JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.3.4

158.173.3.4 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 15%: ?

15%

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.3.4

Whois 158.173.3.4

IP Abuse Reports for 158.173.3.4:

This IP address has been reported a total of 31 times from 12 distinct sources. 158.173.3.4 was first reported on November 3rd 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-16 13:39:32 (5 days ago)	ICS Labs identified 158.173.3.4 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇷🇺 Agrohim	2026-05-22 00:17:13 (1 month ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
Anonymous	2026-04-26 16:30:39 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇺🇸 mind5t0rm	2026-03-25 12:55:11 (2 months ago)	(XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Dire ... show more (XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.4 - - [25/Mar/2026:19:54:53 +0700] "GET /wp-login.php HTTP/2.0" 200 2701 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:19:54:55 +0700] "GET /wp-login.php?action=lostpassword HTTP/2.0" 200 2054 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:19:55:11 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/7.2.01" show less	Port Scan
🇸🇬 abuseipreport.darajati	2026-03-25 12:53:24 (2 months ago)	158.173.3.4 - - [2026-03-25T20:53:23+08:00] "POST /xmlrpc.php HTTP/1.1" 404 47 "https://hestiaistivi ... show more 158.173.3.4 - - [2026-03-25T20:53:23+08:00] "POST /xmlrpc.php HTTP/1.1" 404 47 "https://hestiaistiviani.com" "PHP/5.3.13" ... show less	Web App Attack
🇺🇸 mind5t0rm	2026-03-25 11:06:30 (2 months ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Dire ... show more (WPLOGIN,XMLRPC) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.4 - - [25/Mar/2026:18:06:11 +0700] "GET /wp-login.php HTTP/2.0" 200 2701 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:18:06:13 +0700] "GET /wp-login.php?action=lostpassword HTTP/2.0" 200 2053 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:18:06:25 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/6.2.71" show less	Port Scan
🇸🇬 abuseipreport.darajati	2026-03-25 02:48:29 (2 months ago)	158.173.3.4 - - [2026-03-25T10:48:28+08:00] "POST /xmlrpc.php HTTP/1.1" 404 47 "https://hestiaistivi ... show more 158.173.3.4 - - [2026-03-25T10:48:28+08:00] "POST /xmlrpc.php HTTP/1.1" 404 47 "https://hestiaistiviani.com" "PHP/7.3.78" ... show less	Web App Attack
🇺🇸 mind5t0rm	2026-03-25 00:34:58 (2 months ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Dire ... show more (WPLOGIN,XMLRPC) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.4 - - [25/Mar/2026:07:34:49 +0700] "GET /wp-login.php HTTP/2.0" 200 2701 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:07:34:51 +0700] "GET /wp-login.php?action=lostpassword HTTP/2.0" 200 2053 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:07:34:57 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/7.3.24" show less	Port Scan
🇺🇸 mind5t0rm	2026-03-24 20:13:57 (2 months ago)	(XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Dire ... show more (XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.4 - - [25/Mar/2026:03:13:43 +0700] "GET /wp-login.php HTTP/2.0" 200 2700 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:03:13:45 +0700] "GET /wp-login.php HTTP/2.0" 200 2700 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [25/Mar/2026:03:13:54 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/6.3.15" show less	Port Scan
🇸🇬 abuseipreport.darajati	2026-03-24 18:02:28 (2 months ago)	158.173.3.4 - - [2026-03-25T02:02:27+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1314 " ... show more 158.173.3.4 - - [2026-03-25T02:02:27+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1314 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Web App Attack
🇵🇱 sefinek.net	2026-03-24 17:03:19 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇸🇬 abuseipreport.darajati	2026-03-24 13:04:45 (2 months ago)	158.173.3.4 - - [2026-03-24T21:04:44+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1321 " ... show more 158.173.3.4 - - [2026-03-24T21:04:44+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1321 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 mind5t0rm	2026-03-24 05:05:21 (2 months ago)	(XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Dire ... show more (XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.4 - - [24/Mar/2026:12:05:05 +0700] "GET /wp-login.php HTTP/2.0" 200 2700 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [24/Mar/2026:12:05:07 +0700] "GET /wp-login.php HTTP/2.0" 200 2700 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [24/Mar/2026:12:05:17 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/7.2.81" show less	Port Scan
🇺🇸 mind5t0rm	2026-03-24 03:26:27 (2 months ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Dire ... show more (WPLOGIN,XMLRPC) Login failure/trigger from 158.173.3.4 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.4 - - [24/Mar/2026:10:26:10 +0700] "GET /wp-login.php HTTP/2.0" 200 2700 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [24/Mar/2026:10:26:12 +0700] "GET /wp-login.php?action=lostpassword HTTP/2.0" 200 2053 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [24/Mar/2026:10:26:25 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/5.3.20" show less	Port Scan
🇸🇬 abuseipreport.darajati	2026-03-24 01:35:55 (2 months ago)	158.173.3.4 - - [2026-03-24T09:35:43+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1323 " ... show more 158.173.3.4 - - [2026-03-24T09:35:43+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1323 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [2026-03-24T09:35:54+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1319 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.4 - - [2026-03-24T09:35:54+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1319 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 172.217.33.210

🇯🇵 202.182.108.248

🇳🇱 185.224.128.16

🇺🇸 184.105.139.109

🇺🇸 162.216.150.49

🇷🇴 141.98.83.240

🇨🇳 123.9.16.189

🇰🇿 95.58.255.251

🇭🇰 43.155.72.127

🇳🇱 40.126.32.68

🇰🇷 14.33.96.3

🇺🇸 3.235.179.2

🇸🇬 2400:8901::2000:1fff:feb9:3973

🇳🇱 176.65.139.43

🇺🇸 165.154.173.141

🇺🇸 162.144.121.110

🇦🇪 152.32.180.138

🇰🇷 121.178.185.141

🇮🇳 103.97.164.106

🇹🇷 78.180.8.153