JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.46.241.119

198.46.241.119 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 2%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	198-46-241-119-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.46.241.119

Whois 198.46.241.119

IP Abuse Reports for 198.46.241.119:

This IP address has been reported a total of 15 times from 6 distinct sources. 198.46.241.119 was first reported on August 2nd 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:48:29 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:47:53.923791 2026] [security2:error] [pid 11733:tid 12073] [client 198.46.241.119:57875] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/main.php.bak"] [unique_id "ahzkyR1bJq1aGF8ItKdenAAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 12:27:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 07:26:58.870390 2026] [security2:error] [pid 483:tid 653] [client 198.46.241.119:41747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/.env.www"] [unique_id "aX9GkgMxl-cQ0UzvOvSbqAAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Kurtbaby	2025-12-30 15:43:00 (5 months ago)	Part of a coordinated attack from many different source IPs that targeted our company's VPN Christma ... show more Part of a coordinated attack from many different source IPs that targeted our company's VPN Christmas Eve through the end of the 26th. show less	Hacking
🇺🇸 TPI-Abuse	2025-12-02 23:25:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:25:33.454649 2025] [security2:error] [pid 17648:tid 17648] [client 198.46.241.119:48245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/web.config"] [unique_id "aS91bapMjiTWRTPhTfXHEwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 07:10:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 02:10:16.848371 2025] [security2:error] [pid 27471:tid 27504] [client 198.46.241.119:60115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/.env.backup"] [unique_id "aS0_WHLXOKC0tXS7y0k9EwAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 11:43:08 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 06:43:01.994341 2025] [security2:error] [pid 22392:tid 22392] [client 198.46.241.119:51221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.nbcnewsradio.com"] [uri "/_.htaccess"] [unique_id "aRRyxfmJ14T1QyAzm9fBbAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:46:15 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:46:09.026351 2025] [security2:error] [pid 31609:tid 31653] [client 198.46.241.119:37635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/.env.kettlehill"] [unique_id "aN0-sUgoBUJS8Bc29Muz-wAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-08-18 09:41:57 (10 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-08-01 06:41:56 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:41:35.178657 2025] [security2:error] [pid 3550633:tid 3551248] [client 198.46.241.119:33233] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/\\\\windows/win.ini"] [unique_id "aIxhn9KwxXmY5Cscsa6BngAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2025-07-21 14:20:05 (11 months ago)	IP was involved in L7 DDoS attack.	DDoS Attack
Anonymous	2025-07-01 13:30:05 (11 months ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 06:52:18 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 02:52:09.414373 2025] [security2:error] [pid 2636838:tid 2636931] [client 198.46.241.119:37127] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/admin/logs/errors.log"] [unique_id "aDv4mTvwu3ccjH5oiKEXoQAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 20:14:12 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossin ... show more (mod_security) mod_security (id:210730) triggered by 198.46.241.119 (198-46-241-119-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 16:14:04.333426 2025] [security2:error] [pid 617707:tid 617707] [client 198.46.241.119:49745] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/..../..../..../..../..../..../..../..../..../windows/win.ini"] [unique_id "aDoRjFFAyr8jfVphzsWWmwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2023-08-30 21:43:54 (2 years ago)	Form spam	Web Spam
🇦🇺 oncord	2023-08-02 05:02:29 (2 years ago)	Form spam	Web Spam

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.46.57.226

🇨🇳 223.15.246.7

🇨🇦 216.26.236.84

🇰🇷 211.246.182.158

🇸🇾 188.133.2.98

🇮🇶 169.224.117.59

🇮🇶 169.224.96.66

🇫🇷 146.70.194.230

🇩🇪 91.107.130.2

🇳🇱 91.92.40.23

🇨🇦 85.217.149.64

🇳🇱 45.148.10.157

🇽🇰 45.84.119.36

🇮🇶 38.3.229.249

🇧🇪 35.195.246.162

🇪🇸 34.175.118.185

🇨🇳 220.197.14.60

🇪🇨 190.152.237.75

🇯🇵 175.41.211.175

🇳🇱 172.217.96.22