JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.241.42

158.173.241.42 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 52%: ?

52%

ISP	VPN Consumer Stockholm, Sweden
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.241.42

Whois 158.173.241.42

IP Abuse Reports for 158.173.241.42:

This IP address has been reported a total of 28 times from 11 distinct sources. 158.173.241.42 was first reported on April 29th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 19:38:25 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:38:20.395815 2026] [security2:error] [pid 3177:tid 3177] [client 158.173.241.42:29921] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|assembliesofgodinsamoa.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "assembliesofgodinsamoa.org"] [uri "/license.txt"] [unique_id "aiCCrP7HHwARUEGyzQvKkAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 19:12:17 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:12:13.560137 2026] [security2:error] [pid 6717:tid 6717] [client 158.173.241.42:54891] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|glendaleheritage.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "glendaleheritage.org"] [uri "/license.txt"] [unique_id "aiB8jat0PaUBiOUzgTBzNAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 18:44:26 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:44:21.431763 2026] [security2:error] [pid 27747:tid 27747] [client 158.173.241.42:25091] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|intertecs.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "intertecs.org"] [uri "/license.txt"] [unique_id "aiB2BdgJciOrYojQwXEtVAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 17:13:44 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:13:40.845067 2026] [security2:error] [pid 5128:tid 5128] [client 158.173.241.42:53033] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|deborbonfoundation.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "deborbonfoundation.org"] [uri "/license.txt"] [unique_id "aiBgxM3WAmOR5VcpRHDafAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 15:01:54 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 11:01:47.453212 2026] [security2:error] [pid 12761:tid 12761] [client 158.173.241.42:61101] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|untraceable.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "untraceable.org"] [uri "/license.txt"] [unique_id "aiBB24G3jyMVseTfDmmykQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 13:52:28 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 09:52:24.311140 2026] [security2:error] [pid 2682:tid 2682] [client 158.173.241.42:59905] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|amazeconsultants.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "amazeconsultants.org"] [uri "/license.txt"] [unique_id "aiAxmEiw_Y8ey-VTnWubSQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 09:32:41 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 05:32:35.302497 2026] [security2:error] [pid 6964:tid 6964] [client 158.173.241.42:27449] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|anxo.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "anxo.org"] [uri "/license.txt"] [unique_id "ah_0s8bDEfDr-9Ry19Vd8wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 05:41:22 (4 days ago)	(mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:41:18.711697 2026] [security2:error] [pid 24654:tid 24673] [client 158.173.241.42:62407] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|bhhg.org\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "bhhg.org"] [uri "/license.txt"] [unique_id "ah--flm5Y8AzGEuiFpxVbQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:39:56 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:39:50.070585 2026] [security2:error] [pid 6641:tid 6641] [client 158.173.241.42:39185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barigby.com"] [uri "/wp-config.php.bak"] [unique_id "ah8xhlGAvXw3wXQlKnLsEAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-01 15:06:11 (6 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇿🇦 Tokolosh Hunters	2026-05-30 13:57:53 (1 week ago)	AutoBlockWindow-Known bad useragent query-2026-05-30 13:57:52	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-25 17:40:59 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 13:40:52.543709 2026] [security2:error] [pid 1446:tid 1446] [client 158.173.241.42:39423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brushmileage.org"] [uri "/wp-config.php.bak"] [unique_id "ahSJpD8q_4haVpipd4sgwgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 16:05:17 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 12:05:13.373376 2026] [security2:error] [pid 25467:tid 25467] [client 158.173.241.42:28519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arapi.org"] [uri "/wp-config.php.bak"] [unique_id "ahRzOdM3EjlA4COBKkWUygAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-24 12:44:48 (2 weeks ago)	285 requests with url.path *.php.bak	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-22 18:02:47 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.241.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 14:02:43.001410 2026] [security2:error] [pid 7097:tid 7097] [client 158.173.241.42:54861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digitaldatatechnologies.net"] [uri "/wp-config.php.bak"] [unique_id "ahCaQwtcAM7Jhw3gQPYqgwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.34.164.13

🇺🇸 172.203.190.130

🇨🇳 125.94.106.195

🇨🇳 118.145.238.60

🇮🇩 185.124.136.35

🇳🇱 176.65.139.211

🇨🇭 172.161.139.80

🇮🇹 150.228.25.78

🇮🇳 122.168.194.41

🇨🇳 112.86.225.140

🇹🇼 111.70.31.135

🇹🇼 110.25.112.148

🇺🇸 3.141.3.156

🇷🇴 2.57.121.112

🇩🇪 213.209.159.11

🇮🇷 188.211.122.28

🇺🇸 172.203.190.129

🇨🇭 172.161.104.93

🇨🇳 121.15.140.235

🇵🇰 103.120.116.162