JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.196.106

173.239.196.106 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 36%: ?

36%

ISP	Avast Software
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	avast.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.196.106

Whois 173.239.196.106

IP Abuse Reports for 173.239.196.106:

This IP address has been reported a total of 68 times from 32 distinct sources. 173.239.196.106 was first reported on March 23rd 2024, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-28 21:02:51 (2 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 23:35:55 (23 hours ago)	(mod_security) mod_security (id:240000) triggered by 173.239.196.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240000) triggered by 173.239.196.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 19:35:48.115295 2026] [security2:error] [pid 18572:tid 18572] [client 173.239.196.106:65337] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|dallaschristmascards.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "dallaschristmascards.com"] [uri "/images/stories/themes.php"] [unique_id "akBeVN6Ilzyl9JEaY6E8WAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-27 18:59:19 (1 day ago)	Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ... show more Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ... show less	Web App Attack
🇫🇷 masterguru	2026-06-26 12:30:20 (2 days ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-197)	Hacking
🇬🇧 consul.to	2026-06-25 14:49:07 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-06-25 14:25:44 (3 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 14:12:24 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 173.239.196.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240000) triggered by 173.239.196.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 09:12:16.325652 2026] [security2:error] [pid 14110:tid 14110] [client 173.239.196.106:50121] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|cajunfriedturkey.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "cajunfriedturkey.com"] [uri "/images/stories/themes.php"] [unique_id "aZ2xwN4XL_fT9hhIGvzwSwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-02-23 16:58:50 (4 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-23 12:56:44 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 zynex	2026-02-22 06:03:21 (4 months ago)	URL Probing: /lock360.php	Web App Attack
🇫🇮 Shaik Sai Meera	2026-02-22 05:20:12 (4 months ago)	IM360 WAF: Infectors: Suspicious access attempt (webshell)	Brute-Force FTP Brute-Force Open Proxy
🇦🇺 Anytech	2026-02-22 02:22:11 (4 months ago)	CrowdSec detected: crowdsecurity/http-dos-swithcing-ua	Brute-Force Web App Attack
🇩🇪 Vegascosmetics	2026-02-15 22:50:54 (4 months ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-02-15 08:24:37 (4 months ago)	Web vulnerability probing: /chosen.php	Web App Attack
🇺🇦 URAN Publishing Service	2026-02-15 07:08:54 (4 months ago)	173.239.196.106 - - [15/Feb/2026:09:08:06 +0200] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 404 25 ... show more 173.239.196.106 - - [15/Feb/2026:09:08:06 +0200] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 404 251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 173.239.196.106 - - [15/Feb/2026:09:08:49 +0200] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1" 404 251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇴🇲 2a02:2908:4400:183a:b70c:d0c7:349e:3342

🇨🇳 183.230.155.13

🇩🇪 162.55.96.252

🇩🇪 138.68.95.109

🇵🇰 119.152.102.54

🇭🇰 103.97.179.24

🇫🇷 85.217.140.47

🇺🇸 68.154.36.223

🇺🇸 66.132.195.113

🇨🇳 61.52.120.150

🇯🇵 43.128.242.233

🇺🇸 23.94.102.136

🇺🇸 216.73.217.36

🇯🇴 176.29.209.109

🇲🇾 118.100.119.171

🇺🇸 67.85.146.216

🇬🇧 35.203.211.45

🇹🇭 1.10.195.171

🇧🇷 205.210.31.219

🇨🇷 190.112.222.28