JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.237.138

173.239.237.138 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 4%: ?

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64286
Domain Name	logicweb.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.237.138

Whois 173.239.237.138

IP Abuse Reports for 173.239.237.138:

This IP address has been reported a total of 9 times from 2 distinct sources. 173.239.237.138 was first reported on May 28th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:45:33 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:45:25.922497 2026] [security2:error] [pid 12707:tid 12723] [client 173.239.237.138:54899] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".com.key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/kettlehill.com.key"] [unique_id "ahzyRfr1zQOtbkd9viU0qQAAAAw"], referer: http://kettlehill.com/kettlehill.com.key show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:34:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:33:02.558809 2026] [security2:error] [pid 16722:tid 16891] [client 173.239.237.138:47131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.net"] [uri "/.htpasswd"] [unique_id "aX857syMbG6v0xSDvGJd2QAAAsU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:46:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:46:19.629529 2025] [security2:error] [pid 11169:tid 11169] [client 173.239.237.138:49883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/.env.stage"] [unique_id "aS96S9JJ2O6r2OD4otU3WAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 19:42:26 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 15:42:12.760511 2025] [security2:error] [pid 27482:tid 27482] [client 173.239.237.138:35327] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/login.php.bak"] [unique_id "aQEclL_3o-wckuAFXUYNkQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-26 07:30:58 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 26 03:30:54.178293 2025] [security2:error] [pid 22744:tid 22744] [client 173.239.237.138:35523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.deandobkin.com"] [uri "/.env.deandobkin"] [unique_id "aNZBLkXPX8E5j2GaX_mBuwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-01 06:06:14 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 02:06:05.226246 2025] [security2:error] [pid 32047:tid 32110] [client 173.239.237.138:53559] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.net\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.net"] [uri "/db_config.php.bak"] [unique_id "aGN6zQF1tdoO2im1K3ViPgAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-01 15:30:07 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 23:27:14 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 19:27:06.791358 2025] [security2:error] [pid 808102:tid 808102] [client 173.239.237.138:40133] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/php_errors.log"] [unique_id "aDo-yjCMOzoKwqEpNp5wfQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-28 20:10:16 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 173.239.237.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 16:10:10.211841 2025] [security2:error] [pid 1836241:tid 1836241] [client 173.239.237.138:50619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/web.config"] [unique_id "aDdtogV0C49-pZkkBAG4VgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.148.224.183

🇺🇸 103.144.247.4

🇹🇿 41.59.142.43

🇺🇸 216.180.246.42

🇩🇪 213.209.159.56

🇺🇸 192.159.99.66

🇨🇳 180.76.236.214

🇺🇸 165.154.255.26

🇸🇪 158.174.211.17

🇺🇸 147.185.132.189

🇺🇸 66.132.172.132

🇯🇵 203.25.124.189

🇦🇷 201.176.224.244

🇮🇩 180.243.252.129

🇸🇪 171.25.158.47

🇸🇬 148.66.142.9

🇨🇳 123.245.241.208

🇺🇸 66.132.195.113

🇨🇳 60.174.0.225

🇮🇪 20.223.204.92