JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.196.151

173.239.196.151 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	Avast Software
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	avast.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.196.151

Whois 173.239.196.151

IP Abuse Reports for 173.239.196.151:

This IP address has been reported a total of 130 times from 68 distinct sources. 173.239.196.151 was first reported on November 5th 2022, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-23 12:47:54 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 173.239.196.151 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240000) triggered by 173.239.196.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 07:47:51.473849 2026] [security2:error] [pid 15310:tid 15310] [client 173.239.196.151:54625] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|peaksalesnw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "peaksalesnw.com"] [uri "/images/stories/themes.php"] [unique_id "aZxMd6_pyS74R0JIM6hLqAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-23 10:31:01 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-02-20 03:22:32 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-02-20 01:23:06 (3 months ago)	Multiple WAF Violations	Web App Attack
🇦🇺 nzhost.co.nz	2026-02-19 12:41:07 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇬🇧 consul.to	2026-02-18 18:40:31 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 kosada.com	2026-02-18 15:55:19 (3 months ago)	Web vulnerability probing: /blog/wp-includes/	Web App Attack
Anonymous	2026-02-16 11:44:51 (3 months ago)	"GET /wp-admin/images/bootstrap.php HTTP/1.1"	Hacking Web App Attack
🇷🇺 sms.ru	2026-02-16 05:08:07 (3 months ago)	/wp-admin/js/widgets/	Web App Attack
🇬🇧 consul.to	2026-02-16 04:47:57 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇦 URAN Publishing Service	2026-02-16 04:37:47 (3 months ago)	173.239.196.151 - - [16/Feb/2026:06:37:47 +0200] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" ... show more 173.239.196.151 - - [16/Feb/2026:06:37:47 +0200] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 173.239.196.151 - - [16/Feb/2026:06:37:47 +0200] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-16 04:01:23 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 173.239.196.151 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240000) triggered by 173.239.196.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 23:01:18.680441 2026] [security2:error] [pid 23956:tid 23956] [client 173.239.196.151:46501] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|marilynmonroebookstore.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "marilynmonroebookstore.com"] [uri "/images/stories/themes.php"] [unique_id "aZKWjlm8bJkpYzh-Hr4cBwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-16 01:44:32 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 173.239.196.151 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240000) triggered by 173.239.196.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 20:44:15.327592 2026] [security2:error] [pid 19372:tid 19372] [client 173.239.196.151:41351] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|gospectre.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "gospectre.com"] [uri "/images/stories/themes.php"] [unique_id "aZJ2b8ka6-8Ne69wu2MsNgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-02-15 23:38:38 (3 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇦🇺 nzhost.co.nz	2026-02-15 03:57:19 (3 months ago)	$f2bV_matches	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 213.142.156.145

🇨🇭 209.99.188.148

🇭🇳 181.115.7.203

🇩🇪 178.105.137.31

🇵🇰 144.48.130.161

🇺🇸 138.68.238.72

🇨🇳 114.245.243.154

🇺🇸 34.44.78.233

🇨🇭 209.99.188.240

🇩🇪 47.245.138.153

🇷🇺 45.91.64.7

🇳🇱 5.61.209.92

🇮🇩 222.124.177.148

🇨🇳 180.171.143.104

🇺🇸 172.234.143.8

🇨🇱 172.217.192.109

🇺🇸 138.113.23.170

🇺🇸 113.20.0.58

🇺🇸 104.28.213.40

🇹🇭 101.109.5.248