JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.19.221.12

37.19.221.12 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 2%: ?

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-37-19-221-12.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.19.221.12

Whois 37.19.221.12

IP Abuse Reports for 37.19.221.12:

This IP address has been reported a total of 54 times from 37 distinct sources. 37.19.221.12 was first reported on December 11th 2021, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 FREAKISH	2026-05-18 04:51:25 (2 weeks ago)	2026-05-18 06:51:24: Minecraft server scan detected from 37.19.221.12 on port 25565 of 127.0.0.1	Port Scan
Anonymous	2026-04-06 20:51:17 (1 month ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 x5servers	2026-02-09 11:43:00 (3 months ago)	Multiple simultaneous attacks detected	Hacking Brute-Force Bad Web Bot
🇬🇧 noise.agency	2026-02-04 05:45:55 (4 months ago)	(wordpress) Failed wordpress login from 37.19.221.12 (US/United States/unn-37-19-221-12.datapacket.c ... show more (wordpress) Failed wordpress login from 37.19.221.12 (US/United States/unn-37-19-221-12.datapacket.com) show less	Brute-Force
🇮🇪 Jim Keir	2026-02-04 05:31:49 (4 months ago)	2026-02-04 05:31:48 37.19.221.12 File scanning, blocking 37.19.221.12 for 5 minutes	Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 05:29:50 (4 months ago)	(mod_security) mod_security (id:240335) triggered by 37.19.221.12 (unn-37-19-221-12.datapacket.com): ... show more (mod_security) mod_security (id:240335) triggered by 37.19.221.12 (unn-37-19-221-12.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 00:29:47.212139 2026] [security2:error] [pid 12264:tid 12264] [client 37.19.221.12:51055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 37.19.221.12 (+1 hits since last alert)\|starvationacres.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "starvationacres.us"] [uri "/xmlrpc.php"] [unique_id "aYLZS0HHt1uFUV0atPMnSAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 05:10:09 (4 months ago)	(mod_security) mod_security (id:240335) triggered by 37.19.221.12 (unn-37-19-221-12.datapacket.com): ... show more (mod_security) mod_security (id:240335) triggered by 37.19.221.12 (unn-37-19-221-12.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 00:10:03.618409 2026] [security2:error] [pid 20425:tid 20425] [client 37.19.221.12:64083] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 37.19.221.12 (+1 hits since last alert)\|expresstires.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "expresstires.us"] [uri "/xmlrpc.php"] [unique_id "aYLUqxcDz2_8Z23ALF1B4AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-02-04 01:25:35 (4 months ago)	3.164 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-04 00:40:24 (4 months ago)	(mod_security) mod_security (id:240335) triggered by 37.19.221.12 (unn-37-19-221-12.datapacket.com): ... show more (mod_security) mod_security (id:240335) triggered by 37.19.221.12 (unn-37-19-221-12.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 19:40:16.170391 2026] [security2:error] [pid 21842:tid 21842] [client 37.19.221.12:5959] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 37.19.221.12 (+1 hits since last alert)\|saadeh.ws\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "saadeh.ws"] [uri "/xmlrpc.php"] [unique_id "aYKVcJ4KvmLm1mrZW6G9igAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-01 04:14:02 (5 months ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
🇧🇷 SvrAdmin	2026-01-01 04:13:12 (5 months ago)	[315] (smtpauth) Failed SMTP AUTH login from 37.19.221.12 (US/United States/unn-37-19-221-12.datapac ... show more [315] (smtpauth) Failed SMTP AUTH login from 37.19.221.12 (US/United States/unn-37-19-221-12.datapacket.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: Jan 1 01:13:08 cwp01 postfix/smtpd[15358]: warning: unknown[37.19.221.12]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 01:13:08 cwp01 postfix/smtpd[15406]: warning: unknown[37.19.221.12]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 01:13:08 cwp01 postfix/smtpd[15408]: warning: unknown[37.19.221.12]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 01:13:08 cwp01 postfix/smtpd[15407]: warning: unknown[37.19.221.12]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 1 01:13:08 cwp01 postfix/smtpd[15405]: warning: unknown[37.19.221.12]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 show less	Port Scan Hacking Brute-Force Exploited Host
🇮🇹 Progetto1	2025-10-25 19:58:02 (7 months ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇫🇷 ingroscart.it	2025-10-25 19:55:49 (7 months ago)	(smtpauth) Failed SMTP AUTH login from 37.19.221.12 (US/United States/unn-37-19-221-12.datapacket.co ... show more (smtpauth) Failed SMTP AUTH login from 37.19.221.12 (US/United States/unn-37-19-221-12.datapacket.com) show less	Brute-Force
Anonymous	2025-10-10 16:30:34 (7 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-09-16 17:09:39 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.162.123.26

🇺🇸 154.83.197.88

🇨🇳 125.120.38.18

🇨🇳 119.96.159.237

🇹🇷 81.214.38.139

🇳🇱 45.148.10.152

🇸🇪 45.84.107.174

🇻🇳 27.79.6.12

🇮🇳 2a02:4780:11:2096:0:23e7:8d17:1

🇧🇷 167.250.47.39

🇩🇪 167.94.146.78

🇺🇸 165.154.173.97

🇺🇸 147.185.132.124

🇮🇳 128.185.249.46

🇳🇱 87.229.95.220

🇳🇱 85.121.127.157

🇨🇦 20.151.116.141

🇺🇸 18.223.22.33

🇩🇪 8.211.45.42

🇮🇱 212.199.105.109