [security2:error] [pid 18963:tid 18963] [client 158.173.241.33:37315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coolcustomweddingproducts.com"] [uri "/wp-config.php.bak"] [unique_id "ajaYovuap8gOwqx1d5yGwAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 13:01:05 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:01:01.532937 2026] [security2:error] [pid 25773:tid 25773] [client 158.173.241.33:51521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "constructiondomex.com"] [uri "/wp-config.php.bak"] [unique_id "ajaPDcpioYjh0rpiMahfiQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:39:33 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:39:26.262099 2026] [security2:error] [pid 8691:tid 8715] [client 158.173.241.33:24715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chelseyrae.com"] [uri "/wp-config.php.bak"] [unique_id "ajXFHrCCARTJIS-dlSkmgwAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:21:12 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:21:05.617086 2026] [security2:error] [pid 28098:tid 28098] [client 158.173.241.33:64771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campnecon.com"] [uri "/wp-config.php.bak"] [unique_id "ajVscQHEG7Og1Qh6AqPoEwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 09:36:23 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 05:36:17.409006 2026] [security2:error] [pid 32466:tid 32466] [client 158.173.241.33:64389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bonnesfrequences.com"] [uri "/wp-config.php.bak"] [unique_id "ajUNkQpR-M4G9XmVrujHbwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-19 09:05:34 (2 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇨🇳 pengpeng	2026-06-14 07:44:58 (1 week ago)	monitor: on VM-0-7-ubuntu \| port: 55658 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 55658 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 matthieul.dev	2026-06-14 07:05:24 (1 week ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp,udp, ports=36954	Port Scan Brute-Force
🇵🇱 sefinek.net	2026-06-12 14:14:18 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from SE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from SE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Sculk Ltd.	2026-05-30 22:15:44 (3 weeks ago)	Unsolicited Minecraft server-list ping (handshake/status) to TCP/25565 across 14 address(es); protoc ... show more Unsolicited Minecraft server-list ping (handshake/status) to TCP/25565 across 14 address(es); protocol 1.20.3. Automated port scan detected by a Velocity proxy. show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-26 07:45:44 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 03:45:38.698943 2026] [security2:error] [pid 17094:tid 17094] [client 158.173.241.33:40331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tribecalledfamilypodcast.org"] [uri "/wp-config.php.bak"] [unique_id "ahVPokdqlq-ezClKjuVSjQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 21:50:31 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 17:50:25.647182 2026] [security2:error] [pid 7062:tid 7062] [client 158.173.241.33:63011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grandpont-house.org"] [uri "/wp-config.php.bak"] [unique_id "ahTEIZSBGBb0JMtHM9HcPwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Progetto1	2026-05-24 11:42:03 (4 weeks ago)	Detected via HAProxyScanner at 2026-05-24 11:42:03 UTC on destination port WEB (80/443). Repeated sc ... show more Detected via HAProxyScanner at 2026-05-24 11:42:03 UTC on destination port WEB (80/443). Repeated scan / connection. show less	Port Scan Hacking Brute-Force

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 78.128.114.102

🇲🇽 187.192.86.153

🇩🇪 139.59.208.49

🇭🇰 118.193.32.92

🇨🇳 101.126.88.251

🇺🇸 34.174.139.99

🇷🇴 2.57.122.177

🇮🇳 203.193.147.75

🇳🇱 195.211.191.112

🇵🇾 181.91.85.202

🇺🇸 147.185.132.117

🇹🇷 89.252.131.17

🇧🇬 79.124.62.178

🇺🇸 2604:a880:400:d1:0:4:9e8e:7001

🇮🇩 202.155.157.145

🇮🇹 194.156.191.28

🇸🇬 178.128.51.84

🇺🇸 172.253.221.152

🇩🇪 151.243.11.245

🇺🇸 118.193.77.161