JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.27.196.159

37.27.196.159 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 100%: ?

100%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.159.196.27.37.clients.your-server.de
Domain Name	hetzner.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.27.196.159

Whois 37.27.196.159

IP Abuse Reports for 37.27.196.159:

This IP address has been reported a total of 57 times from 38 distinct sources. 37.27.196.159 was first reported on June 7th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 andypiper	2026-06-16 01:02:21 (9 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-16 00:13:39 (10 hours ago)	Scanning/Probing (12)	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-15 20:40:32 (13 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇩🇪 Ba-Yu	2026-06-15 20:24:13 (14 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 4server	2026-06-15 19:46:49 (14 hours ago)	[MonJun1521:46:43.6969782026][security2:error][pid72775:tid72919][client37.27.196.159:0]ModSecurity: ... show more [MonJun1521:46:43.6969782026][security2:error][pid72775:tid72919][client37.27.196.159:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"thilyatecnologie.ch\"][uri\"/api/.env\"][unique_id\"ajBWo2YCS0F6nEsfSecjZAAAAQE\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 AvonleaConsulting	2026-06-15 17:27:35 (17 hours ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇩🇪 SwinT	2026-06-15 17:00:04 (17 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 LRob.fr	2026-06-15 16:30:03 (18 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇳🇱 e.fierstra	2026-06-15 16:27:13 (18 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-15 12:31:35 (22 hours ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-15 12:20:02 (22 hours ago)	suspicious request in access.log	Web App Attack
🇧🇷 Halux	2026-06-15 12:05:16 (22 hours ago)	37.27.196.159 Probing protected path or service	Web App Attack
🇺🇸 jcbriar	2026-06-15 11:21:11 (23 hours ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇵🇾 armandosaucedo.me	2026-06-15 10:34:36 (1 day ago)	Threat Intelligence via ARMTI, Web Attack: GET /env2/.env	Web App Attack
🇵🇾 armandosaucedo.me	2026-06-15 10:16:35 (1 day ago)	Threat Intelligence via ARMTI, Web Attack: GET /functions/.env	Web App Attack

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.189.174

🇮🇩 180.254.191.94

🇺🇸 48.211.213.34

🇳🇱 195.178.110.30

🇪🇸 194.220.97.134

🇫🇮 147.185.133.197

🇫🇮 147.185.133.182

🇺🇸 108.35.208.68

🇨🇳 106.75.169.25

🇹🇷 95.9.79.31

🇺🇸 74.101.98.89

🇦🇺 49.187.177.208

🇧🇷 45.205.1.240

🇩🇪 167.94.146.39

🇮🇩 140.213.30.114

🇮🇳 124.253.78.217

🇳🇱 80.82.77.202

🇺🇸 64.23.218.208

🇵🇪 38.25.52.222

🇳🇱 5.255.102.83