JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.249.28

173.239.249.28 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	logicweb.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.249.28

Whois 173.239.249.28

IP Abuse Reports for 173.239.249.28:

This IP address has been reported a total of 20 times from 19 distinct sources. 173.239.249.28 was first reported on December 8th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-03-05 09:32:21 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇷🇺 Agrohim	2026-01-28 20:16:23 (4 months ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇹🇼 090410-1830	2025-11-29 11:44:08 (6 months ago)	Honeypot hit: Unauthorized traffic (68 bytes of payload); 9010 [1] TCP	Port Scan
🇺🇸 xmission.com	2025-11-29 02:08:53 (6 months ago)	Blocked by UFW (TCP on 54508) Source port: 49350 TTL: 53 Packet length: 60 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 54508) Source port: 49350 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 173.239.249.28) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 webnestify	2025-09-02 06:56:30 (9 months ago)	[Webnestify Honeypot - UK] Unauthorized connection attempt on port 2022.	Port Scan Hacking Brute-Force
🇯🇵 doll.gl	2025-03-10 08:24:06 (1 year ago)	This IP was detected by CrowdSec triggering crowdsecurity/CVE-2017-9841	Web App Attack
🇺🇸 mind5t0rm	2025-03-09 23:47:14 (1 year ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 173.239.249.28 (US/United States/-): 3 in the last 3600 ... show more (WPLOGIN,XMLRPC) Login failure/trigger from 173.239.249.28 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 173.239.249.28 - - [10/Mar/2025:06:46:03 +0700] "GET /wp-login.php HTTP/1.1" 500 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 173.239.249.28 - - [10/Mar/2025:06:46:04 +0700] "GET /xmlrpc.php HTTP/1.1" 500 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 173.239.249.28 - - [10/Mar/2025:06:47:10 +0700] "GET /xmlrpc.php?rsd HTTP/1.1" 500 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" show less	Port Scan
🇫🇷 dynamix	2025-03-09 22:09:54 (1 year ago)	Multiple WAF Violations	Web App Attack
🇧🇷 hostseries	2025-03-09 20:17:40 (1 year ago)	Trigger: LF_MODSEC	Brute-Force
🇺🇸 Major Hostility	2025-03-09 18:53:27 (1 year ago)	"GET /1.php HTTP/1.1" 404 "GET /test.php HTTP/1.1" 404 "GET /baxa1.php HTTP/1.1" 404 "GET /update/up ... show more "GET /1.php HTTP/1.1" 404 "GET /test.php HTTP/1.1" 404 "GET /baxa1.php HTTP/1.1" 404 "GET /update/upload.php HTTP/1.1" 404 "GET /dropdown.php HTTP/1.1" 404 "GET /cgi-bin/about.php HTTP/1.1" 404 "GET /admin.php HTTP/1.1" 404 "GET /options.php HTTP/1.1" 404 "GET /classwithtostring.php HTTP/1.1" 404 "GET /autoload_classmap.php HTTP/1.1" 404 "GET /sxo.php HTTP/1.1" 404 "GET /radio.php HTTP/1.1" 404 "GET /install.php HTTP/1.1" 404 "GET /simple.php HTTP/1.1" 404 show less	Web App Attack
🇺🇸 TPI-Abuse	2025-03-05 00:39:17 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 173.239.249.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.249.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 04 19:39:09.746653 2025] [security2:error] [pid 4288:tid 4288] [client 173.239.249.28:59044] [client 173.239.249.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hickorygrovecottages.com"] [uri "/css/wp-config.php"] [unique_id "Z8edLe9NurJvwFOx5yBmzQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-03 18:52:10 (1 year ago)	Excessive connections to http/https ports	DDoS Attack
Anonymous	2025-02-18 09:04:06 (1 year ago)	Fail2Ban apache-noscript	Bad Web Bot
Anonymous	2025-02-18 07:18:25 (1 year ago)	Probing for Open Source CMS Components	Hacking Brute-Force
🇬🇧 openstrike.co.uk	2025-02-18 06:12:35 (1 year ago)	2743 attacks on PHP URLs: GET /maRR.php/Clouds25$$/ HTTP/1.1	Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 193.34.172.214

🇸🇾 185.204.83.210

🇮🇩 103.31.39.143

🇦🇷 45.227.130.14

🇩🇴 190.167.237.191

🇮🇳 103.248.173.11

🇭🇰 103.215.80.68

🇺🇸 98.90.43.197

🇺🇸 96.239.107.4

🇳🇱 93.123.72.183

🇫🇷 62.171.180.91

🇺🇸 47.200.111.206

🇧🇷 45.175.218.186

🇳🇱 45.148.10.152

🇺🇸 40.160.69.241

🇺🇸 166.62.41.190

🇨🇳 122.224.205.42

🇮🇳 103.178.77.68

🇦🇴 102.213.34.99

🇧🇬 5.188.206.34