JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.23.239.245

198.23.239.245 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	198-23-239-245-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.23.239.245

Whois 198.23.239.245

IP Abuse Reports for 198.23.239.245:

This IP address has been reported a total of 74 times from 27 distinct sources. 198.23.239.245 was first reported on February 13th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 rafix	2025-04-15 07:27:08 (1 year ago)	DDoS on HTTP/HTTPS #botnet20250415	DDoS Attack Bad Web Bot
Anonymous	2025-02-09 04:59:27 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack
Anonymous	2025-01-25 08:03:19 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-12-23 09:46:22 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-12-14 03:40:36 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-12-06 00:39:22 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-11-28 21:30:49 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-10-21 18:33:13 (1 year ago)	joshuajohannes.de 198.23.239.245 [15/Oct/2024:06:27:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4289 " ... show more joshuajohannes.de 198.23.239.245 [15/Oct/2024:06:27:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4289 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" joshuajohannes.de 198.23.239.245 [15/Oct/2024:06:27:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4289 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2024-10-20 01:20:48 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 198.23.239.245 (198-23-239-245-host.colocrossin ... show more (mod_security) mod_security (id:240335) triggered by 198.23.239.245 (198-23-239-245-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 19 21:20:43.319365 2024] [security2:error] [pid 19153:tid 19153] [client 198.23.239.245:37647] [client 198.23.239.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 198.23.239.245 (+1 hits since last alert)\|www.margroberts.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.margroberts.com"] [uri "/xmlrpc.php"] [unique_id "ZxRa6zapAaHxDbs28nlOgQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2024-10-18 20:53:45 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇦🇺 MAGIC	2024-10-18 02:00:42 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-10-17 02:39:14 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 198.23.239.245 (198-23-239-245-host.colocrossin ... show more (mod_security) mod_security (id:240335) triggered by 198.23.239.245 (198-23-239-245-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 16 22:39:07.463584 2024] [security2:error] [pid 30759:tid 30759] [client 198.23.239.245:51001] [client 198.23.239.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 198.23.239.245 (+1 hits since last alert)\|therealseska.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "therealseska.com"] [uri "/xmlrpc.php"] [unique_id "ZxB4y7JiNqU8561JVyko4QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2024-10-16 20:53:47 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2024-10-16 03:22:36 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 198.23.239.245 (198-23-239-245-host.colocrossin ... show more (mod_security) mod_security (id:240335) triggered by 198.23.239.245 (198-23-239-245-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 15 23:22:31.021440 2024] [security2:error] [pid 30986:tid 30986] [client 198.23.239.245:52855] [client 198.23.239.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 198.23.239.245 (+1 hits since last alert)\|www.anouk.ee\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.anouk.ee"] [uri "/xmlrpc.php"] [unique_id "Zw8xd16Q6RsH4WG-h1EybQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2024-10-15 20:53:46 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇹 213.225.38.154

🇬🇧 195.140.214.21

🇬🇧 188.240.59.53

🇨🇳 106.14.56.54

🇸🇬 45.132.75.45

🇺🇸 2607:f8b0:4023:1006::129

🇺🇸 216.25.89.112

🇧🇪 198.235.24.194

🇺🇾 179.25.250.122

🇮🇳 125.19.163.190

🇮🇳 122.176.76.96

🇮🇳 103.59.153.114

🇫🇷 91.231.89.158

🇳🇱 45.148.10.141

🇧🇷 45.70.216.245

🇵🇦 190.32.246.14

🇨🇴 181.131.8.130

🇺🇸 162.216.150.233

🇪🇸 149.74.87.153

🇫🇮 147.185.133.240