JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.147.128.203

142.147.128.203 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Fixed Line ISP
ASN	AS2914
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.147.128.203

Whois 142.147.128.203

IP Abuse Reports for 142.147.128.203:

This IP address has been reported a total of 7 times from 4 distinct sources. 142.147.128.203 was first reported on May 25th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SCHAPPY	2026-05-08 13:36:43 (1 month ago)	Bad bot identified by user agent	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-01 15:57:06 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 11:57:01.826728 2025] [security2:error] [pid 30111:tid 30192] [client 142.147.128.203:32895] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.net\|F\|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/.ssh/known_hosts.old"] [unique_id "aN1PTRH4YjaIRtXIcLCERAAAAhY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-17 21:32:33 (9 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 07:00:41 (10 months ago)	(mod_security) mod_security (id:210580) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210580) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 03:00:36.518342 2025] [security2:error] [pid 3705323:tid 3705363] [client 142.147.128.203:55715] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:local-destination-id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|ftp.kettlehill.net\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:local-destination-id: /etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "ftp.kettlehill.net"] [uri "/wp-admin/admin-post.php"] [unique_id "aIxmFFSqWoxQtnj67bcACwAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 08:01:55 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 04:01:48.743823 2025] [security2:error] [pid 2749697:tid 2749811] [client 142.147.128.203:40117] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aDwI7GzUxJS8AZi9Bz3muQAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 23:32:18 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 142.147.128.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 19:32:11.841890 2025] [security2:error] [pid 818413:tid 818413] [client 142.147.128.203:46551] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/footer.php.bak"] [unique_id "aDo_-29sK6h2JS0m8oNQxAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-25 11:50:03 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.178.95

🇺🇸 172.200.228.35

🇺🇸 107.150.96.184

🇰🇪 105.27.148.94

🇺🇸 92.119.36.128

🇺🇸 35.252.236.210

🇬🇧 35.203.210.10

🇻🇳 14.226.167.50

🇺🇸 216.25.89.110

🇩🇪 194.187.176.150

🇷🇴 2.57.121.112

🇨🇳 1.14.28.29

🇶🇦 176.202.31.57

🇧🇷 143.95.213.196

🇮🇩 103.156.160.38

🇭🇰 103.149.26.43

🇫🇷 88.166.69.177

🇯🇵 64.176.42.74

🇺🇸 216.25.89.109

🇳🇱 142.93.129.190