JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.198.63.52

143.198.63.52 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.198.63.52

Whois 143.198.63.52

IP Abuse Reports for 143.198.63.52:

This IP address has been reported a total of 15 times from 13 distinct sources. 143.198.63.52 was first reported on December 31st 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-24 02:24:39 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 143.198.63.52 (US/United States/-): 2 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 143.198.63.52 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇨🇦 Slackin' Jack	2026-04-05 19:24:02 (2 months ago)	Triggered honeypot on port 8888. (143.198.63.52)	Port Scan
🇺🇸 RAP	2026-04-05 18:52:29 (2 months ago)	2026-04-05 18:52:29 UTC Unauthorized activity to TCP port 3306.	Port Scan
🇫🇷 masterguru	2026-04-05 12:07:43 (2 months ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 143.198.63.52 (US/United States/-): 2 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 143.198.63.52 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇳🇿 Antinson	2026-04-05 10:11:57 (2 months ago)	High error rate and elevated request volume targeting cPanel servers	Bad Web Bot
🇺🇸 MPL	2026-04-02 07:24:33 (2 months ago)	tcp/8084 (2 or more attempts)	Port Scan
🇺🇸 sumnone	2026-04-02 07:07:23 (2 months ago)	Port probing on unauthorized port 8088	Port Scan Hacking Exploited Host
🇩🇪 centurion	2026-04-02 06:56:17 (2 months ago)	Blocked by UFW on ns02 [1133/tcp] Source port: 61006 TTL: 245 Packet length: 44 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [1133/tcp] Source port: 61006 TTL: 245 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-03-29 03:20:11 (2 months ago)	Drop from IP address 143.198.63.52 to tcp-port 8087	Port Scan
🇳🇱 EGP Abuse Dept	2026-03-29 03:17:14 (2 months ago)	Unauthorized connection to RDP port 3389	Port Scan Hacking
Anonymous	2026-03-29 02:54:21 (2 months ago)	2026-03-29T03:54:20.612705+01:00 vps kernel: [36493088.141681] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-03-29T03:54:20.612705+01:00 vps kernel: [36493088.141681] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=143.198.63.52 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=35228 PROTO=TCP SPT=61010 DPT=8080 WINDOW=1025 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇦🇹 centurion	2026-03-29 02:16:13 (2 months ago)	Unauthorized attempt on git [5918/tcp] Source port: 61004 TTL: 244 Packet length: 44 TOS: 0x00 https ... show more Unauthorized attempt on git [5918/tcp] Source port: 61004 TTL: 244 Packet length: 44 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇦 URAN Publishing Service	2026-01-10 23:26:14 (4 months ago)	143.198.63.52 - - [11/Jan/2026:01:26:13 +0200] "GET /wp-content/themes HTTP/1.1" 404 363 "https://du ... show more 143.198.63.52 - - [11/Jan/2026:01:26:13 +0200] "GET /wp-content/themes HTTP/1.1" 404 363 "https://duckduckgo.com/" "Mozilla/5.0 (Linux; Android 15; SM-G998B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Mobile Safari/537.36 EdgA/135.0.0.0" 143.198.63.52 - - [11/Jan/2026:01:26:14 +0200] "GET /wp-content/plugins HTTP/1.1" 404 363 "https://yandex.com/" "Mozilla/5.0 (Linux; Android 15; SM-G998B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Mobile Safari/537.36 EdgA/135.0.0.0" ... show less	Web App Attack
🇮🇩 hermawan	2026-01-10 04:51:16 (4 months ago)	[Sat Jan 10 11:51:15.465481 2026] [security2:error] [pid 43258:tid 140653030688448] [client 143.198. ... show more [Sat Jan 10 11:51:15.465481 2026] [security2:error] [pid 43258:tid 140653030688448] [client 143.198.63.52:49188] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_request_content_type}" against "TX:content_type" required. [file "/etc/modsecurity/coreruleset-4.22.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1890"] [id "920420"] [msg "Request content type is not allowed by policy"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: / found within TX:content_type: \|/\| request_line = GET /catalog/model HTTP/1.1 Request URI RAW = /catalog/model Request Basename = model"] [severity "CRITICAL"] [ver "OWASP_CRS/4.22.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/255/153"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/catalog/model"] [uniqu ... show less	Hacking Web App Attack
🇺🇸 SiliSoftware	2025-12-31 08:28:45 (5 months ago)	/.vscode	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 103.187.146.90

🇷🇺 80.69.186.68

🇧🇪 35.187.168.65

🇺🇦 188.191.236.60

🇲🇽 186.96.145.241

🇨🇳 180.153.236.23

🇦🇪 86.98.65.97

🇸🇬 45.74.17.53

🇺🇸 34.132.113.249

🇬🇧 2a06:4880:8000::9b

🇺🇸 2001:470:2cc:1::204

🇳🇱 193.176.31.206

🇰🇿 178.89.157.118

🇫🇷 155.117.233.15

🇺🇸 147.90.234.214

🇫🇷 91.196.152.91

🇬🇧 89.37.66.227

🇱🇹 81.30.98.158

🇺🇸 74.125.17.243

🇺🇸 64.62.156.155