JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 98.159.43.39

98.159.43.39 was found in our database!

This IP was reported 112 times. Confidence of Abuse is 45%: ?

45%

ISP	F.N.S. HOLDINGS LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	fns-holdings.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 98.159.43.39

Whois 98.159.43.39

IP Abuse Reports for 98.159.43.39:

This IP address has been reported a total of 112 times from 50 distinct sources. 98.159.43.39 was first reported on May 28th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 04:09:21 (3 hours ago)	(mod_security) mod_security (id:240000) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:09:17.245237 2026] [security2:error] [pid 27952:tid 27952] [client 98.159.43.39:28883] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|housecalls-online.com.homehealth101.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "housecalls-online.com.homehealth101.com"] [uri "/images/stories/themes.php"] [unique_id "aj37bcHpZasXQVrDu7donAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-24 09:28:46 (1 day ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-193)	Hacking
🇬🇧 consul.to	2026-06-24 01:58:06 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 07:01:20 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:01:06.795452 2026] [security2:error] [pid 13412:tid 13412] [client 98.159.43.39:32501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mympizzas.com.mx"] [uri "/.git/index"] [unique_id "ai-jMuK3RliMsKzpWbGI5AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-06-06 14:01:13 (2 weeks ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-06 04:33:39 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:32:56.342577 2026] [security2:error] [pid 29269:tid 29269] [client 98.159.43.39:51487] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.animatuevento.com.mx\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.animatuevento.com.mx"] [uri "/temp.bak"] [unique_id "aiOi-N8Hc9y7cgd1BORfmQAAADo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 17:41:23 (2 weeks ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
Anonymous	2026-06-05 16:32:52 (2 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 98.159.43.39 (TH/Thailand/-)	SQL Injection
Anonymous	2026-05-17 04:37:00 (1 month ago)	Banned by Fail2Ban on server	Web App Attack
🇫🇷 Octopuce	2026-05-16 22:32:06 (1 month ago)	Aggressive web search of vulnerable pages: /rip.php /wp-content/themes/fukasawa/inc/classes/403x.php ... show more Aggressive web search of vulnerable pages: /rip.php /wp-content/themes/fukasawa/inc/classes/403x.php /wp-content/options.php /wp-includes/confi ... show less	Web App Attack
🇩🇪 ghostwarriors	2026-05-16 21:50:31 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-05-16 14:21:24 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-123) show less	Bad Web Bot
Anonymous	2026-05-11 02:00:05 (1 month ago)	"GET /wp-content/plugins/seoplugins/mar.php HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 21:53:09 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 98.159.43.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 17:53:05.289545 2026] [security2:error] [pid 26253:tid 26253] [client 98.159.43.39:31131] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|tracklocross.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "tracklocross.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "af-swUd5aL1CFj3lCSpKjAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-04-27 18:07:24 (1 month ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 112 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.181

🇩🇪 167.94.146.43

🇺🇸 135.148.171.117

🇮🇳 103.161.56.174

🇧🇬 79.124.62.126

🇹🇭 49.0.84.125

🇱🇦 202.62.100.1

🇨🇬 197.157.252.162

🇩🇪 194.187.176.92

🇺🇸 144.172.106.24

🇬🇧 35.203.210.57

🇺🇸 35.190.43.134

🇺🇸 34.105.111.108

🇦🇺 27.33.196.178

🇺🇸 20.168.123.0

🇨🇳 14.103.102.130

🇧🇬 212.233.219.101

🇱🇧 178.135.19.236

🇨🇦 170.9.40.164

🇺🇸 162.216.150.24