JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.198.149.226

143.198.149.226 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 74%: ?

74%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.198.149.226

Whois 143.198.149.226

IP Abuse Reports for 143.198.149.226:

This IP address has been reported a total of 126 times from 88 distinct sources. 143.198.149.226 was first reported on March 19th 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MeduzaCTI	2026-06-05 22:22:25 (2 weeks ago)	Indicator Report Indicator: 143.198.149.226 Reporter: HeatherM Description: Silver C2 Found Tags: S ... show more Indicator Report Indicator: 143.198.149.226 Reporter: HeatherM Description: Silver C2 Found Tags: SilverC2,C2 Source: MeduzaCTI Platform Reference: https://meduzacti.com show less	Hacking
🇮🇱 spd.co.il	2026-05-31 15:09:18 (3 weeks ago)	Web application attack detected	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-29 22:07:51 (3 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28. show less	Web App Attack SSH Hacking
Anonymous	2026-05-29 16:33:20 (3 weeks ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇩🇪 big-cloud.nl	2026-05-28 19:02:01 (3 weeks ago)	Try to access /.aws/config	Web App Attack
🇺🇸 antlac1	2026-05-27 20:09:15 (3 weeks ago)	crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-27 06:07:01 (3 weeks ago)	Fail2Ban - [WAF]ModSecurity OWASP CRS rule violation on nginx-modsecurity ... [wa01,wa02]	Hacking SQL Injection Web App Attack
🇩🇪 FeG Deutschland	2026-05-27 03:24:43 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇹🇷 baku.hosting	2026-05-27 02:33:30 (3 weeks ago)	CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 143.198.149.226 (US/United Sta ... show more CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 143.198.149.226 (US/United States/-): 5 in the last 3600 secs show less	Brute-Force Web App Attack
🇸🇬 ipidentify	2026-05-27 01:02:10 (3 weeks ago)	2026-05-27T01:02:10Z HEAD /.env 2026-05-27T01:02:10Z HEAD /config/.env 2026-05-27T01:02:10Z GET /con ... show more 2026-05-27T01:02:10Z HEAD /.env 2026-05-27T01:02:10Z HEAD /config/.env 2026-05-27T01:02:10Z GET /config/.env 2026-05-27T01:02:11Z GET /.env show less	Web App Attack
🇷🇺 DZBOT	2026-05-27 00:49:01 (3 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇫🇷 dynamix	2026-05-26 20:16:44 (3 weeks ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-05-26 18:03:28 (3 weeks ago)	Too many successive quick attempts with error status 301, 404, 405, 444, 403 or 400	Bad Web Bot
🇫🇷 masterguru	2026-05-26 09:41:44 (4 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
Anonymous	2026-05-26 04:15:35 (4 weeks ago)	143.198.149.226 - - [26/May/2026:04:15:34 +0000] "GET /.env HTTP/1.1" 403 468 "-" "Mozilla/5.0 (Linu ... show more 143.198.149.226 - - [26/May/2026:04:15:34 +0000] "GET /.env HTTP/1.1" 403 468 "-" "Mozilla/5.0 (Linux; Android 15; SM-X920) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/28.0 Chrome/137.0.0.0 Mobile Safari/537.36" ... show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 87.106.204.59

🇨🇱 176.52.133.47

🇺🇸 162.216.150.90

🇷🇺 158.160.209.126

🇩🇪 85.215.117.93

🇺🇸 65.49.20.103

🇩🇪 62.133.60.87

🇵🇭 222.127.171.12

🇲🇽 201.119.110.78

🇸🇻 190.86.75.61

🇲🇽 187.184.5.138

🇲🇴 182.93.7.194

🇸🇬 172.253.236.218

🇰🇿 150.228.221.159

🇮🇩 103.186.31.66

🇭🇰 103.30.40.129

🇺🇸 74.82.47.27

🇸🇬 43.172.196.118

🇳🇱 31.59.95.52

🇭🇰 20.255.152.91