AbuseIPDB » 172.245.157.147
172.245.157.147
This IP was reported 9 times. Confidence of
Abuse
is 0% : ?
ISP
HostPapa
Usage Type
Data Center/Web Hosting/Transit
ASN
AS36352
Hostname(s)
172-245-157-147-host.colocrossing.com
Domain Name
hostpapa.com
Country
๐บ๐ธ
United States of America
City
Buffalo, New York
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 172.245.157.147 :
This IP address has been reported a total of
9
times from
6 distinct
sources.
172.245.157.147 was first reported on
January 22nd 2024 , and the most recent report was
2 months ago
Old Reports:
The most recent abuse report for this IP address is from
2 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฎ๐ช
AutosOnShow
2026-04-01 17:55:05
(2 months ago)
blocked for webapp attack | path requested: /.env | seen at 2026-04-01 17:54:11.019 |
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-02-08 20:14:05
(4 months ago)
blocked for webapp attack | path requested: /.env | seen at 2026-02-08 20:13:04.662 |
Web App Attack
๐บ๐ธ
ne1for23
2026-02-07 11:20:20
(4 months ago)
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ...
show more
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution.
172.245.157.147 - - [07/Feb/2026:11:20:19 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" "-"
show less
Hacking
๐ฎ๐ช
AutosOnShow
2025-12-31 13:55:05
(5 months ago)
blocked for webapp attack | path requested: /.env | seen at 2025-12-31 13:54:08.943 |
Web App Attack
2025-11-22 13:28:34
(6 months ago)
Environment File Enumeration
Hacking
๐ฎ๐ช
AutosOnShow
2025-11-07 13:06:05
(7 months ago)
blocked for webapp attack | path requested: /.env | seen at 2025-11-07 13:05:04.989 |
Web App Attack
๐ฎ๐ฉ
Burayot
2025-07-06 04:30:00
(11 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 172.245.157.147 (US/United States/1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 172.245.157.147 (US/United States/172-245-157-147-host.colocrossing.com): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
oncord
2024-01-25 14:42:53
(2 years ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2024-01-22 23:28:18
(2 years ago)
(mod_security) mod_security (id:217280) triggered by 172.245.157.147 (172-245-157-147-host.colocross ...
show more
(mod_security) mod_security (id:217280) triggered by 172.245.157.147 (172-245-157-147-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 22 18:28:11.156109 2024] [security2:error] [pid 18578] [client 172.245.157.147:36391] [client 172.245.157.147] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n|\\\\r)+(?:get|post|head|options|connect|put|delete|trace|propfind|propatch|mkcol|copy|move|lock|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack||impgs.com|F|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "impgs.com"] [uri "/site/contactenos/es"] [unique_id "Za76C0e6RSWW-E9tUdoiEgAAAAk"], referer: http://impgs.com/site/contactenos/es
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: