JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.214.199.61

188.214.199.61 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 46%: ?

46%

ISP	virtual solution srl
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64445
Domain Name	server-dedicato.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.214.199.61

Whois 188.214.199.61

IP Abuse Reports for 188.214.199.61:

This IP address has been reported a total of 18 times from 7 distinct sources. 188.214.199.61 was first reported on June 23rd 2026, and the most recent report was 53 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-28 20:06:41 (53 minutes ago)	[SunJun2822:06:35.2362592026][security2:error][pid2654665:tid2654685][client188.214.199.61:0]ModSecu ... show more [SunJun2822:06:35.2362592026][security2:error][pid2654665:tid2654685][client188.214.199.61:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"aidconsultancy.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"akF-yx5sbVKWXGq_BMFeiQAAAJE\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 06:07:39 (14 hours ago)	(mod_security) mod_security (id:210580) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210580) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 02:07:36.197719 2026] [security2:error] [pid 12913:tid 12913] [client 188.214.199.61:12384] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|agrollum.com\|F\|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/agencro.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "agrollum.com"] [uri "/.vscode/sftp.json"] [unique_id "akC6KGfRFR0BaX_Dk7D1IQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 04:44:21 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:44:16.307683 2026] [security2:error] [pid 20056:tid 20082] [client 188.214.199.61:28240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agrigrailtechnologies.com"] [uri "/sftp-config.json"] [unique_id "akCmoDFNQwJF9thHAQcaRwAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 mediarama.com	2026-06-27 06:29:36 (1 day ago)	Banned by Fail2Ban	Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-27 02:41:44 (1 day ago)	GET /sftp-config.json HTTP/1.1	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 23:38:39 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:38:34.155360 2026] [security2:error] [pid 30542:tid 30542] [client 188.214.199.61:7348] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adspirowellness.com"] [uri "/sftp-config.json"] [unique_id "aj8NeiH8-yqifRs2JphzlAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mccsoft.io	2026-06-26 20:51:34 (2 days ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇨🇴 adalbertoreyes.org	2026-06-26 20:32:52 (2 days ago)	CategoryPortScan	Port Scan
🇩🇪 big-cloud.nl	2026-06-26 18:25:17 (2 days ago)	Try to access /.vscode/sftp.json	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 17:16:22 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 13:16:15.662440 2026] [security2:error] [pid 20238:tid 20238] [client 188.214.199.61:43032] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aden.us"] [uri "/sftp-config.json"] [unique_id "aj6z3yoTr-eTX4Zvh-FMYgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 00:25:47 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 20:25:40.803283 2026] [security2:error] [pid 11008:tid 11008] [client 188.214.199.61:25616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accordionclub.org"] [uri "/sftp-config.json"] [unique_id "aj3HBPzxkqPtZ5rw0ph-4wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 18:02:29 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 14:02:23.789869 2026] [security2:error] [pid 19485:tid 19485] [client 188.214.199.61:15986] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abramson-offner.com"] [uri "/sftp-config.json"] [unique_id "aj1tL54kF7xJ0IXlEj8CkwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 21:58:29 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 17:58:23.810858 2026] [security2:error] [pid 23276:tid 23276] [client 188.214.199.61:22886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "missyallen.com"] [uri "/sftp-config.json"] [unique_id "ajxS_6y3ulO56n-HLi755QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 21:29:48 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 17:29:42.343924 2026] [security2:error] [pid 1551:tid 1587] [client 188.214.199.61:14110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "missmadlove.com"] [uri "/sftp-config.json"] [unique_id "ajxMRldnXDqFrw_rFZJUMQAAAQA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 03:59:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.214.199.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:59:42.163801 2026] [security2:error] [pid 12308:tid 12308] [client 188.214.199.61:48346] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikewakimphotos.com"] [uri "/sftp-config.json"] [unique_id "ajtWLr_WaMMHZNSKFtF6ZgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.191.96

🇳🇱 195.178.110.217

🇷🇴 2.57.121.112

🇧🇷 205.210.31.196

🇩🇪 164.90.226.216

🇮🇹 158.173.77.66

🇫🇷 146.70.40.70

🇵🇱 87.251.64.145

🇸🇪 83.233.149.204

🇰🇷 221.161.76.152

🇳🇬 152.32.141.217

🇲🇽 148.224.59.81

🇩🇪 134.122.88.146

🇻🇳 113.161.74.86

🇧🇾 81.30.98.142

🇱🇹 45.227.254.170

🇺🇸 34.182.247.20

🇮🇪 20.107.204.22

🇯🇴 176.28.144.119

🇨🇳 175.30.48.179