JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.147.131.197

142.147.131.197 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Fixed Line ISP
ASN	AS2914
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.147.131.197

Whois 142.147.131.197

IP Abuse Reports for 142.147.131.197:

This IP address has been reported a total of 9 times from 5 distinct sources. 142.147.131.197 was first reported on November 13th 2024, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-11-01 14:38:13 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 10:38:07.466775 2025] [security2:error] [pid 8590:tid 8617] [client 142.147.131.197:54331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.env.save"] [unique_id "aQYbT3l6EaMmM6sQysSTdwAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 21:09:56 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 17:09:49.761279 2025] [security2:error] [pid 8472:tid 8472] [client 142.147.131.197:42803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.deandobkin.com"] [uri "/.env.prod"] [unique_id "aNG7HXAAq1YZeUel9SOGVQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-22 00:20:03 (11 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 19:37:47 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 15:37:40.836047 2025] [security2:error] [pid 578809:tid 578809] [client 142.147.131.197:35621] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nbcnewsradio.com"] [uri "/settings.php.bak"] [unique_id "aDoJBJGQLaTkUx9b1Q5hVAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-28 20:58:10 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 16:57:54.887956 2025] [security2:error] [pid 1905282:tid 1905282] [client 142.147.131.197:55933] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|farmers123.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "farmers123.com"] [uri "/admin/logs/errors.log"] [unique_id "aDd40lb3EbF8fXWBnKoEuQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-01 02:48:21 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 142.147.131.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 22:47:54.068225 2025] [security2:error] [pid 10928:tid 11075] [client 142.147.131.197:42053] [client 142.147.131.197] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/learn/cubemail/filemanagement.php"] [unique_id "aBLg2mhpHha-h36oCB5b2wAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 madaello	2025-04-27 09:01:42 (1 year ago)	[Sun Apr 27 11:01:42.239401 2025] [authz_core:error] [pid 2440567:tid 2440567] [client 142.147.131.1 ... show more [Sun Apr 27 11:01:42.239401 2025] [authz_core:error] [pid 2440567:tid 2440567] [client 142.147.131.197:40199] AH01630: client denied by server configuration: /home/madaello/www/portale/server-status, referer: http://93.55.83.202/server-status ... show less	Brute-Force
🇨🇭 backslash	2024-11-14 08:56:09 (1 year ago)		Web Spam
🇺🇸 nowyouknow	2024-11-13 19:12:26 (1 year ago)	(From [email protected]) Hi joneschiropractic.net Webmaster! I just found your site, quick ... show more (From [email protected]) Hi joneschiropractic.net Webmaster! I just found your site, quick question… My name’s Eric, I found joneschiropractic.net after doing a quick search – you showed up near the top of the rankings, so whatever you’re doing for SEO, looks like it’s working well. So here’s my question – what happens AFTER someone lands on your site? Anything? Research tells us at least 70% of the people who find your site, after a quick once-over, they disappear… forever. That means that all the work and effort you put into getting them to show up, goes down the tubes. Why would you want all that good work – and the great site you’ve built – go to waste? Because the odds are they’ll just skip over calling or even grabbing their phone, leaving you high and dry. But here’s a thought… what if you could make it super-simple for someone to raise their hand, say, okay, let’s talk without requiring them to even pull their cell phone from their pocket? You can – thanks to revolu show less	Phishing Web Spam

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.151.137.254

🇧🇷 147.15.20.173

🇲🇲 45.192.138.102

🇪🇬 196.151.252.171

🇺🇸 165.227.101.24

🇩🇪 151.243.11.35

🇺🇸 74.82.47.53

🇫🇮 45.147.8.221

🇳🇱 45.142.193.125

🇿🇦 41.133.88.50

🇸🇳 41.82.50.218

🇺🇸 172.174.165.229

🇨🇳 111.40.181.24

🇺🇸 108.62.60.168

🇷🇴 103.75.71.22

🇧🇬 91.191.209.198

🇨🇦 85.217.149.64

🇷🇴 80.94.92.186

🇺🇸 69.125.145.135

🇸🇬 68.183.236.1