JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.147.132.231

142.147.132.231 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 19%: ?

19%

ISP	Web2Objects LLC
Usage Type	Fixed Line ISP
ASN	AS2914
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.147.132.231

Whois 142.147.132.231

IP Abuse Reports for 142.147.132.231:

This IP address has been reported a total of 13 times from 6 distinct sources. 142.147.132.231 was first reported on October 30th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Sipo Chutão	2026-05-31 03:00:01 (3 weeks ago)	.env.dusk.local	Hacking
🇳🇱 homeshowdomain.nl	2026-05-28 22:00:14 (3 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-05-27 21:59:16 (4 weeks ago)	Auto-ban: >3000 req/min op 2026-05-27	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-27 18:43:56 (4 weeks ago)	(mod_security) mod_security (id:949110) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:949110) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:43:34.932867 2026] [security2:error] [pid 4053:tid 4053] [client 142.147.132.231:46095] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.tsmdsc.cescfoundation.org"] [uri "/.env.production"] [unique_id "ahc7VtgqH7ppLP7t3Cur9wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 15:47:24 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 11:47:17.025120 2026] [security2:error] [pid 24127:tid 24127] [client 142.147.132.231:52281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "destintoday.com"] [uri "/sftp-config.json"] [unique_id "ahcSBePg4yY-k_avJSrmWgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:57:39 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:57:29.916467 2026] [security2:error] [pid 24524:tid 24524] [client 142.147.132.231:49883] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|crearcuestionarios.com\|F\|2"] [data ".tfstate.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crearcuestionarios.com"] [uri "/terraform.tfstate.backup"] [unique_id "ahZBeQD4alshYJbj-aRIyQAAAAg"], referer: https://www.google.com/search?q=crearcuestionarios.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:33:16 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:32:56.003438 2026] [security2:error] [pid 15507:tid 15507] [client 142.147.132.231:36215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.noelramos.independentmusicconference.com"] [uri "/.env.development"] [unique_id "ahY7uFFB6fpgMTBk1i65nwAAAC4"], referer: https://www.google.com/search?q=www.noelramos.independentmusicconference.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:15:30 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:15:26.274675 2026] [security2:error] [pid 1007:tid 1024] [client 142.147.132.231:45267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ayubhamdardfoundation.org"] [uri "/.env.php"] [unique_id "ahY3nj4gL4kpR5QwhoMWpwAAAMU"], referer: https://www.google.com/search?q=ayubhamdardfoundation.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 18:11:28 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 142.147.132.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:11:21.540654 2026] [security2:error] [pid 22131:tid 22131] [client 142.147.132.231:43495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "willieplaymoreband.com"] [uri "/wp-config.old"] [unique_id "ahXiScPrYElPGXsoFy-P9gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-05-26 16:52:56 (4 weeks ago)	[TueMay2618:52:53.1242872026][security2:error][pid1776377:tid1776421][client142.147.132.231:0]ModSec ... show more [TueMay2618:52:53.1242872026][security2:error][pid1776377:tid1776421][client142.147.132.231:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"domoticaswiss.ch\"][uri\"/.env.development\"][unique_id\"ahXP5caYsz5EG0Xx44APIQAAAEc\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2025-01-04 09:30:05 (1 year ago)	\| Shellshock attack attempt	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 02:10:10 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 19:39:47 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 101.36.105.50

🇺🇸 50.116.47.129

🇭🇰 221.126.15.219

🇩🇪 185.65.202.199

🇦🇷 181.116.220.251

🇺🇸 162.216.150.176

🇺🇸 162.216.149.153

🇩🇪 152.53.120.90

🇩🇪 85.214.154.50

🇩🇪 81.173.178.73

🇳🇱 34.6.181.164

🇲🇽 187.191.48.4

🇧🇷 179.209.47.94

🇰🇷 39.115.195.164

🇺🇸 159.223.155.119

🇸🇦 94.97.85.162

🇳🇱 91.92.40.45

🇫🇷 85.217.140.32

🇷🇴 80.94.92.55

🇺🇸 64.62.156.203