JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 170.106.142.143

170.106.142.143 was found in our database!

This IP was reported 184 times. Confidence of Abuse is 0%: ?

ISP	Tencent Building, Kejizhongyi Avenue
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	tencent.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 170.106.142.143

Whois 170.106.142.143

IP Abuse Reports for 170.106.142.143:

This IP address has been reported a total of 184 times from 64 distinct sources. 170.106.142.143 was first reported on March 23rd 2026, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-26 19:47:25 (2 months ago)	$f2bV_matches	Brute-Force
🇱🇻 garmtech.com	2026-04-24 00:17:19 (2 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇩🇪 conseilgouz	2026-04-23 10:31:58 (2 months ago)	gie-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 rafled	2026-04-23 10:25:32 (2 months ago)	attempt to scan and scrape for env files and or files that expose the web app version	Bad Web Bot
🇱🇻 garmtech.com	2026-04-23 04:11:06 (2 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 03:39:07 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 170.106.142.143 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 170.106.142.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 23:39:04.257423 2026] [security2:error] [pid 2805112:tid 2805112] [client 170.106.142.143:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "southernbroadcast.com"] [uri "/.env"] [unique_id "aemUWF9w7KDDJjA5ylEajAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 pduggusa	2026-04-23 03:31:38 (2 months ago)	Detected attacking dugganusa.com at 2026-04-23T03:31:38.198Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-04-23T03:31:38.198Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH
Anonymous	2026-04-23 02:31:31 (2 months ago)	$f2bV_matches	Brute-Force
🇺🇸 pduggusa	2026-04-23 02:29:26 (2 months ago)	Detected attacking dugganusa.com at 2026-04-23T02:29:26.814Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-04-23T02:29:26.814Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH
🇺🇸 pduggusa	2026-04-23 01:29:20 (2 months ago)	Detected attacking dugganusa.com at 2026-04-23T01:29:20.071Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-04-23T01:29:20.071Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH
🇩🇪 LRob.fr	2026-04-23 01:15:03 (2 months ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 Mundo Bueno	2026-04-23 00:49:32 (2 months ago)	[ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (Macintosh; Intel Mac ... show more [ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 show less	Hacking Web App Attack
🇺🇸 pduggusa	2026-04-23 00:29:24 (2 months ago)	Detected attacking dugganusa.com at 2026-04-23T00:29:24.859Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-04-23T00:29:24.859Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH
🇺🇸 TPI-Abuse	2026-04-22 22:54:26 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 170.106.142.143 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 170.106.142.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 18:54:19.230024 2026] [security2:error] [pid 2664007:tid 2664007] [client 170.106.142.143:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ralphrichardson.com"] [uri "/.env"] [unique_id "aelRm9TQrOSfuKqciPY7ngAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 S.O.B.A. Dev.	2026-04-22 21:56:19 (2 months ago)	Threat Blocked by BeeHive from (ASN:132203) (Network:TENCENT-NET-AP-CN Tencent Building, Kejizhongyi ... show more Threat Blocked by BeeHive from (ASN:132203) (Network:TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-04-22T21:56:19Z) show less	Brute-Force Web Spam Web App Attack

Showing 1 to 15 of 184 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 159.203.83.195

🇺🇸 147.185.132.17

🇷🇺 5.255.231.13

🇧🇷 200.196.50.91

🇬🇪 195.54.179.244

🇺🇸 152.32.182.41

🇨🇳 117.172.221.133

🇷🇺 94.243.9.59

🇳🇱 93.123.109.102

🇺🇸 91.230.168.112

🇯🇵 87.249.128.218

🇧🇷 45.165.14.197

🇺🇸 44.178.148.55

🇮🇷 2.147.231.173

🇧🇷 186.235.193.170

🇺🇸 184.105.247.254

🇳🇱 91.92.40.233

🇳🇱 91.92.40.5

🇬🇧 81.16.177.200

🇺🇸 72.240.125.133