JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.241.126.42

188.241.126.42 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 53%: ?

53%

ISP	virtual solution srl
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64445
Domain Name	server-dedicato.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.241.126.42

Whois 188.241.126.42

IP Abuse Reports for 188.241.126.42:

This IP address has been reported a total of 21 times from 8 distinct sources. 188.241.126.42 was first reported on June 10th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-17 03:03:40 (17 hours ago)	[WedJun1705:03:34.2783492026][security2:error][pid2757563:tid2757627][client188.241.126.42:0]ModSecu ... show more [WedJun1705:03:34.2783492026][security2:error][pid2757563:tid2757627][client188.241.126.42:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"martinairsagl.ch\"][uri\"/sftp-config.json\"][unique_id\"ajIOhp9mPifo32Ffn49MGgAAAJI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:31:20 (20 hours ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:31:15.930051 2026] [security2:error] [pid 18532:tid 18532] [client 188.241.126.42:58592] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marlinlee.com"] [uri "/sftp-config.json"] [unique_id "ajHq05KXd-KLb7PLhs_ThAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:48:08 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:48:05.072383 2026] [security2:error] [pid 18762:tid 18762] [client 188.241.126.42:25228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marketask.com"] [uri "/sftp-config.json"] [unique_id "ajG2hTknFFAm0okYGr6dIgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 18:59:09 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:59:05.521203 2026] [security2:error] [pid 28850:tid 28865] [client 188.241.126.42:8504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.name"] [uri "/sftp-config.json"] [unique_id "ajGc-clT-GqarUZu6x8pIgAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 03:01:22 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:01:17.633392 2026] [security2:error] [pid 2649:tid 2649] [client 188.241.126.42:28376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gazelleplanner.com"] [uri "/sftp-config.json"] [unique_id "ai4ZfXiL_SwSiA4irqTE7gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 20:56:57 (3 days ago)	188.241.126.42 - - [13/Jun/2026:20:56:55 +0000] "GET /sftp-config.json HTTP/1.1" 302 645 "-" "Mozill ... show more 188.241.126.42 - - [13/Jun/2026:20:56:55 +0000] "GET /sftp-config.json HTTP/1.1" 302 645 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-13 15:27:12 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 Viveronese	2026-06-13 15:17:50 (4 days ago)	HTTP vulnerability scanning	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 14:38:33 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:38:28.572439 2026] [security2:error] [pid 10481:tid 10481] [client 188.241.126.42:41452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garantaconsulting.com"] [uri "/sftp-config.json"] [unique_id "ai1rZE2tvQ7_oYFfECkp7QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2026-06-13 13:05:33 (4 days ago)	Scanning for exploits - /.vscode/sftp.json	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 05:30:46 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:30:43.020271 2026] [security2:error] [pid 17506:tid 17506] [client 188.241.126.42:50700] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galysh.us"] [uri "/sftp-config.json"] [unique_id "aizrA4gz9NZ29XsjSghxuwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 15:02:55 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:02:51.752841 2026] [security2:error] [pid 4022:tid 4022] [client 188.241.126.42:47120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fwa51.com"] [uri "/sftp-config.json"] [unique_id "aiwfmz8QP84WDCVFEJGdqgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 13:19:08 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:19:00.250842 2026] [security2:error] [pid 17435:tid 17435] [client 188.241.126.42:21214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futureproductionsonline.com"] [uri "/sftp-config.json"] [unique_id "aiwHRIgqao9kZWbntdNn6wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-11 19:24:37 (6 days ago)	Try to access /.vscode/sftp.json	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 17:28:44 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.241.126.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:28:37.707156 2026] [security2:error] [pid 13377:tid 13377] [client 188.241.126.42:9494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "friedeprod.com"] [uri "/sftp-config.json"] [unique_id "airwRZ5Fi9Bd2xVrua2wlAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.189.138

🇨🇳 122.96.31.53

🇺🇸 40.112.183.29

🇳🇱 5.61.209.224

🇺🇸 192.169.201.223

🇸🇬 152.42.190.92

🇰🇷 118.33.113.4

🇨🇳 101.201.226.38

🇨🇳 101.200.52.133

🇪🇸 91.126.115.22

🇭🇰 47.239.55.122

🇧🇷 45.205.1.247

🇳🇱 45.148.10.152

🇨🇳 39.154.8.78

🇺🇸 192.252.220.89

🇺🇸 172.253.2.19

🇨🇳 120.84.12.41

🇨🇳 14.103.127.195

🇺🇸 185.226.196.18

🇮🇷 178.22.121.139