JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.143.230

152.42.143.230 was found in our database!

This IP was reported 503 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.143.230

Whois 152.42.143.230

IP Abuse Reports for 152.42.143.230:

This IP address has been reported a total of 503 times from 228 distinct sources. 152.42.143.230 was first reported on November 6th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-01-13 23:23:51 (5 months ago)	ThreatBook Intelligence: Edu,Zombie more details on https://threatbook.io/ip/152.42.143.230 2026-01- ... show more ThreatBook Intelligence: Edu,Zombie more details on https://threatbook.io/ip/152.42.143.230 2026-01-13 00:25:09 /+CSCOL+/a1.jar 2026-01-13 00:25:05 /+CSCOL+/Java.jar 2026-01-13 00:25:07 /+CSCOE+/logon_forms.js 2026-01-13 00:25:11 /+CSCOE+/transfer.js show less	Web App Attack
Anonymous	2026-01-13 00:16:54 (5 months ago)	Aggressive web scan	SQL Injection Bad Web Bot Web App Attack
Anonymous	2026-01-12 22:57:03 (5 months ago)	Fail2ban Nginx log integration.	Port Scan Brute-Force SSH
🇩🇪 Hugopvigo	2026-01-12 21:34:07 (5 months ago)	"2026-01-12 21:34:07+00:00 152.42.143.230 IP con score alto (100) detectada en el log."	Brute-Force SSH
🇺🇸 Starburst SysOp Team	2026-01-12 18:10:33 (5 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-4)	Hacking Bad Web Bot
🇳🇱 JCB	2026-01-12 17:58:00 (5 months ago)	152.42.143.230 - - [12/Jan/2026:14:18:41 +0200] "GET /+CSCOL+/Java.jar HTTP/1.1" 404 236 152.42.143 ... show more 152.42.143.230 - - [12/Jan/2026:14:18:41 +0200] "GET /+CSCOL+/Java.jar HTTP/1.1" 404 236 152.42.143.230 - - [12/Jan/2026:14:18:42 +0200] "GET /+CSCOE+/logon_forms.js HTTP/1.1" 404 236 ... show less	Hacking Web App Attack
🇫🇮 diego021	2026-01-12 17:49:06 (5 months ago)	152.42.143.230 135.181.251.148 - [12/Jan/2026:12:49:03 -0500] "GET /+CSCOL+/Java.jar HTTP/1.1" 404 2 ... show more 152.42.143.230 135.181.251.148 - [12/Jan/2026:12:49:03 -0500] "GET /+CSCOL+/Java.jar HTTP/1.1" 404 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 152.42.143.230 135.181.251.148 - [12/Jan/2026:12:49:03 -0500] "GET /+CSCOE+/logon_forms.js HTTP/1.1" 404 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 152.42.143.230 135.181.251.148 - [12/Jan/2026:12:49:04 -0500] "GET /+CSCOL+/a1.jar HTTP/1.1" 404 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 152.42.143.230 135.181.251.148 - [12/Jan/2026:12:49:05 -0500] "GET /+CSCOE+/transfer.js HTTP/1.1" 404 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 Sub-Lime	2026-01-12 17:46:51 (5 months ago)	152.42.143.230 - - [12/Jan/2026:12:46:49 -0500] "GET /+CSCOL+/Java.jar HTTP/1.1" 444 0 "-" "Mozilla/ ... show more 152.42.143.230 - - [12/Jan/2026:12:46:49 -0500] "GET /+CSCOL+/Java.jar HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 152.42.143.230 - - [12/Jan/2026:12:46:50 -0500] "GET /+CSCOE+/logon_forms.js HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Hacking
🇮🇹 Progetto1	2026-01-12 17:45:02 (5 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-01-12 17:28:12 (5 months ago)		Web App Attack
Anonymous	2026-01-12 16:41:27 (5 months ago)		DNS Compromise DDoS Attack
🇧🇷 somosbr	2026-01-12 15:27:55 (5 months ago)	[2026-01-12T15:27:54Z] Unsolicited scan from 152.42.143.230 to port 443/tcp	Port Scan
🇩🇪 Admins@FBN	2026-01-12 15:01:13 (5 months ago)	Threat Host blocked...	Port Scan Hacking
🇩🇪 ut-addicted.com	2026-01-12 13:52:12 (5 months ago)	\[12/Jan/2026:14:52:09 +0100\] aWT8ifrvDLe9AmQhpN-hXAAAANM 152.42.143.230 57574 78.46.187.162 443 \[ ... show more \[12/Jan/2026:14:52:09 +0100\] aWT8ifrvDLe9AmQhpN-hXAAAANM 152.42.143.230 57574 78.46.187.162 443 \[12/Jan/2026:14:52:10 +0100\] aWT8ivrvDLe9AmQhpN-hXwAAANg 152.42.143.230 57588 78.46.187.162 443 \[12/Jan/2026:14:52:11 +0100\] aWT8i-rvDLe9AmQhpN-hZAAAAMg 152.42.143.230 57594 78.46.187.162 443 show less	Brute-Force Web App Attack
🇳🇱 Eric	2026-01-12 13:49:13 (5 months ago)	[Mon Jan 12 13:49:11.492456 2026] [security2:error] [pid 2384304:tid 2384304] [client 152.42.143.230 ... show more [Mon Jan 12 13:49:11.492456 2026] [security2:error] [pid 2384304:tid 2384304] [client 152.42.143.230:44218] [client 152.42.143.230] ModSecurity: Warning. Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "736"] [id "920350"] [msg "Host header is a numeric IP address"] [data "94.209.38.171"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "94.209.38.171"] [uri "/+CSCOL+/Java.jar"] [unique_id "aWT719LOq5IeG-ITkT6EqAAAAAs"] [Mon Jan 12 13:49:12.078097 2026] [security2:error] [pid 2439621:tid 2439621] [client 152.42.143.230:44232] [client 152.42.143.230] ModSecurity: Warning. Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line ... show less	Hacking Web App Attack

Showing 1 to 15 of 503 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.6.13.172

🇺🇸 156.238.229.65

🇬🇧 185.116.173.171

🇺🇸 173.255.223.62

🇺🇸 147.185.132.30

🇹🇭 118.194.250.127

🇺🇸 104.12.19.114

🇺🇸 103.234.62.40

🇵🇰 103.141.5.137

🇹🇷 88.247.48.129

🇧🇷 20.226.46.81

🇦🇷 2800:810:444:1951:9490:5855:18d4:cd9a

🇺🇸 178.128.156.122

🇺🇸 167.172.144.156

🇨🇳 61.145.190.218

🇮🇷 5.219.48.113

🇷🇺 5.45.227.83

🇺🇸 203.88.119.100

🇯🇵 202.182.116.133

🇿🇼 197.221.232.44