JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.173.185.142

107.173.185.142 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	Hudson Valley Host
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-173-185-142-host.colocrossing.com
Domain Name	hudsonvalleyhost.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.173.185.142

Whois 107.173.185.142

IP Abuse Reports for 107.173.185.142:

This IP address has been reported a total of 17 times from 6 distinct sources. 107.173.185.142 was first reported on November 12th 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2023-12-21 11:17:36 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2023-12-17 11:43:50 (2 years ago)	(mod_security) mod_security (id:243420) triggered by 107.173.185.142 (107-173-185-142-host.colocross ... show more (mod_security) mod_security (id:243420) triggered by 107.173.185.142 (107-173-185-142-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 06:43:42.461247 2023] [security2:error] [pid 28804] [client 107.173.185.142:57305] [client 107.173.185.142] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS:form_id" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.takemehomedogrescue.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.takemehomedogrescue.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ZX7e7AP02OHgiHd83ZXt6gAAAA4"], referer: http://www.takemehomedogrescue.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇻🇳 Xuan Can	2023-12-13 22:17:48 (2 years ago)	(mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-ho ... show more (mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 14 05:17:39.991707 2023] [security2:error] [pid 23826:tid 47822084843264] [client 107.173.185.142:48245] [client 107.173.185.142] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZXotgzgYeHXq1P2_gqxHywAAARY"], referer: https://kb.pavietnam.vn/wp-login.php?action=register show less	Brute-Force SSH
🇦🇺 MAGIC	2023-12-10 16:28:39 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2023-12-07 13:07:57 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇩 Burayot	2023-12-01 23:49:36 (2 years ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 107.173.185.142 (US/United States/10 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com): 2 in the last 3600 secs show less	Web App Attack
🇻🇳 Xuan Can	2023-11-29 07:03:28 (2 years ago)	(mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-ho ... show more (mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 29 14:03:21.993112 2023] [security2:error] [pid 3982:tid 47037302327040] [client 107.173.185.142:44143] [client 107.173.185.142] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZWbiOZopNfhXLoaJ3tITKQAAAIw"], referer: https://kb.pavietnam.vn/wp-login.php?action=register show less	Brute-Force SSH
Anonymous	2023-11-28 04:14:46 (2 years ago)	Malicious activity detected	Hacking Brute-Force
🇦🇺 MAGIC	2023-11-28 03:16:01 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇻🇳 Xuan Can	2023-11-27 10:06:55 (2 years ago)	(mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-ho ... show more (mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 27 17:06:48.565248 2023] [security2:error] [pid 13832:tid 47851990181632] [client 107.173.185.142:59383] [client 107.173.185.142] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZWRqOOgKxA4Qx0tdF4CD-QAAAUs"], referer: https://kb.pavietnam.vn/wp-login.php?action=register show less	Brute-Force SSH
🇻🇳 Xuan Can	2023-11-27 04:57:21 (2 years ago)	(mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-ho ... show more (mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 27 11:57:12.132416 2023] [security2:error] [pid 23162:tid 47852000687872] [client 107.173.185.142:49676] [client 107.173.185.142] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZWQhqFw8CN6XInlJ3iaP1QAAANA"], referer: https://kb.pavietnam.vn/ show less	Brute-Force SSH
🇻🇳 Xuan Can	2023-11-23 09:30:00 (2 years ago)	(mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-ho ... show more (mod_security) mod_security (id:6) triggered by 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 23 16:29:54.267963 2023] [security2:error] [pid 17516:tid 47915163002624] [client 107.173.185.142:42747] [client 107.173.185.142] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZV8bkkdi5qfLfvBwljBhWwAAAQ8"], referer: https://kb.pavietnam.vn/ show less	Brute-Force SSH
🇦🇺 MAGIC	2023-11-19 09:10:38 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2023-11-14 09:20:56 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇱 Roderic	2023-11-14 08:41:22 (2 years ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 107.173.185.142 ... show more (apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 107.173.185.142 (US/United States/107-173-185-142-host.colocrossing.com) show less	Hacking

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.130

🇳🇱 91.92.42.133

🇱🇹 45.227.254.170

🇸🇦 2001:16a2:4ea7:700:f418:f8e:d407:1ac0

🇷🇺 212.3.155.8

🇧🇷 45.229.91.34

🇳🇱 45.148.10.157

🇺🇸 45.79.109.130

🇮🇷 2.188.35.66

🇬🇧 194.164.91.60

🇳🇱 176.65.139.158

🇨🇦 165.22.225.218

🇺🇸 141.11.88.18

🇭🇰 45.249.244.136

🇺🇸 34.106.150.153

🇳🇱 2001:67c:e60:c0c:192:42:116:52

🇺🇦 195.158.197.86

🇮🇪 65.52.75.227

🇺🇸 64.62.156.33

🇷🇴 2.57.122.177