AbuseIPDB » 195.48.10.198

Check an IP Address, Domain Name, or Subnet

e.g. 3.237.37.4, microsoft.com, or 5.188.10.0/24

195.48.10.198 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	green.ch AG
Usage Type	Data Center/Web Hosting/Transit
Domain Name	green.ch
Country	Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 195.48.10.198

Whois 195.48.10.198

IP Abuse Reports for 195.48.10.198:

This IP address has been reported a total of 32 times from 17 distinct sources. 195.48.10.198 was first reported on January 17th 2023, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
niceshops.com	23 hours ago	Web Attack ([26/Jan/2023:12:03:45.697] GET /.env)	Web App Attack
niceshops.com	26 Jan 2023	Web Attack ([26/Jan/2023:09:30:24.585] GET /.env)	Web App Attack
niceshops.com	26 Jan 2023	Web Attack ([26/Jan/2023:06:28:43.934] GET /.env)	Web App Attack
4server	26 Jan 2023	[ThuJan2604:08:37.3378912023][:error][pid18063:tid47970403837696][client195.48.10.198:25904][client1 ... show more[ThuJan2604:08:37.3378912023][:error][pid18063:tid47970403837696][client195.48.10.198:25904][client195.48.10.198]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"189\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"81.17.25.250\"][uri\"/.env\"][unique_id\"Y9HutRbvpIvaQG1VzWqEFgAAAAg\"][ThuJan2604:08:43.9522182023][:error][pid17915:tid47970493929216][client195.48.10.198:26251][client195.48.10.198]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|bo show less	Blog Spam
4server	26 Jan 2023	[ThuJan2602:54:35.3027412023][:error][pid20579:tid47265007859456][client195.48.10.198:27501][client1 ... show more[ThuJan2602:54:35.3027412023][:error][pid20579:tid47265007859456][client195.48.10.198:27501][client195.48.10.198]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"189\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"136.243.224.50\"][uri\"/.env\"][unique_id\"Y9HdW_tsV9yronD4c3hp-wAAANc\"][ThuJan2602:54:42.6447902023][:error][pid20465:tid47264984745728][client195.48.10.198:27926][client195.48.10.198]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\| show less	Port Scan Brute-Force Web App Attack
niceshops.com	24 Jan 2023	Web Attack ([24/Jan/2023:18:35:46.443] GET /.env)	Web App Attack
Lentini	24 Jan 2023	visuitslagen.nl: malicious request:/.env	Web App Attack
niceshops.com	24 Jan 2023	Web Attack ([24/Jan/2023:15:24:59.040] GET /.env)	Web App Attack
niceshops.com	24 Jan 2023	Web Attack ([24/Jan/2023:12:44:12.001] GET /.env)	Web App Attack
Hirte	24 Jan 2023	MYH: Web Attack GET /wp-content/	Web Spam Hacking Bad Web Bot Web App Attack
niceshops.com	24 Jan 2023	Web Attack ([24/Jan/2023:09:11:15.759] GET /.env)	Web App Attack
niceshops.com	24 Jan 2023	Web Attack ([24/Jan/2023:04:38:17.632] GET /.env)	Web App Attack
niceshops.com	23 Jan 2023	Web Attack ([23/Jan/2023:16:13:48.073] GET /.env)	Web App Attack
niceshops.com	23 Jan 2023	Web Attack ([23/Jan/2023:13:56:20.735] GET /.env)	Web App Attack
niceshops.com	23 Jan 2023	Web Attack ([23/Jan/2023:13:13:28.272] GET /.env)	Web App Attack