JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 71.19.144.106

71.19.144.106 was found in our database!

This IP was reported 877 times. Confidence of Abuse is 28%: ?

28%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	prgmr.com, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47066
Hostname(s)	tor-exit-1.telnor.org
Domain Name	prgmr.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 71.19.144.106

Whois 71.19.144.106

IP Abuse Reports for 71.19.144.106:

This IP address has been reported a total of 877 times from 206 distinct sources. 71.19.144.106 was first reported on November 21st 2020, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 00:15:18 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 71.19.144.106 (tor-exit-1.telnor.org): 1 in the ... show more (mod_security) mod_security (id:210492) triggered by 71.19.144.106 (tor-exit-1.telnor.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 20:15:10.678900 2026] [security2:error] [pid 18794:tid 18794] [client 71.19.144.106:44934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.timeless-supercars.com"] [uri "/.git/config"] [unique_id "aiDDjvpCY829vnZUptc2MgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 08:22:48 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 71.19.144.106 (tor-exit-1.telnor.org): 1 in the ... show more (mod_security) mod_security (id:210730) triggered by 71.19.144.106 (tor-exit-1.telnor.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 04:22:43.225612 2026] [security2:error] [pid 11777:tid 11791] [client 71.19.144.106:46772] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|foresthillseast.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "foresthillseast.com"] [uri "/dump.sql"] [unique_id "ahvv08ig7XCWQerqr0Wm1QAAAUs"], referer: foresthillseast.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 ICS Labs	2026-05-14 12:44:30 (2 weeks ago)	ICS Labs identified 71.19.144.106 as a malicious indicator from threat intelligence.	Hacking
🇫🇮 nNordic	2026-04-24 06:59:45 (1 month ago)	Connection attempt blocked by IDS/IPS from 71.19.144.106/32	Hacking
🇺🇸 octageeks.com	2026-04-18 04:09:43 (1 month ago)	Wordpress malicious attack:[octawp]	Web App Attack
Anonymous	2026-04-17 09:35:44 (1 month ago)	Aggressive web scan	Web App Attack
Anonymous	2026-04-15 22:00:31 (1 month ago)	Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ... show more Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" show less	Bad Web Bot Web App Attack
🇮🇩 securejdprop	2026-04-09 14:27:54 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET TOR Known Tor E ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET TOR Known Tor Exit Node Traffic group 119). Ip 71.19.144.106 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-09 14:27:53.421651773 +0000 UTC show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 17:41:24 (1 month ago)	(mod_security) mod_security (id:211190) triggered by 71.19.144.106 (tor-exit-1.telnor.org): 1 in the ... show more (mod_security) mod_security (id:211190) triggered by 71.19.144.106 (tor-exit-1.telnor.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 13:41:21.304726 2026] [security2:error] [pid 2494855:tid 2494855] [client 71.19.144.106:37632] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|test.nationalccl.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /cgi-bin/index.php?action=view&filename=../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.nationalccl.com"] [uri "/cgi-bin/index.php"] [unique_id "adaTQfoR1ka5QZU2dIBqZgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-04-08 01:30:11 (1 month ago)	Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk- ... show more Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk-login jail show less	Brute-Force Web App Attack
🇫🇷 ✨	2026-04-04 23:03:14 (1 month ago)	Rule : PLESK BOT 2026-04-04 17:02:37 Unauthorized login attempt to Plesk Panel from IP 71.19.144.106 ... show more Rule : PLESK BOT 2026-04-04 17:02:37 Unauthorized login attempt to Plesk Panel from IP 71.19.144.106 with username admin show less	Hacking Brute-Force Web App Attack
Anonymous	2026-03-24 04:32:28 (2 months ago)	Failed login attempt detected by Fail2Ban in plesk-panel jail	Brute-Force
🇫🇮 gnom4ik	2026-03-20 21:52:03 (2 months ago)	ban-reviewer auto report; ip=71.19.144.106; scenario=http:scan; verdict=valid_ban; confidence=0.92; ... show more ban-reviewer auto report; ip=71.19.144.106; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH
Anonymous	2026-03-17 20:03:35 (2 months ago)	2026-03-17 11:00:26,926 fail2ban.actions [3511917]: NOTICE [tor] Ban 71.19.144.106 2026-03-1 ... show more 2026-03-17 11:00:26,926 fail2ban.actions [3511917]: NOTICE [tor] Ban 71.19.144.106 2026-03-17 14:00:12,279 fail2ban.actions [3511917]: NOTICE [tor] Ban 71.19.144.106 2026-03-17 16:01:30,521 fail2ban.actions [3511917]: NOTICE [tor] Ban 71.19.144.106 2026-03-17 19:01:15,959 fail2ban.actions [3511917]: NOTICE [tor] Ban 71.19.144.106 2026-03-17 22:03:26,565 fail2ban.actions [3511917]: NOTICE [tor] Ban 71.19.144.106 show less	Brute-Force
🇺🇸 ras07	2026-03-13 21:03:03 (2 months ago)	Brute force SMTP/IMAP login attempts.	Brute-Force

Showing 1 to 15 of 877 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.168

🇨🇳 220.154.131.255

🇸🇳 196.207.235.46

🇮🇳 157.49.42.235

🇨🇳 123.145.31.3

🇵🇭 119.92.76.210

🇮🇶 87.236.149.65

🇬🇧 51.75.161.33

🇩🇪 43.228.157.9

🇰🇷 39.115.195.164

🇷🇺 37.77.150.67

🇮🇩 36.64.19.254

🇮🇳 210.79.148.239

🇬🇧 193.163.125.153

🇺🇸 192.241.141.178

🇸🇪 185.246.128.152

🇮🇳 152.58.24.22

🇭🇰 152.32.189.59

🇫🇷 62.84.187.219

🇳🇱 45.198.224.5