JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.185.250.50

147.185.250.50 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 0%: ?

ISP	trafficforce, UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS264617
Domain Name	trafficforce.lt
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.185.250.50

Whois 147.185.250.50

IP Abuse Reports for 147.185.250.50:

This IP address has been reported a total of 33 times from 10 distinct sources. 147.185.250.50 was first reported on October 30th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 12:31:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 07:31:10.291979 2026] [security2:error] [pid 24377:tid 24377] [client 147.185.250.50:53169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.local"] [unique_id "aWuBDtPDQdVV2lmd2zw9QQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:04:42 (5 months ago)	(mod_security) mod_security (id:220150) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:220150) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:04:33.737301 2025] [security2:error] [pid 22842:tid 23013] [client 147.185.250.50:49173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|www.kettlehill.net\|F\|2"] [data "-1unionselectmd5(999999999)#"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.kettlehill.net"] [uri "/admin/ajax/avatar.php"] [unique_id "aVLQwVKoonkfA7MmLZcLggAAAQ0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 11:31:12 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 06:31:09.059619 2025] [security2:error] [pid 19598:tid 19598] [client 147.185.250.50:40901] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/server/node_upgrade_srv.js"] [unique_id "aRXBfUKZ80ZVBHYpfjfs8gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:19:12 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:19:05.731326 2025] [security2:error] [pid 404369:tid 404486] [client 147.185.250.50:46663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kettlehill.net"] [uri "/events../.git/config"] [unique_id "aIV-iY1ApCwrT9-Kn8XMfQAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-23 18:19:27 (11 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 20:18:45 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 16:18:40.038169 2025] [security2:error] [pid 3416088:tid 3416088] [client 147.185.250.50:45525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.farmers123.com"] [uri "/.env_1"] [unique_id "aDjBII--VjS2Rj_jLNf_0wAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 03:07:37 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 23:06:19.985242 2025] [security2:error] [pid 14944:tid 14956] [client 147.185.250.50:46375] [client 147.185.250.50] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|blog.spinningdesigns.com\|F\|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blog.spinningdesigns.com"] [uri "/.ssh/known_hosts.old"] [unique_id "aAMTK6lkjOMtrQ4IEmngLQAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-03-29 06:08:27 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-03-25 08:03:49 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-02-28 21:20:14 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:19:38.532916 2025] [security2:error] [pid 26550:tid 26568] [client 147.185.250.50:51273] [client 147.185.250.50] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/cgi-bin/test-cgi"] [unique_id "Z8Ioakw8P_pPBIEnbz50cAAAAI0"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-03 18:51:36 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:51:30.256810 2024] [security2:error] [pid 8859:tid 8859] [client 147.185.250.50:43749] [client 147.185.250.50] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.stdavids-media.com"] [uri "/.env.bak"] [unique_id "ZtdastvQ-54TbkPMSzW0_QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-01 01:54:47 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 147.185.250.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 21:52:26.009979 2024] [security2:error] [pid 3087873:tid 3087879] [client 147.185.250.50:59269] [client 147.185.250.50] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpanel.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.net"] [uri "/403.shtml"] [unique_id "ZtPI2lZVdRO6ImKeyeuOVwAAAEQ"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2024-07-16 01:00:14 (1 year ago)	SS1: Web Attack GET /forum/phpmyadmin/scripts/setup.php	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2024-07-02 12:51:40 (1 year ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇪🇸 10dencehispahard SL	2024-06-27 11:00:14 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.213.137.209

🇮🇳 125.23.89.138

🇬🇧 88.208.224.162

🇳🇱 45.148.10.152

🇳🇱 45.148.10.141

🇮🇳 20.204.136.58

🇺🇸 193.31.35.183

🇨🇳 58.245.210.70

🇳🇱 45.148.10.183

🇩🇪 35.198.92.204

🇺🇸 34.238.171.130

🇳🇱 195.178.110.26

🇭🇰 152.32.239.122

🇱🇰 124.43.10.224

🇧🇬 91.191.209.98

🇩🇪 47.245.139.154

🇺🇸 34.145.187.23

🇮🇱 2.55.84.20

🇨🇳 183.167.35.63

🇮🇳 182.78.159.82