JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.23.214.80

198.23.214.80 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	198-23-214-80-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.23.214.80

Whois 198.23.214.80

IP Abuse Reports for 198.23.214.80:

This IP address has been reported a total of 13 times from 7 distinct sources. 198.23.214.80 was first reported on June 3rd 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-02-16 05:48:20 (3 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 15:44:21 (4 months ago)	(mod_security) mod_security (id:221260) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing. ... show more (mod_security) mod_security (id:221260) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 10:44:14.130423 2026] [security2:error] [pid 25601:tid 25601] [client 198.23.214.80:41135] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/cgi-bin/stats"] [unique_id "aWuuTqBW5ucIyuBx6mJq7AAAAAg"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:20:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:19:59.501589 2025] [security2:error] [pid 26213:tid 26651] [client 198.23.214.80:39367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.net"] [uri "/.env_sample"] [unique_id "aVLGT0pty-jo8UW-4yJ3ngAAAZQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 10:33:30 (6 months ago)	(mod_security) mod_security (id:212620) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing. ... show more (mod_security) mod_security (id:212620) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:33:22.812061 2025] [security2:error] [pid 13810:tid 13810] [client 198.23.214.80:47093] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /error?msg=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.nbcnewsradio.com"] [uri "/error"] [unique_id "aRWz8hzj4FqgQBu2CMnJmwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:20:48 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing. ... show more (mod_security) mod_security (id:211190) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:20:13.034203 2025] [security2:error] [pid 172499:tid 172611] [client 198.23.214.80:36799] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /badging/badge_print_v0.php?tpl=../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/badging/badge_print_v0.php"] [unique_id "aIVwvYEn7YGnahfIo_jE4wAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 00:29:15 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 198.23.214.80 (198-23-214-80-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:29:07.483937 2025] [security2:error] [pid 3845249:tid 3845249] [client 198.23.214.80:44933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.save"] [unique_id "aDj702Xs1hkmSX4AQUpFCgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 02:11:51 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 05:28:10 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 22:21:50 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇸🇪 ScanHostHunter	2023-09-29 21:28:18 (2 years ago)	Unauthorized vulnerability scanning observed from this host.	Web App Attack
🇩🇪 ps-center	2023-09-26 05:12:18 (2 years ago)	SS1: Web Attack GET /wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://example.com	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2023-07-29 01:17:10 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇮🇪 RoboSOC	2023-06-03 05:51:45 (3 years ago)	HTTP Directory Traversal Request Attempt , PTR: 198-23-214-80-host.colocrossing.com.	Hacking

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.197.78.32

🇺🇸 217.21.77.14

🇳🇱 185.223.235.12

🇳🇱 176.65.139.249

🇸🇬 167.103.66.184

🇫🇮 147.185.133.120

🇨🇳 116.30.121.48

🇭🇰 114.111.52.109

🇨🇳 101.126.54.66

🇳🇱 85.11.167.7

🇩🇪 69.5.169.65

🇳🇱 62.212.70.49

🇺🇸 52.165.80.170

🇺🇦 45.11.57.172

🇺🇸 20.64.106.77

🇧🇬 5.188.206.34

🇺🇸 3.140.240.184

🇺🇸 195.184.76.103

🇺🇸 195.184.76.99

🇳🇱 185.224.128.16