JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.19.221.17

37.19.221.17 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 100%: ?

100%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-37-19-221-17.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.19.221.17

Whois 37.19.221.17

IP Abuse Reports for 37.19.221.17:

This IP address has been reported a total of 137 times from 77 distinct sources. 37.19.221.17 was first reported on July 17th 2023, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-06-10 21:07:02 (6 hours ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:02:29 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:02:25.094065 2026] [security2:error] [pid 22616:tid 22616] [client 37.19.221.17:29962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rucomp.com"] [uri "/.env"] [unique_id "ainQ4f9T5l89hSy7_meNEAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:52:23 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:52:18.150812 2026] [security2:error] [pid 31310:tid 31310] [client 37.19.221.17:4347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deargrampy.net"] [uri "/.env"] [unique_id "ainAcq0qXpD4BLseogV92wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 19:17:15 (8 hours ago)	PSCSERV WPSCAN 37.19.221.17	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:15:20 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:15:15.350281 2026] [security2:error] [pid 2383:tid 2383] [client 37.19.221.17:35437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sahinozalit.com"] [uri "/.env"] [unique_id "aim3w9Hl76vQLI5Fp4X5jwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:28:11 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:28:05.685911 2026] [security2:error] [pid 9562:tid 9562] [client 37.19.221.17:37710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "herstonfarm.com"] [uri "/.env"] [unique_id "aimstdx_Dg18XBn8meK0SwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-10 18:01:23 (9 hours ago)	Try to access /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 17:51:55 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 37.19.221.17 (unn-37-19-221-17.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:51:47.839074 2026] [security2:error] [pid 10666:tid 10666] [client 37.19.221.17:53764] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ieas.org"] [uri "/.env"] [unique_id "aimkM4WYOGj5aOZ8MtEECAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇾 armandosaucedo.me	2026-06-10 17:19:12 (10 hours ago)	Threat Intelligence via ARMTI, Web Attack: GET /.env	Web App Attack
Anonymous	2026-06-10 17:18:18 (10 hours ago)	(caddyscan) Scanner path probe from 37.19.221.17 (US/United States/unn-37-19-221-17.datapacket.com): ... show more (caddyscan) Scanner path probe from 37.19.221.17 (US/United States/unn-37-19-221-17.datapacket.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 404 224 37.19.221.17 - - [10/Jun/2026:17:17:51 +0000] "GET /.env HTTP/1.1" [REDACTED] 404 215 37.19.221.17 - - [10/Jun/2026:17:17:52 +0000] "GET /.env HTTP/1.1" [REDACTED] 404 210 37.19.221.17 - - [10/Jun/2026:17:18:04 +0000] "GET /.env HTTP/1.1" [REDACTED] 404 212 37.19.221.17 - - [10/Jun/2026:17:18:04 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 37.19.221.17 - - [10/Jun/2026:17:18:17 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇩🇪 raph	2026-06-10 16:59:48 (11 hours ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
Anonymous	2026-06-10 16:06:03 (11 hours ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=4	Hacking
🇩🇪 Ba-Yu	2026-06-10 15:59:52 (12 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 ArturShelby	2026-06-10 15:48:55 (12 hours ago)	Critical file access: /.env	Web App Attack
🇷🇺 DZBOT	2026-06-10 15:31:47 (12 hours ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇳 197.5.145.150

🇮🇷 193.151.141.41

🇱🇹 62.60.130.59

🇺🇸 2600:1f18:3120:f504:1780:114e:240:e167

🇱🇻 217.60.3.128

🇩🇪 213.209.159.115

🇺🇸 206.212.244.18

🇺🇸 198.23.172.54

🇺🇸 195.184.76.66

🇻🇳 183.91.186.36

🇬🇧 134.209.25.199

🇯🇵 118.243.65.248

🇨🇳 116.162.216.223

🇻🇳 103.228.36.70

🇫🇷 91.231.89.41

🇪🇸 90.168.109.53

🇧🇬 78.130.147.234

🇧🇬 78.128.113.74

🇺🇸 66.132.195.27

🇺🇸 66.132.186.179