JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.172.35.195

107.172.35.195 was found in our database!

This IP was reported 344 times. Confidence of Abuse is 100%: ?

100%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-172-35-195-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.172.35.195

Whois 107.172.35.195

IP Abuse Reports for 107.172.35.195:

This IP address has been reported a total of 344 times from 163 distinct sources. 107.172.35.195 was first reported on May 1st 2026, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-25 10:08:07 (4 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 107.172.35.195 (US/United States/107-17 ... show more (mod_security) mod_security triggered on hostname [redacted] 107.172.35.195 (US/United States/107-172-35-195-host.colocrossing.com) show less	SQL Injection
🇮🇹 clamehost.it	2026-05-25 07:42:23 (4 weeks ago)	Automatic report - Brute Force attack using this IP address	Brute-Force
🇫🇷 masterguru	2026-05-25 06:41:14 (4 weeks ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇫🇷 masterguru	2026-05-25 05:34:05 (4 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-05-25 04:34:22 (4 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇩🇪 4server	2026-05-25 04:32:38 (4 weeks ago)	[MonMay2506:32:34.7048762026][security2:error][pid3555905:tid3556012][client107.172.35.195:0]ModSecu ... show more [MonMay2506:32:34.7048762026][security2:error][pid3555905:tid3556012][client107.172.35.195:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ci-ticino.ch\"][uri\"/.git/HEAD\"][unique_id\"ahPQ4l5ZKOOOwD_qRwlrMQAAAQQ\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-05-24 19:11:35 (4 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Vano Ganzzz	2026-05-24 16:28:23 (4 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 36352 (HostPapa) Protoco ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 36352 (HostPapa) Protocol: HTTP/1.1 (GET method) Endpoint: /backend/.env Timestamp: 2026-05-24T16:28:23Z Ray ID: a00dac582e1d74a5 UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 show less	Bad Web Bot
🇫🇷 dynamix	2026-05-24 03:39:03 (4 weeks ago)	Multiple WAF Violations	Web App Attack
🇩🇪 todix	2026-05-24 03:01:00 (4 weeks ago)	Web App Attack Exploid from 107.172.35.195	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-23 22:42:59 (4 weeks ago)	107.172.35.195 - - [24/May/2026:01:42:58 +0300] "GET /.env HTTP/1.1" 404 731 "-" "Mozilla/5.0 (Macin ... show more 107.172.35.195 - - [24/May/2026:01:42:58 +0300] "GET /.env HTTP/1.1" 404 731 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" ... show less	Web App Attack
Anonymous	2026-05-23 22:41:07 (4 weeks ago)	107.172.35.195 detected on srv01	Brute-Force
🇦🇺 clapper	2026-05-23 21:58:38 (4 weeks ago)	(mod_security) mod_security (id:949110) triggered by 107.172.35.195 (US/United States/107-172-35-195 ... show more (mod_security) mod_security (id:949110) triggered by 107.172.35.195 (US/United States/107-172-35-195-host.colocrossing.com): 5 in the last 600 secs; ID: rub show less	Brute-Force Bad Web Bot
🇦🇱 router.al	2026-05-23 20:55:19 (4 weeks ago)	05/23/2026-20:55:19.572834 107.172.35.195 Protocol: 6 GPL WEB_SERVER 403 Forbidden	Port Scan
🇩🇪 raph	2026-05-23 20:32:49 (4 weeks ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack

Showing 1 to 15 of 344 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 200.106.49.149

🇺🇸 173.255.243.63

🇺🇸 162.243.121.170

🇳🇱 91.92.40.233

🇺🇸 67.205.185.51

🇩🇪 185.176.94.38

🇨🇳 182.88.238.215

🇸🇪 171.25.193.131

🇫🇷 91.196.152.181

🇳🇱 91.92.40.153

🇹🇷 78.186.116.21

🇷🇺 77.88.47.31

🇩🇪 69.5.169.36

🇮🇳 66.116.224.161

🇳🇱 45.148.10.121

🇫🇮 217.217.247.251

🇷🇺 217.150.37.249

🇩🇪 213.209.159.227

🇳🇱 204.76.203.36

🇺🇸 150.107.38.195