JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.54.114.48

198.54.114.48 was found in our database!

This IP was reported 327 times. Confidence of Abuse is 0%: ?

ISP	Namecheap, Inc.
Usage Type	Content Delivery Network
ASN	AS22612
Hostname(s)	server224.web-hosting.com
Domain Name	namecheap.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.54.114.48

Whois 198.54.114.48

IP Abuse Reports for 198.54.114.48:

This IP address has been reported a total of 327 times from 85 distinct sources. 198.54.114.48 was first reported on April 18th 2022, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-11-14 20:09:55 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2025-11-13 23:36:41 (7 months ago)		Brute-Force Web App Attack
🇲🇹 Malta	2025-11-13 18:22:58 (7 months ago)	198.54.114.48 - - [13/Nov/2025:19:22:58 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 198.54.114.48 - - [13/Nov/2025:19:22:58 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; MAGWJS; rv:11.0) like Gecko" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 17:05:14 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 12:05:09.992594 2025] [security2:error] [pid 21561:tid 21561] [client 198.54.114.48:39454] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.hiddenmoosecorners.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.hiddenmoosecorners.com"] [uri "/wp-json/Wp/v2/users"] [unique_id "aRYPxV6GX8zO9n1vDqVTFwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2025-11-13 11:35:56 (7 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 05:54:03 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 00:53:56.710309 2025] [security2:error] [pid 2491:tid 2506] [client 198.54.114.48:51576] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|arizonasolutionsgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arizonasolutionsgroup.com"] [uri "/wp-json/wp/v2/usErs"] [unique_id "aRVydJ417cYANjAwadHYaAAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2025-11-12 23:36:13 (7 months ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 12:16:17 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 07:16:10.298468 2025] [security2:error] [pid 4731:tid 4731] [client 198.54.114.48:37388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dokuzadabirdeniz.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dokuzadabirdeniz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRR6iij6V_0FBL5e97FA0AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2025-11-12 09:13:07 (7 months ago)	198.54.114.48 - - [12/Nov/2025:10:13:06 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 198.54.114.48 - - [12/Nov/2025:10:13:06 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 23:42:32 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 18:42:28.136623 2025] [security2:error] [pid 3591:tid 3591] [client 198.54.114.48:41624] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.hawaiivacations.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.hawaiivacations.com"] [uri "/index.php/wp-json/wp/v2/users"] [unique_id "aRPJ5C1eHyyC_hyBLeRl3gAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 21:34:53 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 16:34:49.972906 2025] [security2:error] [pid 16129:tid 16129] [client 198.54.114.48:58602] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|globalweb123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "globalweb123.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aROr-WMQri4w9oTdOrb8cwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 17:21:25 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 12:21:22.110860 2025] [security2:error] [pid 23478:tid 23478] [client 198.54.114.48:41846] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cadimpressions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cadimpressions.com"] [uri "/wp-json/Wp/v2/users"] [unique_id "aRNwkghjHOK02mRsZUfxQAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2025-11-11 14:04:06 (7 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 11:34:00 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 198.54.114.48 (server224.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 06:33:54.511740 2025] [security2:error] [pid 13370:tid 13393] [client 198.54.114.48:57770] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.miraclebrow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.miraclebrow.com"] [uri "/wp-json/Wp/v2/users"] [unique_id "aRMfIrTRMzO7iZSrcqfBpQAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 pusathosting.com	2025-11-11 11:09:04 (7 months ago)	2ds22 bruteforce	Brute-Force Web App Attack

Showing 1 to 15 of 327 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 213.142.48.143

🇷🇺 213.33.182.183

🇺🇸 206.72.199.210

🇺🇸 205.210.31.74

🇺🇸 205.210.31.69

🇮🇳 203.192.232.180

🇺🇸 195.184.76.141

🇳🇱 176.65.139.105

🇺🇸 172.105.147.247

🇦🇺 144.86.173.222

🇮🇳 143.110.177.177

🇮🇩 143.20.49.93

🇷🇴 142.111.250.22

🇺🇸 142.93.20.226

🇰🇷 119.192.219.77

🇯🇵 118.193.61.14

🇺🇸 91.230.168.250

🇺🇸 91.230.168.125

🇬🇷 83.235.16.111

🇩🇪 69.5.169.51