JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.94.209.221

158.94.209.221 was found in our database!

This IP was reported 797 times. Confidence of Abuse is 0%: ?

ISP	OMEGATECH
Usage Type	Fixed Line ISP
ASN	AS202412
Domain Name	omegatech.sc
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.94.209.221

Whois 158.94.209.221

IP Abuse Reports for 158.94.209.221:

This IP address has been reported a total of 797 times from 203 distinct sources. 158.94.209.221 was first reported on January 12th 2026, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-14 21:01:00 (2 months ago)	300000+ signup (attempts) from unauthorised users with a url as the first name.	Phishing
🇨🇭 TheCoon	2026-02-16 06:45:02 (4 months ago)	Automated: Web tarpit scanner detected	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-02-14 23:30:26 (4 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2026-02-13 20:11:35 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 itsolon	2026-02-13 08:48:10 (4 months ago)	158.94.209.221 - - [13/Feb/2026:09:48:07 +0100] "GET /wp-login.php HTTP/1.1" 301 3962 "https://t.co/ ... show more 158.94.209.221 - - [13/Feb/2026:09:48:07 +0100] "GET /wp-login.php HTTP/1.1" 301 3962 "https://t.co/" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0" 158.94.209.221 - - [13/Feb/2026:09:48:07 +0100] "GET /wp-login.php HTTP/1.1" 200 14880 "https://t.co/" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0" 158.94.209.221 - - [13/Feb/2026:09:48:09 +0100] "POST /wp-login.php HTTP/1.1" 301 648 "https://itsolon.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" 158.94.209.221 - - [13/Feb/2026:09:48:09 +0100] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.itsolon.com%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 13740 "https://itsolon.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:09:48:09 +0100] "POST /wp-login.php HTTP/1.1" 301 648 "https://itsolon.com/wp-login.php" "Moz ... show less	Web App Attack SSH
🇨🇦 KIsmay	2026-02-13 06:13:39 (4 months ago)	Feb 12 22:13:14 ismay WPAudit[51338]: 158.94.209.221 christinesutherland.com "Mozilla/5.0 (Windows N ... show more Feb 12 22:13:14 ismay WPAudit[51338]: 158.94.209.221 christinesutherland.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" bot:Bot@123456 FAIL Feb 12 22:13:21 ismay WPAudit[51338]: 158.94.209.221 christinesutherland.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" auditwpmedia:Berbagaidata123 FAIL Feb 12 22:13:27 ismay WPAudit[51338]: 158.94.209.221 christinesutherland.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" wertuslash:fZgfj64ffs!32gggfAS FAIL Feb 12 22:13:32 ismay WPAudit[51338]: 158.94.209.221 christinesutherland.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:119.0) Gecko/20100101 Firefox/119.0" root:r007p455w0rd FAIL Feb 12 22:13:39 ismay WPAudit[51338]: 158.94.209.221 christinesutherland.com "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0. ... show less	Brute-Force Web App Attack
🇩🇪 itsolon	2026-02-13 06:10:53 (4 months ago)	158.94.209.221 - - [13/Feb/2026:07:10:48 +0100] "GET /wp-login.php HTTP/1.1" 301 4035 "-" "Mozilla/5 ... show more 158.94.209.221 - - [13/Feb/2026:07:10:48 +0100] "GET /wp-login.php HTTP/1.1" 301 4035 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" 158.94.209.221 - - [13/Feb/2026:07:10:48 +0100] "GET /wp-login.php HTTP/1.1" 200 10684 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" 158.94.209.221 - - [13/Feb/2026:07:10:51 +0100] "POST /wp-login.php HTTP/1.1" 301 684 "https://cheplapharm-edumat.info/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:07:10:53 +0100] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.cheplapharm-edumat.info%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 9582 "https://cheplapharm-edumat.info/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 158.94.209.221 - - [13/Feb/2026:07:10:53 +0100] "POST /wp-login.php HTTP/1.1" ... show less	Web App Attack SSH
🇩🇪 macrob	2026-02-13 03:45:27 (4 months ago)	2026/02/13 03:45:26 [error] 404021#404021: 6479183 access forbidden by rule, client: 158.94.209.221 ... show more 2026/02/13 03:45:26 [error] 404021#404021: 6479183 access forbidden by rule, client: 158.94.209.221, server: binixo.com.ar, request: "GET /wp-login.php HTTP/2.0", host: "binixo.com.ar", referrer: "https://www.bing.com/" 2026/02/13 03:45:26 [error] 404021#404021: 6479195 access forbidden by rule, client: 158.94.209.221, server: binixo.com.ar, request: "GET /wp-login.php HTTP/2.0", host: "binixo.com.ar", referrer: "https://t.co/" 2026/02/13 03:45:26 [error] 404021#404021: 6479183 access forbidden by rule, client: 158.94.209.221, server: binixo.com.ar, request: "GET /wp-admin/ HTTP/2.0", host: "binixo.com.ar" ... show less	Web App Attack
🇺🇸 mind5t0rm	2026-02-13 03:04:36 (4 months ago)	(WPLOGIN) WP Login Attack 158.94.209.221 (NL/The Netherlands/-): 3 in the last 3600 secs; Ports: ; ... show more (WPLOGIN) WP Login Attack 158.94.209.221 (NL/The Netherlands/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 158.94.209.221 - - [13/Feb/2026:10:04:28 +0700] "GET /wp-login.php HTTP/2.0" 200 1751 "https://www.facebook.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:10:04:29 +0700] "GET /wp-login.php HTTP/2.0" 200 1751 "https://www.facebook.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:10:04:32 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fdigi.travel%2Fwp-admin%2F&reauth=1 HTTP/2.0" 200 1755 "https://wordpress.org/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" show less	Port Scan
🇬🇧 andypiper	2026-02-13 02:01:57 (4 months ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-02-13 01:24:25 (4 months ago)	158.94.209.221 - [13/Feb/2026:03:23:59 +0200] "POST /wp-login.php HTTP/1.1" 403 2960 "https://insino ... show more 158.94.209.221 - [13/Feb/2026:03:23:59 +0200] "POST /wp-login.php HTTP/1.1" 403 2960 "https://insinooritoimisto2k.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" "3.28" 158.94.209.221 - [13/Feb/2026:03:24:05 +0200] "POST /wp-login.php HTTP/1.1" 500 2838 "https://insinooritoimisto2k.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" "-" 158.94.209.221 - [13/Feb/2026:03:24:12 +0200] "POST /wp-login.php HTTP/1.1" 403 754 "https://insinooritoimisto2k.fi/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0" "2.37" 158.94.209.221 - [13/Feb/2026:03:24:18 +0200] "POST /wp-login.php HTTP/1.1" 403 755 "https://insinooritoimisto2k.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" "2.37" 158.94.209 ... show less	Hacking Brute-Force Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-02-13 01:11:59 (4 months ago)	2026-02-13T02:11:52.739926+01:00 web wordpress(choteborky.cz)[1929686]: Authentication attempt for u ... show more 2026-02-13T02:11:52.739926+01:00 web wordpress(choteborky.cz)[1929686]: Authentication attempt for unknown user bot from 158.94.209.221 2026-02-13T02:11:56.164591+01:00 web wordpress(choteborky.cz)[1929686]: Authentication attempt for unknown user auditwpmedia from 158.94.209.221 2026-02-13T02:11:59.203767+01:00 web wordpress(choteborky.cz)[1920089]: Authentication attempt for unknown user wertuslash from 158.94.209.221 ... show less	Brute-Force
Anonymous	2026-02-13 00:45:15 (4 months ago)	(wordpress) Failed wordpress login from 158.94.209.221 (NL/The Netherlands/-)	Brute-Force
🇪🇸 ofm-abuse	2026-02-13 00:44:08 (4 months ago)	Brute-force ...	Brute-Force Bad Web Bot Web App Attack
🇩🇪 itsolon	2026-02-13 00:33:18 (4 months ago)	158.94.209.221 - - [13/Feb/2026:01:33:11 +0100] "GET /wp-login.php HTTP/1.1" 301 4115 "-" "Mozilla/5 ... show more 158.94.209.221 - - [13/Feb/2026:01:33:11 +0100] "GET /wp-login.php HTTP/1.1" 301 4115 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:01:33:11 +0100] "GET /wp-login.php HTTP/1.1" 200 15713 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:01:33:16 +0100] "POST /wp-login.php HTTP/1.1" 301 687 "https://BOHRERSCHLEIFMASCHINE.DE/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 158.94.209.221 - - [13/Feb/2026:01:33:17 +0100] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.bohrerschleifmaschine.de%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 14472 "https://BOHRERSCHLEIFMASCHINE.DE/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safa ... show less	Web App Attack SSH

Showing 1 to 15 of 797 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.14.226.190

🇨🇭 209.99.184.143

🇰🇪 197.248.8.33

🇭🇰 43.155.21.198

🇧🇷 201.49.98.249

🇺🇸 107.175.69.109

🇻🇳 103.176.24.57

🇵🇱 95.160.34.175

🇸🇬 74.114.31.153

🇺🇸 65.49.1.187

🇰🇷 59.21.37.60

🇺🇸 44.221.116.76

🇦🇷 190.220.172.154

🇧🇴 181.188.176.242

🇳🇱 176.65.149.178

🇺🇸 173.230.150.73

🇩🇪 154.14.23.208

🇺🇸 146.70.98.152

🇨🇳 117.175.51.134

🇨🇳 112.19.161.224