JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.214.53.183

48.214.53.183 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 87%: ?

87%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.214.53.183

Whois 48.214.53.183

IP Abuse Reports for 48.214.53.183:

This IP address has been reported a total of 23 times from 18 distinct sources. 48.214.53.183 was first reported on June 10th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇪 Selckie	2026-06-16 08:47:21 (2 days ago)	fail2ban: NGINX unusual impact	Web App Attack
🇩🇪 paprika	2026-06-11 04:01:53 (1 week ago)	Automated report #1: 5 attacks detected. Types: Brute-force (login).	Brute-Force Email Spam
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇨🇭 Kepler-1649c	2026-06-10 22:05:27 (1 week ago)	Detected Attack: HTPasswd.Access	Hacking
Anonymous	2026-06-10 19:15:15 (1 week ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:55:55 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 48.214.53.183 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 48.214.53.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:55:47.918468 2026] [security2:error] [pid 20695:tid 20695] [client 48.214.53.183:49060] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.180"] [uri "/.git/HEAD"] [unique_id "aimzMzQpoQCqd8Rbs1zAVQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:34:14 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 48.214.53.183 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 48.214.53.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:34:11.511161 2026] [security2:error] [pid 15803:tid 15803] [client 48.214.53.183:49443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.143"] [uri "/.git/HEAD"] [unique_id "aimuIzqJHVNyGyxT29Xf7wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Webhoster	2026-06-10 18:04:03 (1 week ago)	CrowdSec scenario: crowdsecurity/http-sensitive-files	Hacking
🇧🇪 sid3windr	2026-06-10 16:27:57 (1 week ago)	GET /.git/HEAD (Tarpitted for , wasted 120B)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 14:38:40 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 48.214.53.183 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 48.214.53.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:38:32.443210 2026] [security2:error] [pid 28410:tid 28410] [client 48.214.53.183:49165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.89"] [uri "/.git/HEAD"] [unique_id "ail26MrUxYr_ir8X-DBeYwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 Countryman	2026-06-10 14:31:04 (1 week ago)	IPS detection: HTPasswd.Access	Hacking
🇩🇪 AetherFox	2026-06-10 13:55:38 (1 week ago)	AetherFox VoidGuard detected: [Wed Jun 10 13:55:32.185328 2026] [authz_core:error] [pid 4119023:tid ... show more AetherFox VoidGuard detected: [Wed Jun 10 13:55:32.185328 2026] [authz_core:error] [pid 4119023:tid 4119027] [client 48.214.53.183:23491] AH01630: client denied by server configuration: proxy:http://[MASKED]/.git/config [Wed Jun 10 13:55:32.185550 2026] [authz_core:error] [pid 4119023:tid 4119027] [client 48.214.53.183:23491] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Wed Jun 10 13:55:33.168577 2026] [authz_core:error] [pid 4064720:tid 4064768] [client 48.214.53.183:23495] AH01630: client denied by server configuration: proxy:http://[MASKED]/.env [Wed Jun 10 13:55:33.168696 2026] [authz_core:error] [pid 4064720:tid 4064768] [client 48.214.53.183:23495] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Wed Jun 10 13:55:36.885932 2026] [authz_core:error] [pid 4118972:tid 4118994] [client 48.214.53.183:23518] AH01630: client denied by server configuration: proxy:http://[MASKED]/.env.produ ... show less	Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-10 13:43:30 (1 week ago)	2026-06-10 13:43:30 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
Anonymous	2026-06-10 12:22:06 (1 week ago)	Bot / scanning and/or hacking attempts: GET /wp-config.php.bak HTTP/1.1, GET /___proxy_subdomain_whm ... show more Bot / scanning and/or hacking attempts: GET /wp-config.php.bak HTTP/1.1, GET /___proxy_subdomain_whm/login/ HTTP/1.1, GET /config.php HTTP/1.1, GET /server-status HTTP/1.1, GET /app/config/parameters.yml HTTP/1.1, GET /backup.sql HTTP/1.1, GET /.DS_Store HTTP/1.1, GET /dump.sql HTTP/1.1, GET /phpinfo.php HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 MPL	2026-06-10 12:15:44 (1 week ago)	tcp port scan (5 or more attempts)	Port Scan

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇷 179.48.248.245

🇪🇬 41.128.181.199

🇺🇸 20.12.202.181

🇨🇳 222.88.163.204

🇺🇸 216.73.216.125

🇳🇱 204.76.203.15

🇲🇦 196.75.140.236

🇲🇽 186.96.158.180

🇨🇳 183.164.241.34

🇩🇪 157.240.0.35

🇫🇮 147.185.133.187

🇳🇱 77.83.39.197

🇨🇳 58.255.237.166

🇬🇧 35.203.210.23

🇺🇸 20.163.14.51

🇸🇬 178.128.91.179

🇨🇳 118.196.34.237

🇫🇷 109.199.105.90

🇰🇷 59.15.58.148

🇩🇪 213.209.159.238