JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.98.85.252

141.98.85.252 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Baykov Ilya Sergeevich
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41745
Hostname(s)	hip.fi-1.ibcs
Domain Name	hip-hosting.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.98.85.252

Whois 141.98.85.252

IP Abuse Reports for 141.98.85.252:

This IP address has been reported a total of 11 times from 8 distinct sources. 141.98.85.252 was first reported on December 12th 2022, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-21 08:07:05 (8 months ago)	(mod_security) mod_security (id:210831) triggered by 141.98.85.252 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 141.98.85.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 21 04:06:56.292345 2025] [security2:error] [pid 3279:tid 3279] [client 141.98.85.252:50635] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/"] [unique_id "aM-yIJ0tV_fmfL10IGM2dQAAABw"], referer: https://www.toto-joy.com/major-site/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-21 13:03:27 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-02-25 12:18:07 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-12-19 04:11:29 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
Anonymous	2024-06-20 08:55:27 (1 year ago)	Web Attack Palo Alto Networks GlobalProtect Authentication Attempt	Web App Attack
Anonymous	2024-06-19 07:55:05 (1 year ago)	Web Attack Palo Alto Networks GlobalProtect Authentication Attempt	Web App Attack
🇨🇦 wil.com	2024-06-16 04:03:04 (1 year ago)	GlobalProtect login attempts with user mmiller.	VPN IP Brute-Force
🇬🇧 essinghigh	2024-04-22 21:43:11 (2 years ago)	1713822190 # Service_probe # SIGNATURE_SEND # source_ip:141.98.85.252 # dst_port:5607 ...	Port Scan
🇬🇧 essinghigh	2024-04-22 06:12:00 (2 years ago)	1713766318 # Service_probe # SIGNATURE_SEND # source_ip:141.98.85.252 # dst_port:8239 ...	Port Scan
🇩🇪 niceshops.com	2023-07-14 00:00:02 (2 years ago)	Web Attack multi (Jul 23 23:36:30 Matching rules: Detect possible SQL injection - E.g. Sleep(5) )	SQL Injection Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ray Gläske	2022-12-12 23:38:25 (3 years ago)	DDoS Attack on versus.com	DDoS Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.13.86.226

🇨🇳 180.165.30.128

🇵🇰 175.107.32.186

🇺🇸 174.138.44.248

🇺🇸 162.216.149.48

🇻🇳 116.102.242.187

🇮🇳 115.96.149.89

🇮🇹 94.176.212.172

🇷🇴 86.126.141.88

🇺🇸 64.227.110.161

🇺🇸 64.62.197.120

🇰🇷 222.110.147.58

🇬🇧 195.96.139.134

🇺🇸 165.154.172.115

🇨🇳 115.195.241.235

🇨🇳 115.191.40.50

🇨🇳 112.43.32.73

🇹🇼 111.70.23.245

🇨🇳 111.26.6.111

🇸🇪 74.241.134.117