JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.249.59

173.239.249.59 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 3%: ?

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	logicweb.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.249.59

Whois 173.239.249.59

IP Abuse Reports for 173.239.249.59:

This IP address has been reported a total of 10 times from 7 distinct sources. 173.239.249.59 was first reported on February 18th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 vaia.cloud	2026-06-18 20:47:03 (2 days ago)	trying wp-login.php/xmlrpc.php 77 times in 1 minutes	Brute-Force Web App Attack
🇺🇸 xmission.com	2025-09-30 06:43:24 (8 months ago)	Blocked by UFW (TCP on 49560) Source port: 53671 TTL: 112 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 49560) Source port: 53671 TTL: 112 Packet length: 52 TOS: 0x08 This report (for 173.239.249.59) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇱 router.al	2025-09-26 14:38:10 (8 months ago)	09/26/2025-14:38:10.568696 173.239.249.59 Protocol: 6 SURICATA SSH invalid banner	Hacking
🇦🇱 router.al	2025-06-19 08:27:02 (1 year ago)	06/19/2025-08:27:02.265544 173.239.249.59 Protocol: 6 SURICATA HTTP Request line incomplete	Hacking
🇳🇱 rshict	2025-03-17 08:16:03 (1 year ago)	Hacking, Brute-Force, Web App Attack	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-02-28 10:14:36 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 173.239.249.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.249.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 05:14:30.511813 2025] [security2:error] [pid 1397254:tid 1397254] [client 173.239.249.59:49987] [client 173.239.249.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goodpage.com"] [uri "/css/wp-config.php"] [unique_id "Z8GMhlINb4qWOCbIPSoQHQAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-20 16:32:51 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 173.239.249.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.249.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 20 11:32:46.657870 2025] [security2:error] [pid 22384:tid 22384] [client 173.239.249.59:51894] [client 173.239.249.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vtwins.us"] [uri "/css/wp-config.php"] [unique_id "Z7dZLkFx56DuYvmMSvJBqgAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-19 05:46:43 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 173.239.249.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.239.249.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 19 00:46:38.588500 2025] [security2:error] [pid 8658:tid 8658] [client 173.239.249.59:61994] [client 173.239.249.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blacktieokc.com"] [uri "/css/wp-config.php"] [unique_id "Z7VwPkSFXu8L5YrdTr1d-AAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Gwyneth Llewelyn	2025-02-18 19:08:52 (1 year ago)	173.239.249.59 - - [18/Feb/2025:19:08:50 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 4221 "-" "Mozi ... show more 173.239.249.59 - - [18/Feb/2025:19:08:50 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 4221 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" show less	Bad Web Bot
Anonymous	2025-02-18 17:02:30 (1 year ago)		Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 204.116.235.44

🇦🇺 203.185.198.246

🇺🇸 172.253.85.213

🇵🇱 95.214.53.157

🇫🇷 91.231.89.52

🇨🇳 43.226.38.71

🇸🇬 34.87.113.8

🇺🇸 2604:a880:400:d1:0:4:9e90:6001

🇩🇪 212.30.36.175

🇺🇸 194.54.144.75

🇨🇳 183.252.52.227

🇺🇸 172.202.118.31

🇳🇱 152.42.149.132

🇨🇳 111.26.62.37

🇺🇸 100.27.49.135

🇷🇴 92.118.39.204

🇳🇱 91.92.40.45

🇺🇸 54.144.242.220

🇱🇹 45.227.254.170

🇻🇳 27.79.43.110