JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 200.162.145.221

200.162.145.221 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 100%: ?

100%

ISP	ExpressVPN
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	expressvpn.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 200.162.145.221

Whois 200.162.145.221

IP Abuse Reports for 200.162.145.221:

This IP address has been reported a total of 70 times from 36 distinct sources. 200.162.145.221 was first reported on May 26th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 voormedia	2026-06-01 23:36:59 (5 days ago)	Accessed trap at '/.git/HEAD'	Web App Attack
🇩🇪 4server	2026-06-01 21:01:27 (5 days ago)	[MonJun0123:01:23.8311712026][security2:error][pid3309859:tid3309886][client200.162.145.221:0]ModSec ... show more [MonJun0123:01:23.8311712026][security2:error][pid3309859:tid3309886][client200.162.145.221:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"www.lacer.ch.136-243-54-122.cpanel.site\"][uri\"/.git/HEAD\"][unique_id\"ah3zI6bgtMTsOC6jz-l3wQAAAAw\"] show less	Port Scan Brute-Force Web App Attack
🇫🇮 as211431.net	2026-06-01 17:50:50 (5 days ago)	Triggered Cloudflare WAF (bic) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint ... show more Triggered Cloudflare WAF (bic) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Ba-Yu	2026-06-01 17:31:08 (5 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 Martin Lundstrom	2026-06-01 11:34:45 (5 days ago)	https://www.eagleeye-intelligence.com — WordPress attack. Automatically detected and blocked.	Web App Attack
🇫🇷 masterguru	2026-05-31 18:29:07 (6 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 200.162.145.221 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 200.162.145.221 (US/United States/-): 2 in the last 3600 secs (0-193) show less	Hacking
🇩🇪 4server	2026-05-31 09:58:38 (6 days ago)	[SunMay3111:58:32.3575202026][security2:error][pid958187:tid958259][client200.162.145.221:0]ModSecur ... show more [SunMay3111:58:32.3575202026][security2:error][pid958187:tid958259][client200.162.145.221:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"mail.immobiliaretrentino.it\"][uri\"/.git/HEAD\"][unique_id\"ahwGSPxRZUiky_3WzE0zFQAAAAw\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 louis77	2026-05-31 07:53:58 (1 week ago)	Sensitive file access attempt - Path: /.git/HEAD, Method: GET, UA: Python-urllib/3.10	Web App Attack Hacking
🇫🇷 masterguru	2026-05-30 13:33:36 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 200.162.145.221 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 200.162.145.221 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2026-05-30 04:56:04 (1 week ago)	200.162.145.221 - - [30/May/2026:01:56:02 -0300] "GET /.git/HEAD HTTP/1.1" 403 1810 "-" "Python-urll ... show more 200.162.145.221 - - [30/May/2026:01:56:02 -0300] "GET /.git/HEAD HTTP/1.1" 403 1810 "-" "Python-urllib/3.10" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host
Anonymous	2026-05-30 03:23:07 (1 week ago)	Http Port:80 (http_status:403) - Agent:Python-urllib/3.10	Web App Attack
🇺🇸 Starburst SysOp Team	2026-05-30 01:25:13 (1 week ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-mnz6-1)	Hacking Web App Attack
🇩🇪 electra	2026-05-29 22:55:36 (1 week ago)	Attempted to access path /.git/HEAD (GET request)	Hacking Brute-Force Web App Attack
🇫🇷 mrcrassi	2026-05-29 22:09:34 (1 week ago)	Triggered Cloudflare WAF (bic) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint ... show more Triggered Cloudflare WAF (bic) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 Progetto1	2026-05-29 21:55:03 (1 week ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.227.84.84

🇹🇷 5.252.97.104

🇬🇧 2a06:4882:5000::53

🇹🇼 118.232.102.23

🇻🇳 116.118.4.222

🇬🇧 87.236.176.90

🇷🇴 80.94.92.182

🇸🇬 47.82.52.94

🇸🇬 47.82.8.77

🇳🇱 45.148.10.141

🇳🇱 45.142.193.10

🇹🇿 41.93.28.4

🇷🇴 2.57.121.112

🇧🇩 103.197.153.215

🇳🇱 77.83.39.197

🇸🇬 47.84.49.122

🇧🇩 43.246.200.211

🇺🇸 20.65.195.58

🇻🇳 2001:ee0:495e:1850:fc37:bf27:9ec0:a084

🇲🇽 187.190.35.163