JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.168.25.253

104.168.25.253 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	104-168-25-253-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.168.25.253

Whois 104.168.25.253

IP Abuse Reports for 104.168.25.253:

This IP address has been reported a total of 12 times from 10 distinct sources. 104.168.25.253 was first reported on April 11th 2024, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 exxos	2025-07-27 22:49:16 (10 months ago)	web exploit attacks	Web App Attack
🇳🇱 exxos	2025-07-17 17:31:29 (10 months ago)	web exploit attacks	Web App Attack
🇮🇩 Burayot	2025-07-11 07:18:27 (10 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.168.25.253 (US/United States/10 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.168.25.253 (US/United States/104-168-25-253-host.colocrossing.com): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-07-10 19:32:28 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 104.168.25.253 (104-168-25-253-host.colocrossin ... show more (mod_security) mod_security (id:225170) triggered by 104.168.25.253 (104-168-25-253-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 15:32:21.039578 2025] [security2:error] [pid 27180:tid 27180] [client 104.168.25.253:44667] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fundaciondamashcc.org.ec\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fundaciondamashcc.org.ec"] [uri "/wp-json/wp/v2/users"] [unique_id "aHAVRb489Hx9Y4jEqnjd2AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2025-07-10 11:37:00 (10 months ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-07-09 15:38:36 (10 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0 Action: managed_challenge Source: firewallManaged ASN Description: AS-COLOCROSSING Country: US Method: GET Timestamp: 2025-07-09T15:38:36Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-07-09 14:05:03 (10 months ago)	XML RPC Scan Activities	Brute-Force Web App Attack
🇮🇩 Burayot	2025-07-08 10:58:55 (10 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.168.25.253 (US/United States/10 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.168.25.253 (US/United States/104-168-25-253-host.colocrossing.com): 1 in the last 3600 secs show less	Web App Attack
🇧🇪 voormedia	2025-07-08 07:51:52 (10 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
Anonymous	2025-03-26 02:21:48 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 gu-alvareza	2024-08-11 07:05:14 (1 year ago)	WordPress.REST.API.Username.Enumeration.Information.Disclosure	Web App Attack
🇺🇸 nowyouknow	2024-04-11 03:02:28 (2 years ago)	(From [email protected]) Hi, my name is Anwar,I have noticed a few issues with your w ... show more (From [email protected]) Hi, my name is Anwar,I have noticed a few issues with your website, and I'd love to help you fix them as I am an WEB Specialist and help small business to get more business using thier website? Should I send you issues list? if yes, reply with yes. show less	Phishing Web Spam

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2001:41d0:203:df38::

🇧🇷 177.87.201.130

🇮🇩 163.7.9.55

🇭🇰 154.198.162.75

🇧🇷 152.243.216.19

🇮🇩 125.213.152.34

🇹🇭 106.0.166.123

🇲🇩 91.208.184.96

🇧🇬 79.124.60.146

🇺🇸 65.49.1.32

🇰🇪 62.24.119.127

🇮🇪 52.215.190.243

🇺🇸 50.80.184.78

🇬🇧 46.101.29.53

🇭🇰 45.142.154.89

🇷🇴 2.57.121.112

🇨🇳 111.26.62.42

🇺🇸 66.132.195.20

🇺🇸 52.15.135.57

🇸🇬 43.163.107.154