JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.46.166.157

198.46.166.157 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 24%: ?

24%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	tor03.mtak.nl
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.46.166.157

Whois 198.46.166.157

IP Abuse Reports for 198.46.166.157:

This IP address has been reported a total of 162 times from 78 distinct sources. 198.46.166.157 was first reported on October 22nd 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 gnom4ik	2026-06-02 19:20:18 (4 days ago)	ban-reviewer auto report; ip=198.46.166.157; scenario=http:scan; verdict=valid_ban; confidence=0.92; ... show more ban-reviewer auto report; ip=198.46.166.157; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH
🇮🇹 Progetto1	2026-05-13 02:05:03 (3 weeks ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
Anonymous	2026-05-08 14:46:57 (4 weeks ago)	This IP was involved in an brute force and password spray attack on 2026/05/08 09:44:40	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2026-05-06 04:02:38 (1 month ago)	2026-05-05 19:00:27,864 fail2ban.actions [3625835]: NOTICE [tor] Ban 198.46.166.157 2026-05- ... show more 2026-05-05 19:00:27,864 fail2ban.actions [3625835]: NOTICE [tor] Ban 198.46.166.157 2026-05-05 22:00:25,413 fail2ban.actions [3625835]: NOTICE [tor] Ban 198.46.166.157 2026-05-06 01:00:24,931 fail2ban.actions [3625835]: NOTICE [tor] Ban 198.46.166.157 2026-05-06 04:00:33,348 fail2ban.actions [3625835]: NOTICE [tor] Ban 198.46.166.157 2026-05-06 07:02:38,003 fail2ban.actions [3625835]: NOTICE [tor] Ban 198.46.166.157 show less	Brute-Force
Anonymous	2026-04-24 21:02:47 (1 month ago)	2026-04-24 12:00:28,429 fail2ban.actions [7718]: NOTICE [tor] Ban 198.46.166.157 2026-04-24 ... show more 2026-04-24 12:00:28,429 fail2ban.actions [7718]: NOTICE [tor] Ban 198.46.166.157 2026-04-24 15:00:26,611 fail2ban.actions [7718]: NOTICE [tor] Ban 198.46.166.157 2026-04-24 18:00:28,262 fail2ban.actions [7718]: NOTICE [tor] Ban 198.46.166.157 2026-04-24 21:00:37,482 fail2ban.actions [7718]: NOTICE [tor] Ban 198.46.166.157 2026-04-25 00:02:47,153 fail2ban.actions [7718]: NOTICE [tor] Ban 198.46.166.157 show less	Brute-Force
Anonymous	2026-04-20 18:10:24 (1 month ago)	This IP was involved in an brute force and password spray attack on 2026/04/20 13:07:44	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2026-04-18 10:28:03 (1 month ago)	Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ... show more Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 Shouddy Tarano	2026-04-08 02:30:17 (1 month ago)	[Tue Apr 07 20:30:13.722496 2026] [authz_core:error] [pid 1675616:tid 139662060381952] [client 198.4 ... show more [Tue Apr 07 20:30:13.722496 2026] [authz_core:error] [pid 1675616:tid 139662060381952] [client 198.46.166.157:38060] AH01630: client denied by server configuration: /var/www/cgi-bin/ [Tue Apr 07 20:30:14.657219 2026] [authz_core:error] [pid 1675616:tid 139661942884096] [client 198.46.166.157:38060] AH01630: client denied by server configuration: /var/www/cgi-bin/lp [Tue Apr 07 20:30:15.036689 2026] [authz_core:error] [pid 1675616:tid 139662018418432] [client 198.46.166.157:38060] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/scripts [Tue Apr 07 20:30:15.687249 2026] [authz_core:error] [pid 1675616:tid 139662026811136] [client 198.46.166.157:38060] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/scripts [Tue Apr 07 20:30:16.016883 2026] [authz_core:error] [pid 1675616:tid 139661984847616] [client 198.46.166.157:38060] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/ ... show less	DDoS Attack Web Spam Brute-Force Web App Attack
Anonymous	2026-03-17 20:00:38 (2 months ago)	2026-03-17 11:00:08,447 fail2ban.actions [3511917]: NOTICE [tor] Ban 198.46.166.157 2026-03- ... show more 2026-03-17 11:00:08,447 fail2ban.actions [3511917]: NOTICE [tor] Ban 198.46.166.157 2026-03-17 13:00:49,110 fail2ban.actions [3511917]: NOTICE [tor] Ban 198.46.166.157 2026-03-17 16:00:28,293 fail2ban.actions [3511917]: NOTICE [tor] Ban 198.46.166.157 2026-03-17 19:00:58,881 fail2ban.actions [3511917]: NOTICE [tor] Ban 198.46.166.157 2026-03-17 22:00:26,960 fail2ban.actions [3511917]: NOTICE [tor] Ban 198.46.166.157 show less	Brute-Force
🇮🇳 liveaspankaj	2026-03-14 18:03:21 (2 months ago)	DDoS attack: 71 requests in 5m (GET / or repair.php).	DDoS Attack
🇺🇸 gu-alvareza	2026-02-23 07:05:08 (3 months ago)	Bash.Function.Definitions.Remote.Code.Execution	Hacking Web App Attack
🇪🇸 gnom4ik	2026-02-20 20:39:01 (3 months ago)	ban-reviewer auto report; ip=198.46.166.157; scenario=http:scan; verdict=valid_ban; confidence=0.90; ... show more ban-reviewer auto report; ip=198.46.166.157; scenario=http:scan; verdict=valid_ban; confidence=0.90; categories=14,15,18; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scenario: http:scan); AbuseIPDB categories include Port Scan (14) and Hacking (15), consistent with scan/exploit patterns; Decision stats show 2 active decisions in lookback window, indicating repeated suspicious beha show less	Port Scan Hacking Brute-Force
🇺🇸 gu-alvareza	2026-02-14 07:05:10 (3 months ago)	Cross.Site.Scripting	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-02 22:59:55 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-01. show less	Hacking Web App Attack SSH
🇺🇸 gu-alvareza	2026-02-02 07:05:09 (4 months ago)	Generic.Path.Traversal.Detection	Port Scan

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.206.182.206

🇳🇱 185.211.155.31

🇩🇪 92.113.16.153

🇫🇷 82.102.18.182

🇪🇸 34.175.118.185

🇩🇪 209.38.208.202

🇨🇳 114.98.63.18

🇷🇴 92.118.39.236

🇮🇷 37.255.239.81

🇨🇳 222.87.110.69

🇺🇸 137.118.83.91

🇵🇭 119.92.251.145

🇲🇾 47.250.127.65

🇱🇹 45.81.254.78

🇮🇩 208.76.40.197

🇪🇬 197.48.105.236

🇬🇧 193.32.209.248

🇦🇺 115.70.50.112

🇨🇳 106.40.67.60

🇩🇪 94.16.115.121