JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.46.148.118

198.46.148.118 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	198-46-148-118-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.46.148.118

Whois 198.46.148.118

IP Abuse Reports for 198.46.148.118:

This IP address has been reported a total of 8 times from 6 distinct sources. 198.46.148.118 was first reported on August 25th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Alejandro Docasar	2024-11-27 21:34:22 (1 year ago)		Web App Attack
🇩🇪 ps-center	2024-11-27 04:53:15 (1 year ago)	SS1: Web Attack GET //opQJqrJj%22%3E%3Cimg%20src=a%20onerror=alert%28document.domain%29%3E/..CFIDE/a ... show more SS1: Web Attack GET //opQJqrJj%22%3E%3Cimg%20src=a%20onerror=alert%28document.domain%29%3E/..CFIDE/administrator/index.cfm show less	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-26 23:16:05 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 198.46.148.118 (198-46-148-118-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.46.148.118 (198-46-148-118-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 18:13:50.817751 2024] [security2:error] [pid 13655:tid 13963] [client 198.46.148.118:60863] [client 198.46.148.118] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.staging.kettlehill.com"] [uri "/.env"] [unique_id "Z0ZWLi_aanicGPNYBvHn7wAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-09-05 12:03:42 (1 year ago)	IP & Port Scan.	Port Scan Brute-Force SSH
🇺🇸 TPI-Abuse	2024-09-03 18:39:29 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 198.46.148.118 (198-46-148-118-host.colocrossin ... show more (mod_security) mod_security (id:211190) triggered by 198.46.148.118 (198-46-148-118-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:38:41.270821 2024] [security2:error] [pid 8818:tid 8818] [client 198.46.148.118:50775] [client 198.46.148.118] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.stdavids-media.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.stdavids-media.com"] [uri "/wp-content/plugins/wp-custom-pages/wp-download.php"] [unique_id "ZtdXsTNL_tO5H-YRP-fyFgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-27 00:30:07 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:08:15 (1 year ago)	(mod_security) mod_security (id:212790) triggered by 198.46.148.118 (198-46-148-118-host.colocrossin ... show more (mod_security) mod_security (id:212790) triggered by 198.46.148.118 (198-46-148-118-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:05:56.746082 2024] [security2:error] [pid 532018:tid 532389] [client 198.46.148.118:37389] [client 198.46.148.118] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\s\\\\x22'](?:alert\|eval\|\\\\.fromcharcode)\\\\s?(?:\\\\(\|`)" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "72"] [id "212790"] [rev "5"] [msg "COMODO WAF: XSS Attack Detected\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: 'alert( found within REQUEST_URI: /dashboard/snapshot/{{constructor.constructor('alert(document.domain)')()}}?orgid=1"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.kettlehill.com"] [uri "/dashboard/snapshot/{{constructor.constructor('alert(document.domain)')()}}"] [unique_id "Zs0KVC_p85EHRlaaQPgisQAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2023-08-25 08:30:43 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.7.97.165

🇺🇸 40.124.175.174

🇺🇸 24.199.126.56

🇧🇷 152.67.48.120

🇳🇱 91.92.40.204

🇨🇦 85.217.149.23

🇪🇸 81.40.83.155

🇷🇴 80.94.92.167

🇳🇵 27.34.64.42

🇻🇳 14.181.30.37

🇳🇱 195.178.110.30

🇸🇪 188.148.167.199

🇹🇭 110.164.193.196

🇻🇳 103.82.21.8

🇧🇪 91.180.21.115

🇷🇴 80.94.92.186

🇹🇷 5.11.164.165

🇺🇸 216.73.217.176

🇰🇷 211.46.177.174

🇩🇿 193.194.91.218