JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.74.152

158.173.74.152 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 43%: ?

43%

ISP	VPN Consumer Copenhagen, Denmark
Usage Type	Data Center/Web Hosting/Transit
ASN	AS42708
Domain Name	vpnconsumer.com
Country	🇩🇰 Denmark
City	Copenhagen, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.74.152

Whois 158.173.74.152

IP Abuse Reports for 158.173.74.152:

This IP address has been reported a total of 17 times from 13 distinct sources. 158.173.74.152 was first reported on April 20th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 BestFans.com	2026-06-13 17:06:42 (9 hours ago)	Credential brute-force attacks on webpage logins	Brute-Force
🇩🇪 Mykola Spesivtsev	2026-06-08 12:41:02 (5 days ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/, Method:GET, UA:masscan/1.3 (https://github. ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/, Method:GET, UA:masscan/1.3 (https://github.com/robertdavidgraham/masscan) show less	Port Scan Web App Attack Bad Web Bot
Anonymous	2026-05-27 09:52:16 (2 weeks ago)	Reported from Nginx log analysis 11. Log: 158.173.74.152 - - [27/May/2026:xx:xx:xx 0200] "GET /live ... show more Reported from Nginx log analysis 11. Log: 158.173.74.152 - - [27/May/2026:xx:xx:xx 0200] "GET /live/TCvkvDshNVDZ/uRUQQRxRRmYX/393.ts?token=TxALA0MNG18QUVYDBAVWW1kDBQpUBVABAFZYWQMEDlMFUwEABVQBVAdDGBVHQEJdAAxtWlQXWVZYVhVDEEBSF2tbB0AKRwtXBlkWGxZAWVUEQwgCBwJaXVRTAFZSHxUVXVZBWBJXAFUAUA0AFhgSXRkVV0FeVA86BQBPCAZWFV9aRw8OHEdWC20FUVpVWlQaW0MDERwXChYRRwNDIl9SNm1hQyNyRxVHUAhARVVAVRpbQwQKBQRBSUMGVhQLR0UcFghBLHxHFUdXGUBSWkdZVw9DCBFERkFJQwxKPhdWRBFGVwIPVRcbXxBRFhsWWVFAPgJdXV5QABEIClcSRwkVVxYeQQ9fC1ARXRNrR11QEgJDUwsDAgRaVkMY HTTP/2.0" xxx xxx "-" "SparkleTV(Plus)/2.0.1 (SHIELD Android TV, Android 11)" "-" "DK Denmark Copenhagen" "AS42708" "Glesys AB" show less	Port Scan Brute-Force SSH
🇩🇪 BestFans.com	2026-05-25 15:28:05 (2 weeks ago)	Credential brute-force attacks on webpage logins	Brute-Force
🇨🇭 backslash	2026-05-18 08:21:01 (3 weeks ago)	block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1	Bad Web Bot
🇨🇭 4server	2026-05-17 12:54:51 (3 weeks ago)	[SunMay1714:54:46.4255872026][security2:error][pid3151859:tid3151877][client158.173.74.152:0]ModSecu ... show more [SunMay1714:54:46.4255872026][security2:error][pid3151859:tid3151877][client158.173.74.152:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\"wp-config\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"cadvending.ch\"][uri\"/wp-config.php.bak\"][unique_id\"agm6lq3pfyR3uDqX0WAFxQAAARA\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-15 14:07:33 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 158.173.74.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.173.74.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 10:07:27.349408 2026] [security2:error] [pid 6128:tid 6128] [client 158.173.74.152:49331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rodamundo.blog"] [uri "/wp-config.php.bak"] [unique_id "agcon6MqmmRhxCP0ywv2HQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-05-15 09:03:42 (4 weeks ago)	WordPress config file probe	Web App Attack
🇧🇪 cmbplf	2026-05-15 07:43:22 (4 weeks ago)	129 requests with url.path *.php.bak	Brute-Force Bad Web Bot
🇬🇧 consul.to	2026-05-13 06:19:31 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-09 08:52:22 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 SpaceHost-Server	2026-05-06 22:30:05 (1 month ago)		Brute-Force Web App Attack
🇩🇪 stinpriza	2026-05-06 01:41:33 (1 month ago)	WP Authentication attempt for unknown user	Brute-Force Web App Attack
🇫🇷 bazter.pro	2026-05-06 00:24:37 (1 month ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-05-02 17:41:10 (1 month ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.24.210.195

🇩🇪 213.209.159.56

🇧🇷 205.210.31.181

🇷🇺 176.118.22.128

🇺🇸 162.216.150.221

🇭🇰 154.221.20.215

🇺🇸 47.229.38.129

🇰🇷 34.158.194.39

🇧🇪 34.77.133.50

🇩🇪 209.38.251.87

🇺🇸 205.186.112.163

🇬🇧 193.163.125.159

🇳🇱 174.138.15.53

🇺🇸 162.216.149.118

🇩🇪 151.243.11.35

🇨🇳 117.15.52.189

🇿🇦 102.220.87.78

🇬🇧 81.19.219.219

🇺🇸 64.62.197.137

🇺🇸 50.104.189.168