JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.175.148.68

107.175.148.68 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 1%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	107-175-148-68-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.175.148.68

Whois 107.175.148.68

IP Abuse Reports for 107.175.148.68:

This IP address has been reported a total of 5 times from 5 distinct sources. 107.175.148.68 was first reported on July 22nd 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MeduzaCTI	2026-05-29 16:50:31 (2 weeks ago)	Indicator Report Indicator: 107.175.148.68 Reporter: CloudStrife Description: Havoc C2 Detected Tag ... show more Indicator Report Indicator: 107.175.148.68 Reporter: CloudStrife Description: Havoc C2 Detected Tags: Havoc,Malware,C2 Source: MeduzaCTI Platform Reference: https://meduzacti.com show less	Hacking
🇩🇪 Hary74656	2025-11-30 22:23:51 (6 months ago)	[Sun Nov 30 23:22:35.720840 2025] [security2:error] [pid 379273:tid 379405] [client 107.175.148.68:5 ... show more [Sun Nov 30 23:22:35.720840 2025] [security2:error] [pid 379273:tid 379405] [client 107.175.148.68:54859] [client 107.175.148.68] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "aura.weavernet.at"] [uri "/.env"] [unique_id "aSzDq-ZPBHeKAF2rpThrhwAAA6Q"] [Sun Nov 30 23:22:36.521880 2025] [security2:error] [pid 379307:tid 379378] [client 107.175.148.68:61201] [client 107.175.148.68] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/usr/share/ ... show less	Web App Attack
Anonymous	2025-11-30 14:29:46 (6 months ago)	Aggressive web scan	Web App Attack
🇵🇱 TheWojtek	2025-08-09 10:54:47 (10 months ago)	Aug 9 12:54:47 hq postfix/smtpd[2491977]: NOQUEUE: reject: RCPT from unknown[107.175.148.68]: 554 5 ... show more Aug 9 12:54:47 hq postfix/smtpd[2491977]: NOQUEUE: reject: RCPT from unknown[107.175.148.68]: 554 5.7.1 Client host 107.175.148.68 blocked using ZEN - see https://www.spamhaus.org/query/ip/107.175.148.68 for details; from=<> to=<[email protected]> proto=SMTP helo=<hq.zajc.pl> ... show less	Email Spam
🇺🇸 xmission.com	2025-07-22 09:59:02 (10 months ago)	Blocked 21 connection attempts due to RBL reputation in the past hour.	Email Spam

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.72.195.114

🇰🇷 175.206.113.91

🇩🇪 138.201.207.230

🇧🇷 129.121.39.181

🇵🇭 112.205.46.62

🇸🇪 104.23.221.203

🇧🇬 79.124.40.110

🇺🇸 66.132.172.157

🇺🇸 3.142.170.60

🇮🇳 206.189.130.193

🇸🇬 194.164.107.4

🇺🇸 172.245.197.134

🇺🇸 162.216.149.170

🇸🇪 79.76.58.113

🇩🇪 45.130.203.138

🇩🇪 45.130.203.132

🇺🇸 45.56.134.129

🇷🇴 193.46.255.86

🇨🇳 183.241.253.208

🇺🇸 162.216.150.64