JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.199.96.52

198.199.96.52 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	San Francisco, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.199.96.52

Whois 198.199.96.52

IP Abuse Reports for 198.199.96.52:

This IP address has been reported a total of 14 times from 6 distinct sources. 198.199.96.52 was first reported on June 18th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇾 lns.bz	2025-11-28 21:01:31 (6 months ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 05:51:43 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 00:51:37.260450 2025] [security2:error] [pid 27448:tid 27448] [client 198.199.96.52:34434] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|donnysimonton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "donnysimonton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSk4aZNuv2nLkBgW5lku-wAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-28 05:35:03 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-28 03:48:54 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 22:48:50.287540 2025] [security2:error] [pid 30815:tid 30815] [client 198.199.96.52:44052] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|zodiacwin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zodiacwin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSkbonqTd9pbIKxuV8agBQAAABE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 02:56:05 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 21:55:59.745613 2025] [security2:error] [pid 8653:tid 8653] [client 198.199.96.52:38040] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|myuscpa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "myuscpa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSkPP53eLz-ukSm7LIlGzAAAABA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 22:13:19 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:13:12.505449 2025] [security2:error] [pid 12060:tid 12060] [client 198.199.96.52:40094] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|krakowski.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "krakowski.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aSjM-Fx_WEKhIU3ediCnEwAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-07 16:19:57 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 11:19:51.092929 2025] [security2:error] [pid 14754:tid 14760] [client 198.199.96.52:35284] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|charbelaj.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "charbelaj.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ4cJ82IuvfaIawFylgBQAAAAQQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-24 12:21:14 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.199.96.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 08:21:08.627673 2025] [security2:error] [pid 12966:tid 12966] [client 198.199.96.52:43588] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|blackmanfamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "blackmanfamily.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPtvNLDSQ3k49NgmQwRvswAAABM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 exxos	2025-09-25 23:03:01 (8 months ago)	Attacks with Bad user agents	Hacking
Anonymous	2025-08-04 15:38:34 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
Anonymous	2024-07-09 00:49:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-03 03:44:58 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-06-21 02:33:31 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-06-18 01:12:28 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇪 140.99.201.22

🇻🇳 123.19.68.9

🇹🇷 88.248.248.242

🇲🇾 60.53.155.96

🇷🇴 2.57.121.25

🇵🇱 194.180.49.219

🇨🇳 180.212.92.223

🇱🇹 141.98.9.130

🇫🇷 91.231.89.70

🇸🇦 64.137.215.128

🇩🇪 45.135.141.18

🇮🇩 223.25.108.2

🇲🇽 187.191.48.23

🇩🇪 187.77.91.73

🇹🇭 182.52.109.76

🇺🇸 162.216.150.208

🇨🇳 124.117.194.39

🇨🇳 115.190.44.249

🇮🇳 103.54.101.248

🇷🇴 92.118.39.62