JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.19.198.160

37.19.198.160 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 60%: ?

60%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-37-19-198-160.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.19.198.160

Whois 37.19.198.160

IP Abuse Reports for 37.19.198.160:

This IP address has been reported a total of 53 times from 26 distinct sources. 37.19.198.160 was first reported on January 4th 2025, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-24 20:24:22 (59 minutes ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇧🇪 boxed-it	2026-06-24 19:47:22 (1 hour ago)	GET /.bash_history (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇧🇪 boxed-it	2026-06-24 12:43:31 (8 hours ago)	GET /config/secrets.yaml (Tarpitted for 1d15h8m29s, wasted 8.06MB)	Web App Attack
🇨🇿 lp	2026-06-24 10:51:14 (10 hours ago)	Email account brute force: 1 attempts were recorded from 37.19.198.160 2026-06-24T12:25:33+02:00 war ... show more Email account brute force: 1 attempts were recorded from 37.19.198.160 2026-06-24T12:25:33+02:00 warning: unknown[37.19.198.160]: SASL PLAIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇧🇪 boxed-it	2026-06-24 10:13:57 (11 hours ago)	GET /.env (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇫🇷 tecnicorioja	2026-06-20 22:00:40 (3 days ago)	SASL LOGIN authentication failed Jun 20 20:28:08	Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 16:04:02 (5 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇬🇧 OptimusGO	2026-06-19 13:33:40 (5 days ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-19 14:33:40 UTC Log evidence: 06/19/2026-14:33:39.719549 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 37.19.198.160:57800 -> 185.127.18.66:8088 show less	Port Scan Brute-Force
Anonymous	2026-06-19 05:26:01 (5 days ago)	Automated report (2026-06-19T01:26:01-04:00). Caught probing for env file.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 05:21:26 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 01:21:19.401669 2026] [security2:error] [pid 16339:tid 16339] [client 37.19.198.160:60166] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garyandthegroove.com"] [uri "/.env.bak.1"] [unique_id "ajTRz2uASdUrbsiSoMWL7AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-17 08:29:00 (1 week ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-16 05:15:07 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:14:56.317663 2026] [security2:error] [pid 31795:tid 31802] [client 37.19.198.160:35000] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|richardleeweatherman.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "richardleeweatherman.com"] [uri "/telegram_messages.db"] [unique_id "ajDb0KlncVosehAUz-tNmgAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 01:42:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:42:43.045626 2026] [security2:error] [pid 3032:tid 3032] [client 37.19.198.160:58612] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilandman.com"] [uri "/.env.local"] [unique_id "ajCqE8srr5nkKFOtW0Jq_wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:27:14 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:27:08.371228 2026] [security2:error] [pid 14457:tid 14485] [client 37.19.198.160:47544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coloradomohs.aafm.us"] [uri "/.env.old"] [unique_id "ajAn3ODjY4S49AQT6A4GlQAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:05:46 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 37.19.198.160 (unn-37-19-198-160.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:05:38.611504 2026] [security2:error] [pid 12192:tid 12192] [client 37.19.198.160:46220] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.construction.bonefrog.com"] [uri "/.env.staging"] [unique_id "ajAi0tNTOcu0fsTWY-N7HAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.85.247.230

🇳🇱 91.92.40.176

🇺🇸 44.95.199.54

🇺🇸 2607:ff10:c8:594::b

🇪🇹 196.189.155.89

🇬🇧 92.239.148.231

🇳🇱 45.156.87.166

🇺🇸 44.8.158.105

🇺🇸 40.77.167.57

🇧🇷 205.210.31.175

🇺🇸 205.210.31.56

🇨🇳 183.253.238.58

🇻🇳 165.154.137.186

🇦🇪 152.32.180.98

🇺🇦 146.120.225.158

🇩🇪 118.193.59.41

🇨🇳 111.26.106.119

🇩🇪 69.5.169.155

🇺🇸 44.75.137.124

🇺🇸 216.180.246.192