JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.23.147.154

198.23.147.154 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	198-23-147-154-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.23.147.154

Whois 198.23.147.154

IP Abuse Reports for 198.23.147.154:

This IP address has been reported a total of 10 times from 4 distinct sources. 198.23.147.154 was first reported on July 9th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 06:58:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 198.23.147.154 (198-23-147-154-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.23.147.154 (198-23-147-154-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:58:11.224851 2026] [security2:error] [pid 22469:tid 22469] [client 198.23.147.154:37077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.htpasswd"] [unique_id "aWszA06IVSAJONbBn7NLAgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 21:05:17 (5 months ago)	(mod_security) mod_security (id:217200) triggered by 198.23.147.154 (198-23-147-154-host.colocrossin ... show more (mod_security) mod_security (id:217200) triggered by 198.23.147.154 (198-23-147-154-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 16:05:11.590341 2025] [security2:error] [pid 21770:tid 21780] [client 198.23.147.154:58131] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|ftp.kettlehill.com\|F\|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "ftp.kettlehill.com"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aVLtB-1IUNfWG5lsn0HElwAAAYc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 15:29:07 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 198.23.147.154 (198-23-147-154-host.colocrossin ... show more (mod_security) mod_security (id:211190) triggered by 198.23.147.154 (198-23-147-154-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 11:29:03.223427 2025] [security2:error] [pid 21889:tid 21889] [client 198.23.147.154:52469] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.davispickering.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\\x22__file\\x22:\\x22/etc%2fpasswd\\x22}"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.davispickering.com"] [uri "/index.php"] [unique_id "aQIyv4NzEt4B_q9dKNkJzgAAADU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:46:38 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 198.23.147.154 (198-23-147-154-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.23.147.154 (198-23-147-154-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:46:33.413056 2025] [security2:error] [pid 783496:tid 783506] [client 198.23.147.154:52871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.com"] [uri "/.env_sample"] [unique_id "aIWE-UBIVxi3CeAsEkD0OwAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 17:20:32 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 198.23.147.154 (198-23-147-154-host.colocrossin ... show more (mod_security) mod_security (id:211190) triggered by 198.23.147.154 (198-23-147-154-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:20:22.500121 2025] [security2:error] [pid 3053303:tid 3053303] [client 198.23.147.154:55067] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.farmers123.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/wp-content/plugins/wp-custom-pages/wp-download.php"] [unique_id "aDiXVpqFYgYWt_C2KYeBFwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 01:10:57 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇦🇺 oncord	2024-07-13 05:13:46 (1 year ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2024-07-13 01:07:11 (1 year ago)	(From [email protected]) I recently visited your website and noticed that its design and speed ... show more (From [email protected]) I recently visited your website and noticed that its design and speed could use some improvement. A modern web design can greatly enhance user experience and overall performance. I recommend exploring options on Fiverr, where you can find talented freelancers specializing in web design. Check out the services here: https://bit.ly/website-design-with-seo Best regards, Sofia show less	Phishing Web Spam
🇦🇺 oncord	2024-07-10 09:18:12 (1 year ago)	Form spam	Web Spam
🇦🇺 oncord	2024-07-09 04:36:37 (1 year ago)	Form spam	Web Spam

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.108

🇲🇽 187.141.71.166

🇧🇷 177.200.39.118

🇧🇷 152.237.102.140

🇳🇱 45.148.10.151

🇬🇧 5.226.140.43

🇷🇴 2.57.122.238

🇦🇺 223.27.18.80

🇲🇾 175.140.35.12

🇫🇷 104.28.228.58

🇳🇱 91.92.42.133

🇺🇸 48.214.144.125

🇺🇸 216.25.89.146

🇲🇽 206.135.24.10

🇨🇳 111.225.149.177

🇺🇸 107.174.53.252

🇬🇧 86.183.199.189

🇺🇸 52.176.211.73

🇭🇰 38.76.163.44

🇷🇴 2.57.121.112