JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.36.161

158.173.36.161 was found in our database!

This IP was reported 109 times. Confidence of Abuse is 54%: ?

54%

ISP	VPN Consumer Barcelona, Spain
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	vpnconsumer.com
Country	🇪🇸 Spain
City	Barcelona, Catalonia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.36.161

Whois 158.173.36.161

IP Abuse Reports for 158.173.36.161:

This IP address has been reported a total of 109 times from 48 distinct sources. 158.173.36.161 was first reported on October 10th 2025, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-25 06:50:11 (21 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 masterguru	2026-06-25 05:15:10 (23 hours ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-25 03:57:19 (1 day ago)	Excessive 404/403 errors	Brute-Force
Anonymous	2026-06-19 02:22:09 (1 week ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇺🇸 helios.live	2026-06-18 15:25:49 (1 week ago)	2026/06/18 15:25:48 [error] 921645#921645: 1317341 FastCGI sent in stderr: "Primary script unknown" ... show more 2026/06/18 15:25:48 [error] 921645#921645: 1317341 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 158.173.36.161, server: kocerroxy.com, request: "GET /wp-includes/woocommerce-call.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com" 158.173.36.161 - - [18/Jun/2026:15:25:48 +0000] "GET /wp-includes/woocommerce-call.php HTTP/1.1" 404 47 "-" "Go-http-client/2.0" 2026/06/18 15:25:48 [error] 921645#921645: *1317341 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 158.173.36.161, server: kocerroxy.com, request: "GET /wp-content/plugins/wordpress-seo/wp-seo-main-float.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com" 158.173.36.161 - - [18/Jun/2026:15:25:48 +0000] "GET /wp-content/plugins/wordpress-seo/wp-seo-main-float.php HTTP/1.1" 404 47 "-" "Go-http-client/2.0" ... show less	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-16 10:35:52 (1 week ago)	levellapromotions.com.au:443 158.173.36.161 - - [16/Jun/2026:20:35:50 +1000] "GET /admin.php HTTP/1. ... show more levellapromotions.com.au:443 158.173.36.161 - - [16/Jun/2026:20:35:50 +1000] "GET /admin.php HTTP/1.1" 404 154327 "https://merch247.com.au/admin.php" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-16 04:38:38 (1 week ago)	158.173.36.161 - - [16/Jun/2026:07:38:36 +0300] "GET /wp-content/plugins/file-upload-types/assets/cs ... show more 158.173.36.161 - - [16/Jun/2026:07:38:36 +0300] "GET /wp-content/plugins/file-upload-types/assets/css/403x.php HTTP/1.1" 404 709 "-" "Go-http-client/1.1" 158.173.36.161 - - [16/Jun/2026:07:38:37 +0300] "GET /wp-content/plugins/penci-bookmark-follow/inc/admin/forms/penci-bf-users-logs-profile.php HTTP/1.1" 404 709 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 [email protected]	2026-06-12 00:27:08 (2 weeks ago)	PrestaShop Security Module: Calls WordPress paths probing known vulnerabilities	Web App Attack
🇮🇹 VHosting	2026-06-11 23:35:03 (2 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-05-11 23:26:54 (1 month ago)	158.173.36.161 - - [12/May/2026:02:26:53 +0300] "GET /wp-content/plugins/index.php HTTP/1.1" 404 716 ... show more 158.173.36.161 - - [12/May/2026:02:26:53 +0300] "GET /wp-content/plugins/index.php HTTP/1.1" 404 716 "-" "Go-http-client/1.1" 158.173.36.161 - - [12/May/2026:02:26:53 +0300] "GET /wp-content/themes/about.php HTTP/1.1" 404 716 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 Octopuce	2026-05-03 13:45:17 (1 month ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/dzs-zoomsounds/1877.php /wp-content/p ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/dzs-zoomsounds/1877.php /wp-content/plugins/core-plugin/include.php /wp-content/ ... show less	Web App Attack
Anonymous	2026-05-03 04:31:37 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇩🇪 raph	2026-05-03 00:03:57 (1 month ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-02 23:26:26 (1 month ago)	158.173.36.161 - - [03/May/2026:02:26:25 +0300] "GET /wp-content/themes/twentytwentythree/patterns/i ... show more 158.173.36.161 - - [03/May/2026:02:26:25 +0300] "GET /wp-content/themes/twentytwentythree/patterns/index.php HTTP/1.1" 404 706 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇳🇱 Site.eu	2026-05-02 21:56:53 (1 month ago)	Excessive 404/403 errors	Brute-Force

Showing 1 to 15 of 109 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇴 2a01:799:52a:9800:2475:4cc4:ade1:facf

🇨🇳 218.17.184.95

🇫🇮 147.185.133.147

🇸🇬 129.212.236.79

🇺🇸 35.252.237.7

🇻🇳 27.71.230.31

🇺🇸 13.219.1.233

🇩🇪 193.124.20.251

🇬🇧 188.240.59.44

🇺🇸 138.99.39.62

🇵🇭 138.84.100.209

🇰🇷 119.209.12.20

🇨🇳 113.78.42.130

🇬🇧 104.28.208.49

🇮🇩 103.187.165.26

🇩🇪 69.5.169.156

🇮🇳 49.36.186.189

🇬🇧 217.146.80.125

🇲🇾 203.121.40.210

🇵🇰 202.165.237.202