JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.185.250.194

147.185.250.194 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	trafficforce, UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS264617
Domain Name	trafficforce.lt
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.185.250.194

Whois 147.185.250.194

IP Abuse Reports for 147.185.250.194:

This IP address has been reported a total of 12 times from 3 distinct sources. 147.185.250.194 was first reported on October 31st 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 02:55:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:55:36.503922 2026] [security2:error] [pid 16656:tid 16682] [client 147.185.250.194:48965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/.env.bak"] [unique_id "aXgpKD4D1upuVdMC6K4J8AAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 13:22:55 (4 months ago)	(mod_security) mod_security (id:221260) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:221260) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 08:22:49.058856 2026] [security2:error] [pid 8534:tid 8534] [client 147.185.250.194:52729] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/cgi-bin/stats"] [unique_id "aWuNKSPX8D27a0wOPOr-4AAAAAk"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:54:27 (7 months ago)	(mod_security) mod_security (id:212620) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:212620) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:54:13.131801 2025] [security2:error] [pid 28137:tid 28137] [client 147.185.250.194:39707] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioplayeroption=1&filelist[0][title]=<script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php"] [unique_id "aRWctQIvLN8aT0rhm6qrKAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:39:13 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:37:34.288040 2025] [security2:error] [pid 26215:tid 26499] [client 147.185.250.194:45993] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp"] [unique_id "aIVmvgPK6YdtJI_ea83scgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 17:21:22 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 147.185.250.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:21:14.368678 2025] [security2:error] [pid 3062688:tid 3062688] [client 147.185.250.194:50739] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/ui/gradio_api/file=https:/example.com"] [unique_id "aDiXilEqn4wGHjLdG6yHDQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-28 01:40:10 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 00:24:24 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 03:16:40 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-31 03:32:59 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:229 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-31 03:32:58 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-31 03:32:58 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:228 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-31 03:32:56 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400e:c0a::124

🇲🇽 187.191.48.9

🇺🇸 174.35.25.179

🇺🇸 65.49.20.89

🇬🇧 35.203.210.59

🇺🇸 20.114.43.229

🇺🇸 3.142.170.60

🇬🇧 212.227.125.15

🇧🇪 207.175.99.187

🇵🇰 182.177.90.16

🇳🇱 176.65.149.236

🇨🇳 139.170.73.89

🇨🇳 123.159.100.189

🇻🇳 113.173.97.91

🇷🇺 95.47.246.223

🇳🇱 45.148.10.230

🇳🇱 2.58.56.116

🇧🇷 191.210.72.37

🇩🇪 157.230.116.155

🇨🇳 116.178.155.143