JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.185.250.166

147.185.250.166 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 0%: ?

ISP	trafficforce, UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS264617
Domain Name	trafficforce.lt
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.185.250.166

Whois 147.185.250.166

IP Abuse Reports for 147.185.250.166:

This IP address has been reported a total of 21 times from 8 distinct sources. 147.185.250.166 was first reported on May 11th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-11-15 14:09:28 (6 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-13 12:30:21 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 07:30:17.171130 2025] [security2:error] [pid 23969:tid 23969] [client 147.185.250.166:43385] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/chat/imController/showOrDownByurl.do"] [unique_id "aRXPWRUjFTp-8YVzvYjgvgAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:23:50 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:23:39.501713 2025] [security2:error] [pid 172225:tid 172406] [client 147.185.250.166:59359] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.net\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.net"] [uri "/login.php.bak"] [unique_id "aIVxiyMU3kwwovU6SBKRUwAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-23 13:12:24 (11 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 16:22:09 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:21:55.203788 2025] [security2:error] [pid 2964164:tid 2964164] [client 147.185.250.166:35081] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/translate.sql"] [unique_id "aDiJo1LEozcCn0aDQtekQQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-13 12:33:04 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:30:23 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 147.185.250.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:29:32.314403 2025] [security2:error] [pid 22650:tid 22673] [client 147.185.250.166:36169] [client 147.185.250.166] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.blog.spinningdesigns.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/enginemanager/server/logs/download"] [unique_id "aAM0vMLYwl69KqC_78iciAAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 06:10:33 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 oncord	2024-06-06 05:16:02 (2 years ago)	Form spam	Web Spam
Anonymous	2024-06-05 22:41:43 (2 years ago)		Web Spam
🇺🇸 oncord	2024-06-03 10:04:50 (2 years ago)	Form spam	Web Spam
🇺🇸 [email protected]	2024-05-28 04:59:30 (2 years ago)	contact form abuse	Web Spam Email Spam Brute-Force
🇺🇸 oncord	2024-05-27 04:04:24 (2 years ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2024-05-23 08:41:54 (2 years ago)	(From [email protected]) Unbeatable Deal! Transform your meeting room with ultra bright d ... show more (From [email protected]) Unbeatable Deal! Transform your meeting room with ultra bright displays from this wireless portable projector. Secure the Epson PowerLite 1288 1080p Projector with Wi-Fi for $599 and enjoy a FREE ceiling mount! Epson Certified ReNew Program and Epson Standard Warranty included. With wireless screen mirroring via Miracast, project vibrant, high-resolution images with ease. On hand and ready to ship. Receive FREE ground shipping within the United States. Save today by shopping at PSSAV: https://bit.ly/3QPR9Be Act fast, only 32 left in stock - order now! Unsubscribe here if you don't want to get these awesome offers: https://form.jotform.com/241413178974462 Vicolo Cieco Fondachetto 129, Geneva, New York, US, 84030 show less	Phishing Web Spam
Anonymous	2024-05-22 02:05:35 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 172.96.179.9

🇻🇳 103.200.25.198

🇺🇸 65.49.1.162

🇧🇷 54.232.153.16

🇧🇷 186.219.139.145

🇪🇨 181.188.233.151

🇦🇷 181.116.220.140

🇨🇱 170.82.129.8

🇺🇸 152.32.182.41

🇫🇷 146.70.194.220

🇳🇱 45.153.34.16

🇬🇧 35.203.210.133

🇮🇪 34.255.87.49

🇧🇪 91.86.88.24

🇨🇳 27.47.27.40

🇬🇧 217.112.92.250

🇰🇷 211.230.140.85

🇧🇷 205.210.31.240

🇺🇸 172.191.74.151

🇭🇰 154.83.14.111