JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.199.18.87

138.199.18.87 was found in our database!

This IP was reported 85 times. Confidence of Abuse is 28%: ?

28%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-138-199-18-87.datapacket.com
Domain Name	datacamp.co.uk
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.199.18.87

Whois 138.199.18.87

IP Abuse Reports for 138.199.18.87:

This IP address has been reported a total of 85 times from 45 distinct sources. 138.199.18.87 was first reported on July 5th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-05-22 03:12:10 (1 month ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 138.199.18.87 172.69.150.64 - - [19/May/2026:17:21: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 138.199.18.87 172.69.150.64 - - [19/May/2026:17:21:39 -0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇧🇷 Peregrine	2026-05-21 03:12:02 (1 month ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 138.199.18.87 172.69.150.64 - - [19/May/2026:17:21: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 138.199.18.87 172.69.150.64 - - [19/May/2026:17:21:39 -0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇩🇪 ketovoila.pl	2026-05-20 20:28:39 (1 month ago)	ketovoila.pl web app/PHP backdoor scan: hits=1; unique_paths=1; sample_paths=/wp-content/plugins/fix ... show more ketovoila.pl web app/PHP backdoor scan: hits=1; unique_paths=1; sample_paths=/wp-content/plugins/fix/up.php; UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"; window=2026-05-20T20:28:39Z..2026-05-20T20:28:39Z show less	Bad Web Bot Web App Attack
🇫🇷 Thaliruth	2026-05-20 19:06:32 (1 month ago)	138.199.18.87 - - [20/May/2026:21:06:31 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 106 ... show more 138.199.18.87 - - [20/May/2026:21:06:31 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 1060 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" ... show less	Brute-Force Web App Attack
🇩🇪 conseilgouz	2026-05-20 19:00:10 (1 month ago)	ece-7 : Trying access unauthorized files/dir=>/wp-content/plugins/fix/up.php	Hacking
🇧🇷 Peregrine	2026-05-19 20:21:42 (1 month ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 138.199.18.87 172.69.150.64 - - [19/May/2026:17:21: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 138.199.18.87 172.69.150.64 - - [19/May/2026:17:21:39 -0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇬🇧 pinguin	2026-05-19 19:09:16 (1 month ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/1.1 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 bigscoots.com	2026-05-17 20:27:39 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 138.199.18.87 (DE/Germany/unn-138-199-18-87.datapacket.com): ... show more (smtpauth) Failed SMTP AUTH login from 138.199.18.87 (DE/Germany/unn-138-199-18-87.datapacket.com): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-17 16:26:37 dovecot_login authenticator failed for H=(7TBidbX) [138.199.18.87]:61547: 535 Incorrect authentication data ([email protected]) 2026-05-17 16:26:46 dovecot_login authenticator failed for H=(IPUiOrMC) [138.199.18.87]:51693: 535 Incorrect authentication data ([email protected]) 2026-05-17 16:26:58 dovecot_login authenticator failed for H=(t59xQSQPN) [138.199.18.87]:6979: 535 Incorrect authentication data ([email protected]) 2026-05-17 16:27:17 dovecot_login authenticator failed for H=(17FG19m9) [138.199.18.87]:9973: 535 Incorrect authentication data ([email protected]) 2026-05-17 16:27:37 dovecot_login authenticator failed for H=(4bQQmzPvvS) [138.199.18.87]:1685: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇫🇷 conseilgouz	2026-05-14 04:35:08 (1 month ago)	sae-7 : Trying access unauthorized files/dir=>/wp-content/plugins/fix/up.php	Hacking
🇧🇪 cmbplf	2026-05-13 23:49:40 (1 month ago)	114 requests with url.path *config.php	Brute-Force Bad Web Bot
🇺🇸 agenciahypelab.com.br	2026-05-13 20:40:16 (1 month ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇩🇪 BlueWire Hosting	2026-05-13 18:05:30 (1 month ago)	Suspicious HTTP(s) activity without a user agent provided	Bad Web Bot
🇵🇱 strefapi_com	2026-05-13 17:38:33 (1 month ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇯🇵 demonsword	2026-05-13 01:25:15 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.ipvanish.com:443 show less	Open Proxy Port Scan
🇫🇷 UM3	2026-04-21 18:49:50 (2 months ago)	Exim Auth Failed	Brute-Force

Showing 1 to 15 of 85 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇴 200.105.141.172

🇧🇷 191.252.201.107

🇯🇵 152.32.145.49

🇮🇳 103.190.7.203

🇬🇧 82.16.221.216

🇭🇰 43.155.125.36

🇸🇪 20.190.181.4

🇻🇳 165.99.16.135

🇷🇺 89.175.104.146

🇩🇪 85.215.121.209

🇺🇸 74.125.179.27

🇨🇳 8.134.159.4

🇺🇸 216.73.160.211

🇧🇷 164.163.36.95

🇺🇸 164.92.106.15

🇮🇳 103.249.4.35

🇭🇰 103.243.26.174

🇻🇳 103.60.242.169

🇳🇱 91.92.40.49

🇨🇦 52.138.10.154