JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.3.94

158.173.3.94 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 7%: ?

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.3.94

Whois 158.173.3.94

IP Abuse Reports for 158.173.3.94:

This IP address has been reported a total of 32 times from 17 distinct sources. 158.173.3.94 was first reported on October 17th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-05-10 09:38:21 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.ipify.org:443 show less	Open Proxy Port Scan
🇨🇭 backslash	2026-04-28 11:27:00 (1 month ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 interbiznw.com	2026-03-26 12:29:10 (2 months ago)	wordpress-fuzzing	Hacking Brute-Force Exploited Host Web App Attack
🇸🇬 abuseipreport.darajati	2026-03-26 11:14:42 (2 months ago)	158.173.3.94 - - [2026-03-26T19:14:42+08:00] "POST /xmlrpc.php HTTP/1.1" 404 47 "https://hestiaistiv ... show more 158.173.3.94 - - [2026-03-26T19:14:42+08:00] "POST /xmlrpc.php HTTP/1.1" 404 47 "https://hestiaistiviani.com" "PHP/5.2.21" ... show less	Web App Attack
🇺🇸 mind5t0rm	2026-03-26 04:26:34 (2 months ago)	(XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.94 (-): 3 in the last 3600 secs; Ports: ; Dir ... show more (XMLRPC,WPLOGIN) Login failure/trigger from 158.173.3.94 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.173.3.94 - - [26/Mar/2026:11:26:23 +0700] "GET /wp-login.php HTTP/2.0" 200 2701 "https://accident-investigator.me" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [26/Mar/2026:11:26:24 +0700] "GET /wp-login.php?action=lostpassword HTTP/2.0" 200 2053 "https://accident-investigator.me/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [26/Mar/2026:11:26:29 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "https://accident-investigator.me/css/" "PHP/5.2.76" show less	Port Scan
🇸🇬 abuseipreport.darajati	2026-03-26 01:33:52 (2 months ago)	158.173.3.94 - - [2026-03-26T09:33:37+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1320 ... show more 158.173.3.94 - - [2026-03-26T09:33:37+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1320 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T09:33:51+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1314 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T09:33:51+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1314 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Web App Attack
🇸🇪 KIDOS	2026-03-25 23:33:48 (2 months ago)	malicious activity	Web App Attack
🇸🇬 abuseipreport.darajati	2026-03-25 22:39:36 (2 months ago)	158.173.3.94 - - [2026-03-26T06:39:01+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1322 ... show more 158.173.3.94 - - [2026-03-26T06:39:01+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1322 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T06:39:21+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1320 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T06:39:21+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1320 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T06:39:36+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1321 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT ... show less	Web App Attack
🇸🇮 administrator	2026-03-25 22:14:42 (2 months ago)	2026-03-25 18:13:15,576 fail2ban.actions [1252]: NOTICE [ninjafirewall-syslog] Ban 158.173.3 ... show more 2026-03-25 18:13:15,576 fail2ban.actions [1252]: NOTICE [ninjafirewall-syslog] Ban 158.173.3.94 2026-03-25 20:35:24,913 fail2ban.actions [1252]: NOTICE [ninjafirewall-syslog] Ban 158.173.3.94 2026-03-25 23:14:41,557 fail2ban.actions [1252]: NOTICE [ninjafirewall-syslog] Ban 158.173.3.94 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇵🇱 sefinek.net	2026-03-25 19:09:54 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇸🇬 abuseipreport.darajati	2026-03-25 19:03:10 (2 months ago)	158.173.3.94 - - [2026-03-26T03:02:02+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1313 ... show more 158.173.3.94 - - [2026-03-26T03:02:02+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1313 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T03:02:21+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1314 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T03:02:36+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1316 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 158.173.3.94 - - [2026-03-26T03:02:53+08:00] "POST /wp-login.php?action=register HTTP/1.1" 200 1313 "https://hestiaistiviani.com/wp-login.php?action=register" "Mozilla/5.0 (Windows NT ... show less	Web App Attack
🇺🇸 xmission.com	2026-03-18 20:28:08 (3 months ago)	Blocked by UFW (TCP on 54881) Source port: 7262 TTL: 47 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 54881) Source port: 7262 TTL: 47 Packet length: 60 TOS: 0x08 This report (for 158.173.3.94) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇰🇿 yuki	2026-03-17 23:59:04 (3 months ago)	Blocked by UFW on homeserver [32935/tcp] • SPT: 14187, TTL: 51, LEN: 60, TOS: 0x00, PREC: 0x20 • Rep ... show more Blocked by UFW on homeserver [32935/tcp] • SPT: 14187, TTL: 51, LEN: 60, TOS: 0x00, PREC: 0x20 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-03-09 18:14:48 (3 months ago)	Blocked by UFW (TCP on 6900) Source port: 41974 TTL: 47 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 6900) Source port: 41974 TTL: 47 Packet length: 60 TOS: 0x08 This report (for 158.173.3.94) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-03-01 07:40:08 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.149.236

🇺🇸 172.253.15.214

🇺🇸 117.55.229.156

🇮🇳 103.175.2.209

🇫🇷 85.217.140.51

🇦🇱 79.106.139.152

🇺🇸 74.7.227.136

🇧🇾 37.215.39.46

🇰🇷 14.49.197.174

🇮🇳 203.145.143.163

🇲🇽 186.96.158.180

🇸🇬 185.200.116.71

🇺🇸 161.35.8.0

🇮🇳 103.49.131.7

🇷🇺 95.26.155.6

🇳🇱 45.148.10.151

🇨🇳 43.226.39.182

🇺🇸 34.230.221.101

🇺🇸 34.193.119.44

🇻🇳 14.225.7.70