JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.184.76.48

195.184.76.48 was found in our database!

This IP was reported 650 times. Confidence of Abuse is 100%: ?

100%

ISP	FR ONYPHE
Usage Type	Commercial
ASN	AS213412
Hostname(s)	lucas.probe.onyphe.net
Domain Name	onyphe.io
Country	🇺🇸 United States of America
City	Warrenton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.184.76.48

Whois 195.184.76.48

IP Abuse Reports for 195.184.76.48:

This IP address has been reported a total of 650 times from 79 distinct sources. 195.184.76.48 was first reported on February 6th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-06-24 05:57:58 (1 hour ago)	Honeypot hit: Unauthorized traffic (616 bytes of payload); 8899 [1] TCP	Port Scan
🇺🇸 donarev419	2026-06-24 04:30:33 (2 hours ago)	Connection to port 2762 with data transfer. Data preview:	Port Scan Hacking
🇺🇸 donarev419	2026-06-24 02:57:26 (4 hours ago)	Connection to port 15001 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:1500 ... show more Connection to port 15001 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:15001 Connection: close User-Agent: Mozilla/5.0 (X11; Ubuntu; show less	Port Scan Hacking
🇺🇸 donarev419	2026-06-24 02:31:00 (4 hours ago)	Connection to port 1223 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:1223 ... show more Connection to port 1223 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:1223 Connection: close User-Agent: Mozilla/5.0 (X11; Ubuntu; show less	Port Scan Hacking
🇵🇱 sefinek.net	2026-06-23 23:39:41 (7 hours ago)	Honeypot hit: Empty payload (likely service probe); 4340 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 4340 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-23 20:22:09 (10 hours ago)	Honeypot hit: Unauthorized traffic (616 bytes of payload); 5312 [1] TCP	Port Scan
🇸🇪 donarev419	2026-06-23 02:53:28 (1 day ago)	Connection to port 9500 with data transfer. Data preview: b	Port Scan Hacking
🇺🇸 sandra361	2026-06-22 23:49:44 (1 day ago)	Port scan detected: 5 attempts across 1 ports (9001). \| Evidence: REAPER_TARPIT: IN=enp1s0 SRC=195.1 ... show more Port scan detected: 5 attempts across 1 ports (9001). \| Evidence: REAPER_TARPIT: IN=enp1s0 SRC=195.184.76.48 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=8080 DF PROTO=TCP SPT=57003 DPT=9001 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇵🇱 sefinek.net	2026-06-22 17:17:07 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 23005 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 23005 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇧🇷 ICS Labs	2026-06-22 15:50:23 (1 day ago)	ICS Labs identified 195.184.76.48 as a malicious indicator from threat intelligence.	DDoS Attack Port Scan Hacking Brute-Force Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-22 07:23:15 (1 day ago)	Honeypot hit: Unauthorized traffic (616 bytes of payload); 10015 [1] TCP	Port Scan
🇦🇺 LiftUp Hosting	2026-06-22 04:34:30 (2 days ago)	Honeypot hit: Empty payload (likely service probe); 24000 [1] TCP	Port Scan
🇫🇷 Fasetech	2026-06-20 22:33:27 (3 days ago)	SecLedge detected suspicious activity. Score: 99.0. Sensor: T-Pot.	Brute-Force
🇦🇺 LiftUp Hosting	2026-06-20 15:04:00 (3 days ago)	Honeypot hit: Unauthorized traffic (616 bytes of payload); 10200 [1] TCP	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 20:41:59 (4 days ago)	Honeypot hit: Unauthorized traffic (616 bytes of payload); 3025 [1] TCP	Port Scan

Showing 1 to 15 of 650 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 176.112.128.143

🇧🇾 81.30.98.142

🇩🇪 69.5.169.141

🇺🇸 34.182.217.3

🇺🇸 20.64.105.250

🇬🇧 185.247.137.108

🇺🇸 172.253.1.27

🇺🇸 166.77.36.6

🇺🇸 137.184.177.248

🇩🇪 103.14.32.224

🇨🇳 101.96.214.98

🇬🇧 87.106.65.126

🇺🇸 65.111.9.69

🇳🇱 45.156.87.93

🇫🇮 5.181.169.66

🇺🇸 216.26.228.101

🇨🇳 150.139.194.15

🇰🇷 106.245.8.139

🇨🇦 85.217.149.32

🇺🇸 66.132.172.158