JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.173.241.248

107.173.241.248 was found in our database!

This IP was reported 63 times. Confidence of Abuse is 44%: ?

44%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-173-241-248-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.173.241.248

Whois 107.173.241.248

IP Abuse Reports for 107.173.241.248:

This IP address has been reported a total of 63 times from 36 distinct sources. 107.173.241.248 was first reported on May 30th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-05-07 16:53:26 (1 month ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇩🇪 Holger	2026-05-05 21:36:00 (1 month ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇫🇷 masterguru	2026-05-04 18:13:23 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 107.173.241.248 (US/United States/107 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 107.173.241.248 (US/United States/107-173-241-248-host.colocrossing.com): 1 in the last 3600 secs (0-197) show less	Hacking
🇩🇪 Nightreaver	2026-05-04 15:31:24 (1 month ago)	107.173.241.248 - - [04/May/2026:17:31:23 0200] "GET /api/.env HTTP/1.1" 404 435 "-" "Mozilla/5.0 ( ... show more 107.173.241.248 - - [04/May/2026:17:31:23 0200] "GET /api/.env HTTP/1.1" 404 435 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15" 107.173.241.248 - - [04/May/2026:17:31:23 0200] "GET /.aws/credentials HTTP/1.1" 404 435 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 107.173.241.248 - - [04/May/2026:17:31:23 0200] "GET /serviceAccountKey.json HTTP/1.1" 404 435 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 107.173.241.248 - - [04/May/2026:17:31:23 0200] "GET /backend/.env HTTP/1.1" 404 435 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 107.173.241.248 - - [04/May/2026:17:31:23 0200] "GET /app/.env HTTP/1.1" 404 435 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safa[...] show less	Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-05-04 13:11:06 (1 month ago)	Login credentials theft attempt	Hacking
🇧🇷 SOC PR	2026-05-04 12:14:14 (1 month ago)	IPS: Sensitive Configuration File Disclosure.	Hacking
🇮🇳 Genhost	2026-05-04 10:11:46 (1 month ago)	SCANNING OF PHP SHELL FILES	Brute-Force SSH
🇺🇦 kent	2026-05-04 09:15:00 (1 month ago)		Bad Web Bot Web App Attack Hacking
🇩🇪 todix	2026-05-04 07:37:52 (1 month ago)	Web App Attack Exploid from 107.173.241.248	Web App Attack
🇮🇳 evicky2002	2026-05-04 06:00:00 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇬🇧 openstrike.co.uk	2026-05-04 05:13:55 (1 month ago)	8 attacks on config grabbing URLs (type 2), password grabbing URLs, env grabbing URLs: GET /secrets. ... show more 8 attacks on config grabbing URLs (type 2), password grabbing URLs, env grabbing URLs: GET /secrets.json HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /app/.env HTTP/1.1 show less	Hacking
🇺🇸 mnsf	2026-05-04 03:05:40 (1 month ago)	Too many Status 40X (47) Scanning/Probing (36)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-03 22:00:21 (1 month ago)	Auto-ban: >3000 req/min op 2026-05-03	Web App Attack SSH Hacking
🇬🇧 Aetherweb Ark	2026-05-03 19:35:53 (1 month ago)	(mod_security) mod_security (id:949110) triggered by 107.173.241.248 (US/United States/107-173-241-2 ... show more (mod_security) mod_security (id:949110) triggered by 107.173.241.248 (US/United States/107-173-241-248-host.colocrossing.com): N in the last X secs show less	Web App Attack
Anonymous	2026-05-03 17:05:06 (1 month ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot

Showing 1 to 15 of 63 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 193.189.100.198

🇺🇦 143.244.45.227

🇰🇷 59.21.37.60

🇭🇰 36.255.220.145

🇺🇸 2607:f8b0:4023:1009::12d

🇮🇩 202.72.196.75

🇨🇳 183.60.172.37

🇧🇷 179.83.134.101

🇫🇮 178.20.210.208

🇺🇸 172.93.103.2

🇷🇴 141.98.83.240

🇺🇸 136.107.202.7

🇷🇴 92.118.39.204

🇮🇹 91.80.128.127

🇺🇸 203.161.54.251

🇨🇳 183.56.198.150

🇨🇴 181.234.13.119

🇺🇸 143.42.1.189

🇺🇸 107.150.101.57

🇷🇴 92.118.39.229