JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.196.161

173.239.196.161 was found in our database!

This IP was reported 188 times. Confidence of Abuse is 0%: ?

ISP	Avast Software
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	avast.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.196.161

Whois 173.239.196.161

IP Abuse Reports for 173.239.196.161:

This IP address has been reported a total of 188 times from 77 distinct sources. 173.239.196.161 was first reported on January 15th 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-03-04 23:42:45 (3 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2026-03-04 20:11:53 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇬🇧 consul.to	2026-03-04 01:28:29 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 SpaceHost-Server	2026-03-03 23:41:08 (3 months ago)		Brute-Force Web App Attack
🇩🇪 macrob	2026-03-03 06:24:43 (3 months ago)	2026/03/03 06:24:38 [error] 2747464#2747464: 48912346 access forbidden by rule, client: 173.239.196 ... show more 2026/03/03 06:24:38 [error] 2747464#2747464: 48912346 access forbidden by rule, client: 173.239.196.161, server: bin-spin.com, request: "GET /admin.php HTTP/1.1", host: "bin-spin.com" 2026/03/03 06:24:39 [error] 2747464#2747464: 48912380 access forbidden by rule, client: 173.239.196.161, server: bin-spin.com, request: "GET /.wp/wso.php HTTP/1.1", host: "bin-spin.com" 2026/03/03 06:24:41 [error] 2747464#2747464: 48912345 access forbidden by rule, client: 173.239.196.161, server: bin-spin.com, request: "GET /wp-content/hello.php HTTP/1.1", host: "bin-spin.com" ... show less	Web App Attack
🇺🇸 myagent.site	2026-03-03 05:16:32 (3 months ago)	Blocking for trying to access an exploit file: /manager.php	Hacking
🇲🇾 Rizzy	2026-03-03 05:10:22 (3 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-03-02 21:50:46 (3 months ago)	173.239.196.161 - - [02/Mar/2026:22:48:00 +0100] "GET /manager.php HTTP/1.1" 404 480 "-" "Mozilla/5. ... show more 173.239.196.161 - - [02/Mar/2026:22:48:00 +0100] "GET /manager.php HTTP/1.1" 404 480 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 173.239.196.161 - - [02/Mar/2026:22:48:00 +0100] "GET /bless.php HTTP/1.1" 404 480 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 173.239.196.161 - - [02/Mar/2026:22:48:00 +0100] "GET /O-Simple.php HTTP/1.1" 404 480 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 173.239.196.161 - - [02/Mar/2026:22:48:01 +0100] "GET /lock360.php HTTP/1.1" 404 480 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 173.239.196.161 - - [02/Mar/2026:22:48:01 +0100] "GET /zwso.php HTTP/1.1" 404 480 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 S ... show less	DDoS Attack
🇳🇿 Antinson	2026-03-02 19:01:41 (3 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇳🇿 Antinson	2026-03-02 16:05:31 (3 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-03-02 13:15:22 (3 months ago)	173.239.196.161 - - [02/Mar/2026:15:15:21 +0200] "GET /wp-content/edit-wolf.php HTTP/1.1" 404 277 "- ... show more 173.239.196.161 - - [02/Mar/2026:15:15:21 +0200] "GET /wp-content/edit-wolf.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 173.239.196.161 - - [02/Mar/2026:15:15:21 +0200] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇩🇪 updown.io	2026-03-02 12:44:24 (3 months ago)	{"level":"info","ts":1772455318.2854233,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1772455318.2854233,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"173.239.196.161","remote_port":"60465","client_ip":"173.239.196.161","proto":"HTTP/1.1","method":"GET","host":"status.gbf.wiki","uri":"/bless.php","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36"],"Insecure-Flag":["1"]}},"bytes_read":0,"user_id":"","duration":0.000044636,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.gbf.wiki/bless.php"],"Content-Type":[]}} {"level":"info","ts":1772455319.5634422,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"173.239.196.161","remote_port":"20433","client_ip":"173.239.196.161","proto":"HTTP/1.1","method":"GET","host":"status.gbf.wiki","uri":"/zwso.php","headers":{"User-Agent":["Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0"],"Insecur ... show less	DDoS Attack Web App Attack
🇩🇪 updown.io	2026-03-01 00:13:12 (3 months ago)	{"level":"info","ts":1772323497.5654411,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1772323497.5654411,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"173.239.196.161","remote_port":"46729","client_ip":"173.239.196.161","proto":"HTTP/1.1","method":"GET","host":"status.jsfiddle.net","uri":"/.well-known/login.php","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0"],"Insecure-Flag":["1"]}},"bytes_read":0,"user_id":"","duration":0.000038985,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.jsfiddle.net/.well-known/login.php"],"Content-Type":[]}} {"level":"info","ts":1772323497.940471,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"173.239.196.161","remote_port":"61907","client_ip":"173.239.196.161","proto":"HTTP/1.1","method":"GET","host":"status.jsfiddle.net","uri":"/mah.php","headers":{"User-Agent":["Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0"],"Insecure- ... show less	DDoS Attack Web App Attack
🇳🇿 Antinson	2026-02-28 07:40:35 (3 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇧🇪 cmbplf	2026-02-28 04:01:24 (3 months ago)	3.090 requests from abuseipdb.com blacklisted IP (1mo1w13h)	Brute-Force Bad Web Bot

Showing 1 to 15 of 188 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 209.38.99.178

🇨🇳 117.72.173.7

🇸🇬 103.187.147.214

🇺🇸 74.249.128.83

🇺🇸 64.23.215.216

🇳🇱 45.148.10.151

🇮🇳 2401:4900:c31a:af4f:bd09:7969:ae3:79f8

🇺🇸 216.152.252.150

🇺🇸 208.87.243.251

🇬🇧 193.163.125.179

🇧🇩 182.48.80.240

🇺🇸 172.217.46.150

🇨🇦 148.113.128.95

🇨🇦 142.44.225.122

🇰🇷 121.176.99.203

🇨🇬 102.141.47.141

🇺🇸 66.132.172.105

🇺🇸 45.61.185.32

🇺🇸 2602:fb54:1400::1ab

🇨🇳 192.144.218.190