JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.249.12.38

173.249.12.38 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2913421.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.249.12.38

Whois 173.249.12.38

IP Abuse Reports for 173.249.12.38:

This IP address has been reported a total of 49 times from 36 distinct sources. 173.249.12.38 was first reported on January 23rd 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-11 04:17:44 (6 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-11 00:52:32 (1 week ago)	Malware host detected by rbl.malware.expert. RBL lookup of 38.12.249.173.rbl.malware.expert succeede ... show more Malware host detected by rbl.malware.expert. RBL lookup of 38.12.249.173.rbl.malware.expert succeeded at REMOTE_ADDR. (400010-mnz6-1) show less	Hacking
Anonymous	2026-06-11 00:39:18 (1 week ago)	WordPress brute force wp-login.php	Brute-Force Web App Attack
🇩🇪 london2038.com	2026-06-11 00:31:59 (1 week ago)	Probing for exploits 173.249.12.38 - - [11/Jun/2026:02:31:51 +0200] "GET /wp-login.php HTTP/2.0" 301 ... show more Probing for exploits 173.249.12.38 - - [11/Jun/2026:02:31:51 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 173.249.12.38 - - [11/Jun/2026:02:31:55 +0200] "POST /wp-login.php HTTP/2.0" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" show less	Hacking Web App Attack
🇺🇸 TAY	2026-06-10 23:44:12 (1 week ago)	173.249.12.38 - - [11/Jun/2026:07:38:14 +0800] "POST /wp-login.php HTTP/1.1" 200 2974 "https://mail. ... show more 173.249.12.38 - - [11/Jun/2026:07:38:14 +0800] "POST /wp-login.php HTTP/1.1" 200 2974 "https://mail.autism-cvc.org/wp-login.php" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 173.249.12.38 - - [11/Jun/2026:07:42:37 +0800] "POST /wp-login.php HTTP/1.1" 200 2973 "https://mail.autism-cvc.org/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 173.249.12.38 - - [11/Jun/2026:07:44:12 +0800] "POST /wp-login.php HTTP/1.1" 200 2980 "https://mail.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" ... show less	Brute-Force
🇨🇿 huginet	2026-06-10 22:55:26 (1 week ago)	173.249.12.38 - - [11/Jun/2026:00:55:24 +0200] "GET /wp-login.php HTTP/1.1" 200 9112 "-" "Mozilla/5. ... show more 173.249.12.38 - - [11/Jun/2026:00:55:24 +0200] "GET /wp-login.php HTTP/1.1" 200 9112 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 173.249.12.38 - - [11/Jun/2026:00:55:26 +0200] "POST /wp-login.php HTTP/1.1" 200 9549 "https://centrum-eko-likvidace.org/wp-login.php" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇫🇷 Yepngo	2026-06-10 22:09:07 (1 week ago)	173.249.12.38 - - [10/Jun/2026:23:14:12 +0200] "POST /wp-login.php HTTP/2.0" 200 12100 "https://dev. ... show more 173.249.12.38 - - [10/Jun/2026:23:14:12 +0200] "POST /wp-login.php HTTP/2.0" 200 12100 "https://dev.yepngo.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 173.249.12.38 - - [11/Jun/2026:00:09:07 +0200] "POST /wp-login.php HTTP/2.0" 200 12093 "https://yepngo.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇫🇷 tecnicorioja	2026-06-10 22:01:35 (1 week ago)	wp-login attack [10/Jun/2026:16:45:45	Brute-Force Web App Attack
Anonymous	2026-06-10 21:30:27 (1 week ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇺🇸 xmission.com	2026-06-10 20:51:58 (1 week ago)	173.249.12.38 - - [10/Jun/2026:12:11:01 -0600] "POST /wp-login.php HTTP/2.0" 200 2304 "https://dooce ... show more 173.249.12.38 - - [10/Jun/2026:12:11:01 -0600] "POST /wp-login.php HTTP/2.0" 200 2304 "https://dooce.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 173.249.12.38 - - [10/Jun/2026:12:12:16 -0600] "POST /wp-login.php HTTP/2.0" 200 2308 "https://dooce.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 173.249.12.38 - - [10/Jun/2026:14:51:58 -0600] "POST /wp-login.php HTTP/2.0" 200 2300 "https://dooce.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 mnsf	2026-06-10 20:06:05 (1 week ago)	Login Too Frequent (6)	Brute-Force Web App Attack
🇺🇸 TAY	2026-06-10 18:45:17 (1 week ago)	173.249.12.38 - - [11/Jun/2026:02:39:24 +0800] "POST /wp-login.php HTTP/1.1" 200 2453 "https://liqui ... show more 173.249.12.38 - - [11/Jun/2026:02:39:24 +0800] "POST /wp-login.php HTTP/1.1" 200 2453 "https://liquidssmith.com/wp-login.php" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 173.249.12.38 - - [11/Jun/2026:02:41:07 +0800] "POST /wp-login.php HTTP/1.1" 200 2977 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 173.249.12.38 - - [11/Jun/2026:02:45:16 +0800] "POST /wp-login.php HTTP/1.1" 200 2979 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force
Anonymous	2026-06-10 17:00:19 (1 week ago)	Bot / scanning and/or hacking attempts: GET /wp-login.php HTTP/2.0	Hacking Web App Attack
🇦🇺 QT	2026-06-10 16:50:01 (1 week ago)	Unauthorised WordPress admin login attempted at 2026-06-11 02:49:55 +1000	Web App Attack
🇩🇪 4server	2026-06-10 16:08:19 (1 week ago)	[WedJun1018:08:14.1867682026][security2:error][pid608473:tid608577][client173.249.12.38:0]ModSecurit ... show more [WedJun1018:08:14.1867682026][security2:error][pid608473:tid608577][client173.249.12.38:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ksmstudio.ch\"][uri\"/wp-login.php\"][unique_id\"aimL7r9dyJGNXrefMHWBEAAAAQA\"]\,referer:https://ksmstudio.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.226.25

🇮🇩 125.163.206.198

🇮🇩 103.168.135.187

🇺🇸 65.49.1.158

🇺🇸 44.244.228.139

🇬🇧 35.203.210.120

🇹🇷 185.113.223.123

🇯🇵 172.253.80.219

🇹🇼 128.14.229.76

🇮🇩 119.47.90.19

🇷🇴 92.118.39.62

🇺🇸 72.14.148.31

🇦🇺 60.225.208.142

🇨🇳 58.23.69.251

🇬🇧 35.203.210.226

🇧🇷 20.197.232.12

🇯🇵 8.216.9.252

🇵🇦 190.141.120.176

🇷🇺 188.17.148.221

🇳🇱 172.253.7.216