JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.173.21.161

158.173.21.161 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 37%: ?

37%

ISP	VPN Consumer Amsterdam, The Netherlands
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.173.21.161

Whois 158.173.21.161

IP Abuse Reports for 158.173.21.161:

This IP address has been reported a total of 31 times from 20 distinct sources. 158.173.21.161 was first reported on October 11th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-06 18:45:04 (1 week ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇺🇸 TAY	2026-06-06 18:44:25 (1 week ago)	158.173.21.161 - - [07/Jun/2026:02:44:22 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla ... show more 158.173.21.161 - - [07/Jun/2026:02:44:22 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla/5.0" 158.173.21.161 - - [07/Jun/2026:02:44:22 +0800] "POST /wp-login.php HTTP/1.1" 200 13780 "-" "Mozilla/5.0" 158.173.21.161 - - [07/Jun/2026:02:44:22 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-06 17:32:53 (1 week ago)	158.173.21.161 - - [07/Jun/2026:01:32:50 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla ... show more 158.173.21.161 - - [07/Jun/2026:01:32:50 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla/5.0" 158.173.21.161 - - [07/Jun/2026:01:32:50 +0800] "POST /wp-login.php HTTP/1.1" 200 13780 "-" "Mozilla/5.0" 158.173.21.161 - - [07/Jun/2026:01:32:50 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-06 16:23:46 (1 week ago)	158.173.21.161 - - [07/Jun/2026:00:23:43 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla ... show more 158.173.21.161 - - [07/Jun/2026:00:23:43 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla/5.0" 158.173.21.161 - - [07/Jun/2026:00:23:43 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla/5.0" 158.173.21.161 - - [07/Jun/2026:00:23:43 +0800] "POST /wp-login.php HTTP/1.1" 200 13780 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-06 15:16:18 (1 week ago)	158.173.21.161 - - [06/Jun/2026:23:16:15 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla ... show more 158.173.21.161 - - [06/Jun/2026:23:16:15 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:23:16:15 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:23:16:15 +0800] "POST /wp-login.php HTTP/1.1" 200 13780 "-" "Mozilla/5.0" ... show less	Brute-Force
🇩🇪 netclix.gr	2026-06-06 15:11:47 (1 week ago)	(login_brute_global) Multi-CMS Brute Force Attempt 158.173.21.161 (-): 5 in the last 4600 secs; Port ... show more (login_brute_global) Multi-CMS Brute Force Attempt 158.173.21.161 (-): 5 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 158.173.21.161 - - [06/Jun/2026:17:09:52 +0300] "POST /wp-login.php HTTP/1.1" 200 10279 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:17:24:51 +0300] "POST /wp-login.php HTTP/1.1" 200 10279 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:17:40:11 +0300] "POST /wp-login.php HTTP/1.1" 200 10279 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:17:55:52 +0300] "POST /wp-login.php HTTP/1.1" 200 10279 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:18:11:43 +0300] "POST /wp-login.php HTTP/1.1" 200 10279 "-" "Mozilla/5.0" show less	Port Scan
🇺🇸 nyt	2026-06-06 14:46:50 (1 week ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇪🇸 masterguru	2026-06-06 14:44:34 (1 week ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (5001900-122)	Web App Attack
🇫🇷 Kenshin869	2026-06-06 14:38:38 (1 week ago)	Wordpress unauthorized access attempt	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-06 14:31:45 (1 week ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN DK/Denmark/-	Web App Attack
🇩🇪 LRob.fr	2026-06-06 14:30:03 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-06 14:20:30 (1 week ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (88020-201)	Hacking
🇺🇸 TAY	2026-06-06 14:14:01 (1 week ago)	158.173.21.161 - - [06/Jun/2026:22:13:57 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla ... show more 158.173.21.161 - - [06/Jun/2026:22:13:57 +0800] "POST /wp-login.php HTTP/1.1" 200 13624 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:22:13:57 +0800] "POST /wp-login.php HTTP/1.1" 200 13780 "-" "Mozilla/5.0" 158.173.21.161 - - [06/Jun/2026:22:13:57 +0800] "POST /wp-login.php HTTP/1.1" 200 13745 "-" "Mozilla/5.0" ... show less	Brute-Force
🇫🇮 Ticlem	2026-04-05 05:01:37 (2 months ago)	2026-04-05T06:31:36.199808+02:00 clement-turlure kernel: [3742883.718647] [UFW BLOCK] IN=enp0s31f6 O ... show more 2026-04-05T06:31:36.199808+02:00 clement-turlure kernel: [3742883.718647] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.21.161 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=55 ID=51582 PROTO=UDP SPT=16047 DPT=6881 LEN=123 2026-04-05T06:46:36.101386+02:00 clement-turlure kernel: [3743783.628155] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.21.161 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=55 ID=55327 PROTO=UDP SPT=28673 DPT=6881 LEN=123 2026-04-05T07:01:36.085352+02:00 clement-turlure kernel: [3744683.620048] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=158.173.21.161 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=55 ID=65261 PROTO=UDP SPT=60323 DPT=6881 LEN=123 ... show less	Port Scan
🇺🇸 xmission.com	2026-03-23 09:45:42 (2 months ago)	Blocked by UFW (TCP on 61976) Source port: 38540 TTL: 46 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 61976) Source port: 38540 TTL: 46 Packet length: 60 TOS: 0x08 This report (for 158.173.21.161) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 157.15.40.6

🇩🇪 144.31.74.139

🇺🇸 88.135.73.16

🇳🇱 45.148.10.141

🇺🇸 3.238.95.47

🇺🇸 72.253.251.3

🇩🇪 69.5.169.181

🇸🇬 43.159.32.3

🇩🇪 139.59.208.49

🇨🇳 122.114.255.230

🇮🇩 103.49.239.217

🇮🇶 91.106.43.191

🇳🇱 89.105.195.118

🇳🇱 45.148.10.183

🇵🇱 194.180.48.33

🇺🇸 147.185.132.165

🇩🇪 130.12.180.196

🇨🇳 118.81.203.120

🇧🇬 91.148.190.150

🇳🇱 45.148.10.34