JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.214.199.13

188.214.199.13 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 79%: ?

79%

ISP	virtual solution srl
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64445
Domain Name	server-dedicato.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.214.199.13

Whois 188.214.199.13

IP Abuse Reports for 188.214.199.13:

This IP address has been reported a total of 74 times from 38 distinct sources. 188.214.199.13 was first reported on March 17th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 2000cn.com.au	2026-06-13 15:27:13 (6 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 Viveronese	2026-06-13 15:17:50 (6 days ago)	HTTP vulnerability scanning	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-13 09:05:03 (6 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2026-06-12 10:13:46 (1 week ago)	Web App Attack	Web App Attack
🇩🇪 4server	2026-06-10 21:22:00 (1 week ago)	[WedJun1023:21:58.2013152026][security2:error][pid975258:tid975348][client188.214.199.13:0]ModSecuri ... show more [WedJun1023:21:58.2013152026][security2:error][pid975258:tid975348][client188.214.199.13:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"formet.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"ainVdkm2BehENsEzhLSUHgAAAMA\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 vtchost.com	2026-06-10 20:55:46 (1 week ago)	minux.cc:80 188.214.199.13 - - [10/Jun/2026:22:55:46 +0200] "GET /sftp-config.json HTTP/1.1" 418 215 ... show more minux.cc:80 188.214.199.13 - - [10/Jun/2026:22:55:46 +0200] "GET /sftp-config.json HTTP/1.1" 418 215 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇷 lechat	2026-06-10 20:14:05 (1 week ago)	2026-06-10T20:14:05.028085+0000 inbound port scan detected by Suricata. src=188.214.199.13:42186 dst ... show more 2026-06-10T20:14:05.028085+0000 inbound port scan detected by Suricata. src=188.214.199.13:42186 dst=51.68.231.122:80 proto=TCP. signature="ET SCAN SFTP/FTP Password Exposure via sftp-config.json" category="Attempted Information Leak" sid=2015940 reason=scan_signature. show less	Port Scan
🇯🇵 Valhalla	2026-06-07 08:10:01 (1 week ago)	/sftp-config.json	Hacking Web App Attack
🇬🇧 consul.to	2026-06-06 09:28:23 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇮 inlink.ltd	2026-06-06 04:37:19 (1 week ago)	dot file probe	Web App Attack
🇫🇷 conseilgouz	2026-06-06 00:23:01 (2 weeks ago)	joe-Direct access to plugin not allowed.	Hacking
🇦🇺 2000cn.com.au	2026-06-05 22:17:22 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-05-31 12:07:32 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.13 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 08:07:27.885845 2026] [security2:error] [pid 8830:tid 8830] [client 188.214.199.13:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "upskirtcrazy.com"] [uri "/sftp-config.json"] [unique_id "ahwkf9ei2PQLDtCI0t1f5wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-05-31 00:05:13 (2 weeks ago)	(y4) Failed scan -byebye- from 188.214.199.13 (IT/Italy/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-29 12:36:02 (3 weeks ago)	(caddyscan) Scanner path probe from 188.214.199.13 (IT/Italy/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 188.214.199.13 (IT/Italy/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 404 223 188.214.199.13 - - [29/May/2026:12:35:57 +0000] "GET /sftp-config.json HTTP/1.1" [REDACTED] 200 2627 188.214.199.13 - - [29/May/2026:12:35:57 +0000] "GET /.vscode/sftp.json HTTP/1.1" [REDACTED] 404 219 188.214.199.13 - - [29/May/2026:12:35:58 +0000] "GET /sftp-config.json HTTP/1.1" [REDACTED] 200 2627 188.214.199.13 - - [29/May/2026:12:35:58 +0000] "GET /.vscode/sftp.json HTTP/1.1" [REDACTED] 200 2627 188.214.199.13 - - [29/May/2026:12:35:58 +0000] "GET /.vscode/sftp.json HTTP/1.1" show less	Port Scan

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 212.30.37.226

🇺🇸 209.50.168.255

🇬🇧 193.163.125.122

🇫🇮 185.148.3.161

🇬🇧 152.32.157.3

🇫🇮 147.185.133.39

🇺🇸 104.207.40.249

🇺🇸 66.228.43.221

🇮🇳 35.200.191.248

🇷🇴 2.57.122.177

🇺🇸 2a03:2880:16ff:b::

🇩🇪 216.26.252.211

🇺🇬 196.0.107.158

🇬🇧 193.163.125.223

🇧🇼 168.167.228.74

🇸🇬 152.32.217.179

🇺🇸 107.180.88.176

🇺🇸 100.52.191.188

🇷🇺 213.234.9.218

🇧🇷 205.210.31.173