JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.46.148.94

198.46.148.94 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	198-46-148-94-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.46.148.94

Whois 198.46.148.94

IP Abuse Reports for 198.46.148.94:

This IP address has been reported a total of 8 times from 5 distinct sources. 198.46.148.94 was first reported on August 26th 2024, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-10-08 09:15:34 (7 months ago)	Malicious activity detected	Hacking Brute-Force
Anonymous	2025-07-20 04:37:12 (10 months ago)	Malicious activity detected	Hacking Brute-Force
Anonymous	2025-07-15 23:00:20 (10 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-26 23:08:07 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 198.46.148.94 (198-46-148-94-host.colocrossing. ... show more (mod_security) mod_security (id:211190) triggered by 198.46.148.94 (198-46-148-94-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 18:05:59.022847 2024] [security2:error] [pid 10475:tid 10521] [client 198.46.148.94:33025] [client 198.46.148.94] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/index.php"] [unique_id "Z0ZUV6FCtxIMoG1O2rvpmwAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-10-09 04:05:28 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-09-03 21:18:53 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 198.46.148.94 (198-46-148-94-host.colocrossing. ... show more (mod_security) mod_security (id:221260) triggered by 198.46.148.94 (198-46-148-94-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 17:18:47.053363 2024] [security2:error] [pid 4304:tid 4304] [client 198.46.148.94:49285] [client 198.46.148.94] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "80"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcontacts.stdavids-media.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.stdavids-media.com"] [uri "/cgi-bin/stats"] [unique_id "Ztd9N3CTaHin3uoaCHibkQAAAA4"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-27 00:35:03 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:09:21 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 198.46.148.94 (198-46-148-94-host.colocrossing. ... show more (mod_security) mod_security (id:210730) triggered by 198.46.148.94 (198-46-148-94-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:08:36.320076 2024] [security2:error] [pid 532018:tid 532384] [client 198.46.148.94:33777] [client 198.46.148.94] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\windows\\\\win.ini"] [unique_id "Zs0K9C_p85EHRlaaQPgmlgAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.159

🇨🇳 219.142.251.122

🇺🇸 109.105.210.57

🇨🇳 103.152.76.141

🇺🇸 72.241.202.104

🇺🇸 52.13.219.52

🇺🇸 45.132.74.249

🇺🇸 40.124.174.209

🇺🇸 20.65.194.85

🇦🇺 3.106.188.147

🇪🇬 197.199.224.52

🇱🇻 195.123.213.182

🇫🇮 147.185.133.245

🇦🇪 132.243.121.237

🇮🇩 103.156.164.21

🇧🇬 91.191.209.118

🇧🇾 86.57.173.115

🇬🇧 81.19.219.233

🇧🇬 79.124.58.142

🇺🇸 57.141.0.36