AbuseIPDB » 37.239.80.130
37.239.80.130
This IP was reported 6 times. Confidence of
Abuse
is 20% : ?
ISP
EarthLink Ltd. Communications&Internet Services
Usage Type
Fixed Line ISP
ASN
AS203214
Domain Name
earthlink.iq
Country
๐ฎ๐ถ
Iraq
City
Baqubah, Diyala
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 37.239.80.130 :
This IP address has been reported a total of
6
times from
6 distinct
sources.
37.239.80.130 was first reported on
January 19th 2026 , and the most recent report was
6 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ธ๐ฌ
mypatricks
2026-06-04 15:57:21
(6 days ago)
37.239.80.130 | Port: 11277 | DNS: 37.239.80.130 2026-06-04T23:57:20+08:00 Asia/Baghdad | FETCH Spro ...
show more
37.239.80.130 | Port: 11277 | DNS: 37.239.80.130 2026-06-04T23:57:20+08:00 Asia/Baghdad | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.3 HTTP/1.1 443 GET | URL: /contents/jquery-code/?bacdfadbfac | Ref: - | Country: IQ/Iraq/+03:00 IP City: Baqubah a06821ad9921d0dc-SOF/Sofia, Bulgaria 1 hits/0 secs Robots 1
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ฌ๐ง
PeravixGroup
2026-05-23 21:06:34
(2 weeks ago)
Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ...
show more
Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud
show less
IoT Targeted
Brute-Force
๐บ๐ธ
thororen
2026-04-29 07:36:30
(1 month ago)
Blocked by UFW [23/tcp]
Source port: 40886
TTL: 37
Packet length: 44
TOS: 0x00
This report was gene ...
show more
Blocked by UFW [23/tcp]
Source port: 40886
TTL: 37
Packet length: 44
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-26 15:49:06
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 37.239.80.130 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 37.239.80.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 11:48:59.174924 2026] [security2:error] [pid 11040:tid 11040] [client 37.239.80.130:33786] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.barbaraehill.com|F|2"] [data ".barbaraehill.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.barbaraehill.com"] [uri "/blog/https:/www.barbaraehill.com"] [unique_id "ae4z69MdUUOAStrfcD6ZeQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
vtchost.com
2026-03-19 09:49:01
(2 months ago)
invalid/bad user agent - possible botnet
...
Bad Web Bot
๐บ๐ธ
ipblock.com
2026-01-19 00:49:00
(4 months ago)
IPBlock protected site ID [3192-af][s=06].
Exploit request, vulnerability probe.
Hacking
Bad Web Bot
Web App Attack
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: