JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.135.137.107

147.135.137.107 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 0%: ?

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	ns3076844.ip-147-135-137.eu
Domain Name	ovh.net
Country	🇫🇷 France
City	Lille, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.135.137.107

Whois 147.135.137.107

IP Abuse Reports for 147.135.137.107:

This IP address has been reported a total of 50 times from 23 distinct sources. 147.135.137.107 was first reported on August 23rd 2021, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 myagent.site	2025-11-09 10:50:39 (7 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇺🇸 TPI-Abuse	2025-11-09 08:12:34 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 147.135.137.107 (ns3076844.ip-147-135-137.eu): ... show more (mod_security) mod_security (id:225170) triggered by 147.135.137.107 (ns3076844.ip-147-135-137.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 03:12:29.622652 2025] [security2:error] [pid 12505:tid 12505] [client 147.135.137.107:60203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|metalgecko.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "metalgecko.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRBM7e_zMelxdpoW3evFhAAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2025-11-09 08:11:14 (7 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 17:01:01 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 147.135.137.107 (ns3076844.ip-147-135-137.eu): ... show more (mod_security) mod_security (id:225170) triggered by 147.135.137.107 (ns3076844.ip-147-135-137.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 12:00:55.298730 2025] [security2:error] [pid 12647:tid 12647] [client 147.135.137.107:35901] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hogprinter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hogprinter.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ93RxZtZTtDg_Nk0yKtEwAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-07 11:15:48 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 147.135.137.107 (ns3076844.ip-147-135-137.eu): ... show more (mod_security) mod_security (id:225170) triggered by 147.135.137.107 (ns3076844.ip-147-135-137.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 06:15:41.675148 2025] [security2:error] [pid 2569:tid 2569] [client 147.135.137.107:43621] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tell-me-first.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tell-me-first.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ3U3YLwa3VG_5pERz57CwAAACY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2025-11-04 09:09:43 (7 months ago)	Web App Attack	Web App Attack
🇧🇪 voormedia	2025-11-02 14:05:59 (7 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇨🇳 ThreatBook.io	2025-01-30 01:51:47 (1 year ago)	ThreatBook Intelligence: vpn_proxy more details on http://threatbook.io/ip/147.135.137.107 2025-01-2 ... show more ThreatBook Intelligence: vpn_proxy more details on http://threatbook.io/ip/147.135.137.107 2025-01-29 02:47:36 //194.190.77.67:443 2025-01-29 02:47:36 //91.207.59.28:1935 2025-01-29 02:47:42 //193.232.151.9:80 2025-01-29 02:47:35 //193.232.148.44:5432 2025-01-29 02:47:34 //193.232.151.26:80 2025-01-29 02:47:38 //193.232.151.151:443 show less	Web App Attack
🇨🇳 ThreatBook.io	2025-01-19 01:52:30 (1 year ago)	ThreatBook Intelligence: vpn_proxy more details on http://threatbook.io/ip/147.135.137.107 2025-01-1 ... show more ThreatBook Intelligence: vpn_proxy more details on http://threatbook.io/ip/147.135.137.107 2025-01-18 02:25:59 //212.49.110.18:23 2025-01-18 02:26:01 //188.73.139.43:8999 2025-01-18 03:05:01 //212.49.100.154:1008 2025-01-18 03:05:11 //212.49.113.122:2000 2025-01-18 03:05:00 //185.4.207.249:21 2025-01-18 03:05:11 //212.49.106.58:139 2025-01-18 02:26:01 //213.142.35.3:8008 2025-01-18 03:05:03 //212.49.123.163:4000 show less	Web App Attack
🇨🇳 ThreatBook.io	2025-01-17 02:08:10 (1 year ago)	ThreatBook Intelligence: vpn_proxy more details on http://threatbook.io/ip/147.135.137.107 2025-01-1 ... show more ThreatBook Intelligence: vpn_proxy more details on http://threatbook.io/ip/147.135.137.107 2025-01-16 01:11:16 //46.48.30.78:7547 2025-01-16 01:11:13 //212.49.114.158:8089 2025-01-16 01:11:03 //46.48.38.125:6881 2025-01-16 01:11:10 //46.48.22.32:1008 2025-01-16 01:11:02 //46.48.110.86:21 show less	Web App Attack
🇺🇸 SYSMarshal	2024-10-23 05:10:32 (1 year ago)	SysMarshal detection : RDP Brute-Force	DDoS Attack Brute-Force
🇧🇷 diego	2024-04-07 20:44:47 (2 years ago)	Events: TCP SYN Discovery or Flooding, Seen 6 times in the last 3600 seconds	DDoS Attack
🇧🇷 diego	2024-04-07 17:03:32 (2 years ago)	Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 3600 seconds	DDoS Attack
🇧🇷 diego	2024-04-07 05:10:37 (2 years ago)	Events: TCP SYN Discovery or Flooding, Seen 25 times in the last 3600 seconds	DDoS Attack
🇧🇷 diego	2024-04-06 20:01:51 (2 years ago)	Events: TCP SYN Discovery or Flooding, Seen 12 times in the last 3600 seconds	DDoS Attack

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.36

🇺🇸 192.169.249.148

🇬🇧 159.65.91.36

🇳🇱 80.82.77.202

🇺🇸 54.221.203.24

🇺🇸 44.18.138.77

🇬🇧 193.163.125.169

🇳🇱 185.113.175.27

🇩🇪 178.162.224.89

🇺🇸 162.216.150.217

🇺🇸 66.132.224.21

🇺🇸 66.132.186.252

🇺🇸 66.132.172.249

🇫🇷 54.36.204.233

🇫🇷 51.75.247.232

🇧🇷 45.183.93.161

🇺🇸 44.139.237.30

🇨🇳 39.73.136.160

🇺🇸 185.96.37.157

🇳🇱 93.123.72.183