JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.196.152

173.239.196.152 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 2%: ?

ISP	Avast Software
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	avast.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.196.152

Whois 173.239.196.152

IP Abuse Reports for 173.239.196.152:

This IP address has been reported a total of 74 times from 40 distinct sources. 173.239.196.152 was first reported on November 5th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-05-29 10:26:39 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443 show less	Open Proxy Port Scan
🇺🇸 mnsf	2026-02-23 16:05:36 (3 months ago)	Request Overload (103)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-23 07:06:58 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-02-23 05:09:29 (3 months ago)	[redacted] 173.239.196.152 - - [23/Feb/2026:06:09:23 +0100] "GET /admin/function.php HTTP/1.1" 404 2 ... show more [redacted] 173.239.196.152 - - [23/Feb/2026:06:09:23 +0100] "GET /admin/function.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" [redacted] 173.239.196.152 - - [23/Feb/2026:06:09:23 +0100] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" [redacted] 173.239.196.152 - - [23/Feb/2026:06:09:24 +0100] "GET /wp-includes/PHPMailer/admin.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" [redacted] 173.239.196.152 - - [23/Feb/2026:06:09:25 +0100] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" [redacted] 173.239.196.152 - - [23/Feb/2026:06 ... show less	Hacking Web App Attack
🇳🇱 ConsulHosting	2026-02-20 14:58:04 (3 months ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇬🇧 consul.to	2026-02-20 14:47:02 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 Origon	2026-02-20 08:51:39 (3 months ago)	http-backdoors-attempts - IP: 173.239.196.152 - time="2026-02-20T09:51:38+01:00" level=info msg="(5 ... show more http-backdoors-attempts - IP: 173.239.196.152 - time="2026-02-20T09:51:38+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-backdoors-attempts by ip 173.239.196.152 (NP/206092) : 4h ban on Ip 173.239.196.152" module=db show less	Web App Attack
🇫🇷 dynamix	2026-02-19 15:39:51 (3 months ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-02-19 13:23:22 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 zynex	2026-02-19 08:03:02 (3 months ago)	URL Probing: /zwso.php	Web App Attack
🇺🇦 URAN Publishing Service	2026-02-18 05:10:39 (3 months ago)	173.239.196.152 - - [18/Feb/2026:07:10:38 +0200] "GET /wp-content/hello.php HTTP/1.1" 404 278 "-" "M ... show more 173.239.196.152 - - [18/Feb/2026:07:10:38 +0200] "GET /wp-content/hello.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 173.239.196.152 - - [18/Feb/2026:07:10:39 +0200] "GET /wp-admin/maint/bootstrap.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" ... show less	Web App Attack
🇫🇷 dynamix	2026-02-18 05:04:57 (3 months ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-02-18 00:47:57 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-02-16 09:45:39 (3 months ago)	wordpress-trap	Web App Attack
🇺🇸 myagent.site	2026-02-10 22:03:55 (3 months ago)	Blocking for trying to access an exploit file: /files/index.php	Hacking

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.55

🇹🇼 198.235.24.106

🇨🇳 122.97.212.67

🇪🇸 45.148.197.172

🇬🇧 31.14.254.119

🇯🇵 210.139.18.51

🇨🇳 203.25.208.110

🇬🇧 193.176.29.21

🇧🇷 187.25.215.115

🇮🇳 182.18.161.165

🇧🇴 181.115.132.39

🇺🇸 162.216.149.157

🇨🇳 118.196.30.45

🇨🇳 112.86.225.49

🇷🇴 80.94.92.182

🇬🇧 31.14.254.101

🇷🇺 5.255.231.69

🇧🇷 2804:14d:2c92:8b1c:a823:6670:7049:e764

🇩🇪 217.181.90.66

🇪🇨 200.24.150.180