JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 98.159.43.22

98.159.43.22 was found in our database!

This IP was reported 113 times. Confidence of Abuse is 47%: ?

47%

ISP	F.N.S. HOLDINGS LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	fns-holdings.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 98.159.43.22

Whois 98.159.43.22

IP Abuse Reports for 98.159.43.22:

This IP address has been reported a total of 113 times from 54 distinct sources. 98.159.43.22 was first reported on June 15th 2024, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 07:01:23 (18 hours ago)	(mod_security) mod_security (id:210730) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:01:17.936780 2026] [security2:error] [pid 26371:tid 26371] [client 98.159.43.22:55753] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.mympizzas.com.mx\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.mympizzas.com.mx"] [uri "/_vti_bin/_vti_aut/author.dll"] [unique_id "ai-jPbSmBEnKJWB4Ls9vAAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 18:05:06 (1 week ago)	PHP file probing detected by Fail2Ban	Web App Attack
🇬🇧 consul.to	2026-06-06 15:40:37 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 04:31:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:31:32.791022 2026] [security2:error] [pid 28113:tid 28113] [client 98.159.43.22:28659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.animatuevento.com.mx"] [uri "/.env"] [unique_id "aiOipILc-DIdLilPhlVgNgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 17:41:22 (1 week ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
Anonymous	2026-06-05 16:32:34 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 98.159.43.22 (TH/Thailand/-)	SQL Injection
🇪🇸 masterguru	2026-05-25 07:51:41 (3 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
Anonymous	2026-05-17 04:36:50 (4 weeks ago)	Banned by Fail2Ban on server	Web App Attack
🇩🇪 ghostwarriors	2026-05-16 21:50:53 (4 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-05-16 21:12:08 (4 weeks ago)	Aggressive web search of vulnerable pages: //templates/atomic/error.php //templates/rhuk_milkyway/in ... show more Aggressive web search of vulnerable pages: //templates/atomic/error.php //templates/rhuk_milkyway/index.php //templates/madeyourweb/error.php / ... show less	Web App Attack
🇩🇪 todix	2026-05-16 16:13:38 (4 weeks ago)	WebAttack or semilar from 98.159.43.22	Web App Attack
🇺🇸 TPI-Abuse	2026-05-11 03:38:37 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 23:38:30.175286 2026] [security2:error] [pid 30780:tid 30780] [client 98.159.43.22:46163] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|targetbinario.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "targetbinario.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "agFPNjKTDuiTYkCR_vOKAgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-04-27 18:07:39 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-04-20 17:03:20 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 98.159.43.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 13:03:16.627260 2026] [security2:error] [pid 1650662:tid 1650662] [client 98.159.43.22:63223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.esprit-caraibe.com"] [uri "/.git/execute.php"] [unique_id "aeZcVNJqMx5Y9j5ddKrL9QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-04-19 20:11:29 (1 month ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 113 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 211.21.127.69

🇩🇪 156.146.33.78

🇺🇸 142.171.52.174

🇳🇱 51.158.205.47

🇺🇸 216.180.246.182

🇧🇷 200.108.174.4

🇬🇧 193.163.125.51

🇭🇰 185.242.232.164

🇺🇸 184.105.139.101

🇺🇸 147.185.132.33

🇧🇷 131.108.51.88

🇨🇳 115.190.166.75

🇮🇩 103.110.34.131

🇨🇳 101.126.35.9

🇺🇸 91.230.168.186

🇺🇸 69.175.42.65

🇺🇸 62.132.18.142

🇨🇦 54.39.89.181

🇨🇦 54.39.0.125

🇨🇳 14.103.115.253