JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 98.159.43.63

98.159.43.63 was found in our database!

This IP was reported 111 times. Confidence of Abuse is 50%: ?

50%

ISP	F.N.S. HOLDINGS LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	fns-holdings.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 98.159.43.63

Whois 98.159.43.63

IP Abuse Reports for 98.159.43.63:

This IP address has been reported a total of 111 times from 54 distinct sources. 98.159.43.63 was first reported on May 22nd 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-22 13:03:48 (15 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 07:56:31 (21 hours ago)	(mod_security) mod_security (id:240000) triggered by 98.159.43.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 98.159.43.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:56:24.650256 2026] [security2:error] [pid 32260:tid 32260] [client 98.159.43.63:55985] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|sjtent.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "sjtent.com"] [uri "/images/stories/themes.php"] [unique_id "ajjqqGjHCKE7EANdjghcFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-22 07:24:41 (21 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Charlesiv	2026-06-22 02:02:36 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 206092 (F.N.S. HOLDINGS ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 206092 (F.N.S. HOLDINGS LIMITED) Protocol: HTTP/1.1 (GET method) Endpoint: /wp-json/wp/v2/ Timestamp: 2026-06-22T00:41:40Z Ray ID: a0f7356afed0ce15 UA: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-22 01:26:17 (1 day ago)	(mod_security) mod_security (id:240000) triggered by 98.159.43.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 98.159.43.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:26:12.686971 2026] [security2:error] [pid 19953:tid 19953] [client 98.159.43.63:40087] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|radiantmessages.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "radiantmessages.com"] [uri "/images/stories/themes.php"] [unique_id "ajiPNAVu6joDGOQqhhW0CwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-21 19:04:16 (1 day ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)	Hacking
🇫🇷 dynamix	2026-06-21 03:52:18 (2 days ago)	Multiple WAF Violations	Web App Attack
🇩🇪 ghostwarriors	2026-05-14 21:50:15 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇳🇱 DrLex0	2026-05-14 12:14:44 (1 month ago)	Probing for various exploits using Go garbage, distibuted attack from 98.159.43.0/24 range 98.159.4 ... show more Probing for various exploits using Go garbage, distibuted attack from 98.159.43.0/24 range 98.159.43.63 80 - [14/May/2026:12:14:44 +0000] "GET //administrator/components/com_xcloner-backupandrestore/language/english.php HTTP/1.1" 404 2383 "-" "Go-http-client/1.1" show less	DDoS Attack Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2026-05-05 01:43:42 (1 month ago)	Mutliple attempts to access forbidden web resources, HTTP code 403.	Web App Attack
🇳🇱 middelkoopcc	2026-05-04 14:10:33 (1 month ago)	2026-05-04 16:01:44 [remote 98.159.43.63:56451] AH01276: Cannot serve directory /<redacted>/wp-conte ... show more 2026-05-04 16:01:44 [remote 98.159.43.63:56451] AH01276: Cannot serve directory /<redacted>/wp-content/uploads/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive, referer: <redacted> && 2026-05-04 16:01:47 [remote 98.159.43.63:56451] AH01276: Cannot serve directory /<redacted>/wp-admin/css/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive, referer: <redacted> && 2026-05-04 16:01:59 [remote 98.159.43.63:56451] AH01276: Cannot serve directory /<redacted>/wp-admin/js/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive, referer: <redacted> && 109 more within 20 minutes show less	Web App Attack
Anonymous	2026-05-03 18:54:23 (1 month ago)	(wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 98. ... show more (wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 98.159.43.63 (TH/Thailand/-) show less	Brute-Force
🇫🇷 Octopuce	2026-05-03 06:40:26 (1 month ago)	Aggressive web search of vulnerable pages: /wp-content/themes/fukasawa/inc/classes/403x.php /a.php / ... show more Aggressive web search of vulnerable pages: /wp-content/themes/fukasawa/inc/classes/403x.php /a.php /wp-content.php /wp-update.php /wp-admin/inc ... show less	Web App Attack
🇺🇸 mnsf	2026-05-03 00:05:13 (1 month ago)	Too many Status 50X (49)	Brute-Force Web App Attack
🇪🇸 masterguru	2026-05-02 14:07:44 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot

Showing 1 to 15 of 111 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.181

🇺🇸 107.150.103.155

🇳🇱 45.148.10.147

🇺🇸 45.3.49.182

🇺🇸 3.131.220.121

🇰🇷 218.51.148.194

🇧🇬 193.24.211.107

🇨🇳 175.30.48.180

🇺🇸 147.185.132.127

🇮🇪 146.70.189.207

🇨🇳 123.145.0.102

🇵🇰 103.244.172.201

🇫🇷 91.231.89.173

🇺🇸 91.193.232.146

🇺🇸 66.249.92.139

🇺🇸 66.175.220.105

🇺🇸 64.62.197.47

🇳🇱 45.148.10.157

🇫🇷 194.163.137.135

🇷🇴 193.32.162.16