JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.172.116.44

107.172.116.44 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 25%: ?

25%

ISP	RackNerd LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-172-116-44-host.colocrossing.com
Domain Name	racknerd.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.172.116.44

Whois 107.172.116.44

IP Abuse Reports for 107.172.116.44:

This IP address has been reported a total of 9 times from 4 distinct sources. 107.172.116.44 was first reported on May 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-14 11:27:03 (1 day ago)	block ruleset 7B8FD6B12C4E12B6F0DAE02E53C0597FBEDDF5BC	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-05-28 22:03:22 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-28 00:16:48 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:16:43.828106 2026] [security2:error] [pid 6948:tid 6948] [client 107.172.116.44:42649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pontiacpalace.com"] [uri "/.env"] [unique_id "aheJayw3hHLIg8OFBzFoBAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 23:34:03 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 19:33:55.940140 2026] [security2:error] [pid 17780:tid 17797] [client 107.172.116.44:36191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardentsi.com"] [uri "/.env.development"] [unique_id "ahd_Y35rsXbyHr2XbYN3TQAAAE0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 18:14:34 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:14:28.773734 2026] [security2:error] [pid 12158:tid 12158] [client 107.172.116.44:53375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.mathewyoung.com"] [uri "/.env.development"] [unique_id "ahc0hFoL8Qsnkae_XBnW1wAAAAE"], referer: https://www.google.com/search?q=www.test.mathewyoung.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 17:47:32 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:47:24.381780 2026] [security2:error] [pid 21661:tid 21661] [client 107.172.116.44:42337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dosrios.com.mx"] [uri "/.env.bak"] [unique_id "ahcuLFAWuAaWGYr0_WjCbgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-27 01:25:04 (2 weeks ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:31:28 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:31:11.826293 2026] [security2:error] [pid 20196:tid 20196] [client 107.172.116.44:51995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gapanda.com"] [uri "/.env.save"] [unique_id "ahY7T_4Y91LRHDwjtRgnCAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 18:10:22 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.172.116.44 (107-172-116-44-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:10:03.258852 2026] [security2:error] [pid 25237:tid 25237] [client 107.172.116.44:40837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thedoodlists.com"] [uri "/.env.development.local"] [unique_id "ahXh-7ybbodeoDhE-QBeUQAAAA0"], referer: https://www.google.com/search?q=thedoodlists.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.230

🇺🇸 205.210.31.48

🇺🇸 143.244.179.31

🇭🇰 119.8.58.228

🇺🇸 74.82.47.30

🇱🇹 45.227.254.170

🇹🇼 198.235.24.53

🇷🇴 193.32.162.83

🇷🇴 193.32.162.16

🇻🇳 160.191.87.178

🇳🇱 91.92.40.13

🇮🇹 88.149.145.190

🇨🇳 58.212.237.135

🇩🇪 8.211.37.179

🇺🇸 2600:1f10:4310:fa00:663:feac:60e8:63e1

🇵🇰 202.142.154.99

🇭🇰 199.45.155.101

🇳🇱 195.178.110.30

🇨🇳 175.24.205.175

🇮🇳 152.59.146.29