JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.173.93.163

107.173.93.163 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 27%: ?

27%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-173-93-163-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.173.93.163

Whois 107.173.93.163

IP Abuse Reports for 107.173.93.163:

This IP address has been reported a total of 14 times from 7 distinct sources. 107.173.93.163 was first reported on January 25th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-14 06:06:03 (1 week ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-28 08:09:24 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 04:09:20.405169 2026] [security2:error] [pid 10347:tid 10347] [client 107.173.93.163:56041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theflyingdutchman.us"] [uri "/wp-config.php.save"] [unique_id "ahf4MLZc05c5C_dJGbKQmQAAABE"], referer: https://www.google.com/search?q=theflyingdutchman.us show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 06:39:57 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 02:39:53.235212 2026] [security2:error] [pid 19489:tid 19489] [client 107.173.93.163:45535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.zohartours.com"] [uri "/.env.development.local"] [unique_id "ahfjOeOO31CVUNy8YJi9sQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 sid3windr	2026-05-28 03:55:25 (4 weeks ago)	GET /config/secrets.yml (Tarpitted for , wasted 120B)	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-27 22:00:49 (4 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-26. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-27 18:55:52 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:55:49.641067 2026] [security2:error] [pid 5951:tid 5951] [client 107.173.93.163:42151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rentadeandamioscdmx.com.spyasociados.com"] [uri "/.env.production"] [unique_id "ahc-NXJKmW65Y9AYM_nFggAAAAg"], referer: https://www.google.com/search?q=www.rentadeandamioscdmx.com.spyasociados.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 17:52:10 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:52:04.705371 2026] [security2:error] [pid 28942:tid 28942] [client 107.173.93.163:34009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "integritysecurity.us"] [uri "/.env"] [unique_id "ahcvRP1yDo1EXvXp2nDuYAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-05-27 16:15:53 (4 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 12:19:06 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 08:18:59.179691 2026] [security2:error] [pid 18976:tid 18976] [client 107.173.93.163:38749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.z-industrial.com"] [uri "/.env.development.local"] [unique_id "ahbhM6k4vE8K0IUSSwLZtgAAABw"], referer: https://www.google.com/search?q=autodiscover.z-industrial.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:33:12 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:33:03.447568 2026] [security2:error] [pid 26488:tid 26633] [client 107.173.93.163:43393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deathbyaudiostore.com"] [uri "/wp-config.php.save"] [unique_id "ahY7vyaZlgStTS-rKETbpAAAARE"], referer: https://www.google.com/search?q=deathbyaudiostore.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-26 21:59:49 (4 weeks ago)	Auto-ban: >3000 req/min op 2026-05-26	Web App Attack SSH Hacking
🇫🇷 dynamix	2026-05-26 17:55:05 (4 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2025-02-28 21:29:39 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 107.173.93.163 (107-173-93-163-host.colocrossin ... show more (mod_security) mod_security (id:211190) triggered by 107.173.93.163 (107-173-93-163-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:28:37.132573 2025] [security2:error] [pid 11085:tid 11181] [client 107.173.93.163:55271] [client 107.173.93.163] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/cgi-bin/tsaupload.cgi"] [unique_id "Z8IqhZJu6r4UvifodEEO-wAAAMo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 09:10:02 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 179.32.33.161

🇫🇮 147.185.133.134

🇸🇬 103.187.146.169

🇨🇦 216.180.124.7

🇩🇪 213.209.159.238

🇩🇪 167.94.146.33

🇨🇭 104.244.77.109

🇺🇸 104.145.210.244

🇸🇬 94.231.206.9

🇷🇴 92.118.39.71

🇸🇬 15.235.162.23

🇬🇧 194.147.16.202

🇺🇸 162.216.150.138

🇺🇸 152.65.185.144

🇨🇳 116.211.239.114

🇷🇴 92.118.39.77

🇳🇱 89.32.243.133

🇩🇪 64.226.126.224

🇱🇺 46.151.182.139

🇺🇸 35.222.117.243