JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.240.21

173.239.240.21 was found in our database!

This IP was reported 312 times. Confidence of Abuse is 57%: ?

57%

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396356
Domain Name	logicweb.com
Country	🇺🇸 United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.240.21

Whois 173.239.240.21

IP Abuse Reports for 173.239.240.21:

This IP address has been reported a total of 312 times from 93 distinct sources. 173.239.240.21 was first reported on February 3rd 2023, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-10 07:32:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 10 02:32:18.592761 2026] [security2:error] [pid 14451:tid 14451] [client 173.239.240.21:63723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.59"] [uri "/conf/.env"] [unique_id "aWIAgiWgigJO5otsRi6VMwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-10 04:05:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 23:05:26.343941 2026] [security2:error] [pid 9175:tid 9175] [client 173.239.240.21:28165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.248"] [uri "/sites/all/libraries/mailchimp/.env"] [unique_id "aWHQBnv9c3ZUpfaZnHjQJAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-10 02:35:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 21:35:42.353672 2026] [security2:error] [pid 26624:tid 26624] [client 173.239.240.21:58625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.118"] [uri "/conf/.env"] [unique_id "aWG6_rEFq-LWdCpq-9VpYwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-09 21:57:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 16:57:23.187294 2026] [security2:error] [pid 12654:tid 12654] [client 173.239.240.21:52601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.46"] [uri "/blog/.env"] [unique_id "aWF5w1I03_5lbC3k_6jfvQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-09 18:10:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 13:10:09.403277 2026] [security2:error] [pid 24434:tid 24434] [client 173.239.240.21:45249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.161"] [uri "/.env"] [unique_id "aWFEgUOTfMdIRbf1o5ikTAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-09 15:28:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 10:28:20.736768 2026] [security2:error] [pid 17249:tid 17249] [client 173.239.240.21:20419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.55"] [uri "/conf/.env"] [unique_id "aWEelOA0f8IhUCEt3At1owAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-01-09 09:37:55 (4 months ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-01-09 09:04:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 04:03:46.567947 2026] [security2:error] [pid 30422:tid 30422] [client 173.239.240.21:36863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.9"] [uri "/base/.env"] [unique_id "aWDEcgHUbhiN9QlzJN7CcgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-09 08:09:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.240.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 03:09:26.753168 2026] [security2:error] [pid 32094:tid 32094] [client 173.239.240.21:52587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.219"] [uri "/conf/.env"] [unique_id "aWC3ttZF6pa0BXWbQCmFUQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-09 05:24:15 (4 months ago)	Probing to gain illegal access	Web App Attack
🇧🇪 cmbplf	2025-12-30 03:24:34 (5 months ago)	2.000 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇨🇿 lp	2025-12-29 20:51:06 (5 months ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 173.239.240.21 2025-12-29T20:23:25+01 ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 173.239.240.21 2025-12-29T20:23:25+01:00 vpn Access-Reject 'ERIMESCU' station: 173.239.240.21 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-12-29T20:38:43+01:00 vpn Access-Reject 'ERIMIA' station: 173.239.240.21 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-12-29 02:51:29 (5 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 173.239.240.21 2025-12-29T03:03:48+01 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 173.239.240.21 2025-12-29T03:03:48+01:00 vpn Access-Reject 'ERDOGAN' station: 173.239.240.21 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-12-28 07:25:29 (5 months ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 173.239.240.21 2025-12-28T07:06:56+01 ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 173.239.240.21 2025-12-28T07:06:56+01:00 vpn Access-Reject 'EPIFANIE' station: 173.239.240.21 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-12-28T07:56:06+01:00 vpn Access-Reject 'EPISTIMIA' station: 173.239.240.21 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
Anonymous	2025-12-27 23:45:55 (5 months ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.12.27 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.12.27 is noted in report timestamp show less	Hacking Brute-Force

Showing 106 to 120 of 312 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.142.24.17

🇺🇸 50.116.72.139

🇳🇱 45.148.10.157

🇻🇳 27.79.4.89

🇰🇷 222.119.187.182

🇬🇹 190.148.112.242

🇧🇷 187.34.229.25

🇬🇧 185.116.173.34

🇩🇪 178.128.207.138

🇩🇪 167.94.146.77

🇵🇰 160.30.142.209

🇺🇸 136.144.33.108

🇮🇳 122.166.223.194

🇨🇳 120.48.50.133

🇮🇳 111.92.89.89

🇨🇳 106.52.234.132

🇲🇦 105.158.100.18

🇭🇰 103.231.14.54

🇨🇳 101.76.248.214

🇷🇴 92.118.39.234