JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.196.23

173.239.196.23 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 0%: ?

ISP	Avast Software
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	avast.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.196.23

Whois 173.239.196.23

IP Abuse Reports for 173.239.196.23:

This IP address has been reported a total of 54 times from 30 distinct sources. 173.239.196.23 was first reported on September 18th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇻🇳 T4k3d0wnprocess_webprotect	2026-05-20 22:41:14 (1 month ago)	[WAF] PROXY \| proxy_vpn \| ISP:F.N.S. HOLDINGS LIMITED Org:LogicWeb Inc \| ISP: F.N.S. HOLDINGS LIMITE ... show more [WAF] PROXY \| proxy_vpn \| ISP:F.N.S. HOLDINGS LIMITED Org:LogicWeb Inc \| ISP: F.N.S. HOLDINGS LIMITED \| Bhutan show less	Open Proxy
🇦🇺 afleventoffice.com.au	2026-03-06 10:47:11 (3 months ago)	GET /xmlrpc.php HTTP/1.1	Web App Attack
Anonymous	2026-03-03 05:13:57 (3 months ago)	173.239.196.23 - - [03/Mar/2026:06:13:44 +0100] "GET /modules/mod_simplefileuploadv1.3/elements/udd. ... show more 173.239.196.23 - - [03/Mar/2026:06:13:44 +0100] "GET /modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-03 03:38:49 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 173.239.196.23 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240000) triggered by 173.239.196.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 22:38:44.573270 2026] [security2:error] [pid 26481:tid 26481] [client 173.239.196.23:22593] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|misogynyis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "misogynyis.com"] [uri "/images/stories/themes.php"] [unique_id "aaZXxKYDOkPtkd-m_3TWNAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-03 00:39:40 (3 months ago)	Aggressive web scan	Web App Attack
🇬🇧 consul.to	2026-02-23 11:18:26 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-02-23 04:30:24 (4 months ago)	[redacted] 173.239.196.23 - - [23/Feb/2026:05:30:15 +0100] "GET /wp-admin/css/colors/blue/rk2.php HT ... show more [redacted] 173.239.196.23 - - [23/Feb/2026:05:30:15 +0100] "GET /wp-admin/css/colors/blue/rk2.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" [redacted] 173.239.196.23 - - [23/Feb/2026:05:30:16 +0100] "GET /wp-admin/css/colors/light/profile.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" [redacted] 173.239.196.23 - - [23/Feb/2026:05:30:17 +0100] "GET /wp-admin/user/wp-login.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" [redacted] 173.239.196.23 - - [23/Feb/2026:05:30:18 +0100] "GET /wp-content/uploads/admin.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" [redacted] 173.239.196.23 - - [23/Feb/2026:05:30:18 +0100] "GET /css/admin ... show less	Hacking Web App Attack
🇳🇱 Mangelot Hosting	2026-02-21 17:18:43 (4 months ago)	(upload_shell) srv103 Shell upload 173.239.196.23 (BD/Bangladesh/-): 1 in the last 3600 secs; Ports: ... show more (upload_shell) srv103 Shell upload 173.239.196.23 (BD/Bangladesh/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 consul.to	2026-02-18 16:45:10 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-02-17 18:05:59 (4 months ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: SG, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: SG, Attack patterns: WordPress scanning, Webshell probing show less	Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-02-17 13:44:14 (4 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
Anonymous	2026-02-16 13:14:08 (4 months ago)	wordpress-trap	Web App Attack
🇩🇪 MusicLibrary	2026-02-16 13:14:06 (4 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇳🇿 Antinson	2026-02-10 03:33:00 (4 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 myagent.site	2026-02-09 22:48:36 (4 months ago)	Blocking for trying to access an exploit file: /files/index.php	Hacking

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.64

🇯🇲 66.9.166.22

🇳🇱 45.148.10.141

🇩🇿 41.98.74.150

🇺🇸 20.168.125.90

🇲🇽 200.92.172.166

🇬🇧 195.140.214.28

🇩🇪 194.187.176.135

🇸🇻 190.87.168.35

🇧🇷 186.235.247.117

🇧🇷 186.225.227.68

🇨🇴 186.113.84.127

🇦🇷 181.209.86.146

🇦🇷 181.46.160.11

🇸🇬 159.65.8.117

🇳🇱 138.124.30.187

🇳🇱 45.148.10.152

🇩🇪 43.228.157.9

🇨🇳 223.86.148.242

🇸🇾 217.20.209.30