JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.12.152.88

198.12.152.88 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 91%: ?

91%

ISP	GoDaddy.com, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS398101
Hostname(s)	88.152.12.198.host.secureserver.net
Domain Name	godaddy.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.12.152.88

Whois 198.12.152.88

IP Abuse Reports for 198.12.152.88:

This IP address has been reported a total of 22 times from 18 distinct sources. 198.12.152.88 was first reported on May 1st 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (4 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-07 18:34:00 (4 days ago)	8080	Port Scan Hacking
🇩🇪 phil2k	2026-06-07 16:04:12 (4 days ago)	portscan on multiple TCP ports : Firewall: Within 2026-06-07 14:09:10 - 2026-06-07 14:09:10 CEST(+02 ... show more portscan on multiple TCP ports : Firewall: Within 2026-06-07 14:09:10 - 2026-06-07 14:09:10 CEST(+0200) identified: port scan from 198.12.152.88/32 on uncommon port/s: 2087(tcp:2087),2086(gnunet),2083(tcp:2083),2082(tcp:2082) (4 trials) Fail2ban: Within 2026-06-07 14:09:10 - 2026-06-07 14:09:11 CEST(+0200) banned: 6 times by fail2ban[firewall]; 6 times by fail2ban[recidive] show less	Port Scan
🇮🇹 clamehost.it	2026-06-07 14:35:19 (4 days ago)	Automatic report - Brute Force attack using this IP address	Brute-Force
🇺🇸 RAP	2026-06-07 13:13:27 (4 days ago)	2026-06-07 13:13:27 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇩🇪 phil2k	2026-06-07 12:09:14 (4 days ago)	fail2ban:firewall:2026-06-07T14:09:10.581346+02:00 <SRV> firewall: filter IN=<ANONYMIZED_INTERFACE> ... show more fail2ban:firewall:2026-06-07T14:09:10.581346+02:00 <SRV> firewall: filter IN=<ANONYMIZED_INTERFACE> OUT= MAC=<ANONYMIZED_MAC> SRC=198.12.152.88 DST=<PRIVATE_IPv4> LEN=60 TOS=0x00 PREC=0x00 TTL=40 ID=13078 DF PROTO=TCP SPT=41230 DPT=2087 WINDOW=14600 RES=0x00 SYN URGP=0 2026-06-07T14:09:10.584341+02:00 <SRV> firewall: filter IN=<ANONYMIZED_INTERFACE> OUT= MAC=<ANONYMIZED_MAC> SRC=198.12.152.88 DST=<PRIVATE_IPv4> LEN=60 TOS=0x00 PREC=0x00 TTL=40 ID=48012 DF PROTO=TCP SPT=43032 DPT=2086 WINDOW=14600 RES=0x00 SYN URGP=0 show less	DDoS Attack Port Scan
🇺🇸 antlac1	2026-06-07 11:14:49 (4 days ago)	crowdsecurity/http-probing	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-07 10:03:03 (4 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 198.12.152.88 (US/United States/88.152.12.198. ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 198.12.152.88 (US/United States/88.152.12.198.host.secureserver.net): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 psauxit	2026-06-07 07:10:35 (4 days ago)	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show more Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less	Web App Attack Hacking
🇧🇾 lns.bz	2026-06-07 06:46:51 (4 days ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 MPL	2026-06-07 03:00:34 (5 days ago)	tcp port scan (8 or more attempts)	Port Scan
🇫🇷 sthoyer.de	2026-06-07 02:00:13 (5 days ago)	Jun 7 04:00:12 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd: ... show more Jun 7 04:00:12 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=198.12.152.88 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=40561 DF PROTO=TCP SPT=39430 DPT=2087 WINDOW=14600 RES=0x00 SYN URGP=0 Jun 7 04:00:12 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=198.12.152.88 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=40088 DF PROTO=TCP SPT=52670 DPT=2082 WINDOW=14600 RES=0x00 SYN URGP=0 Jun 7 04:00:12 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=198.12.152.88 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=64598 DF PROTO=TCP SPT=50464 DPT=8443 WINDOW=14600 RES=0x00 SYN URGP=0 Jun 7 04:00:12 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=198.12.152.88 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=33101 DF PROTO=TCP SPT=46566 DPT=8080 WINDOW ... show less	Port Scan
🇺🇸 mnsf	2026-06-07 01:05:24 (5 days ago)	Too many Status 50X (15)	Brute-Force Web App Attack
🇺🇸 RAP	2026-06-07 00:42:51 (5 days ago)	2026-06-07 00:42:51 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇷🇸 Scan	2026-06-07 00:29:24 (5 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇷 186.4.55.126

🇸🇪 171.25.158.70

🇵🇰 153.117.9.211

🇮🇳 152.59.83.215

🇹🇷 146.19.208.134

🇵🇰 121.52.147.5

🇺🇸 91.230.168.202

🇺🇦 91.218.90.63

🇩🇪 69.5.169.161

🇲🇾 60.53.33.18

🇮🇩 36.95.194.50

🇺🇸 2a03:2880:f806:22::

🇮🇩 202.150.68.60

🇭🇰 165.154.23.177

🇺🇸 162.216.149.119

🇺🇸 147.185.132.55

🇨🇳 110.177.181.204

🇧🇪 104.199.94.21

🇫🇷 88.185.45.233

🇺🇸 75.82.163.67