JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.48.95.194

37.48.95.194 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 89%: ?

89%

ISP	LeaseWeb Netherlands B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60781
Hostname(s)	hosted-by.leaseweb.com
Domain Name	leaseweb.com
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.48.95.194

Whois 37.48.95.194

IP Abuse Reports for 37.48.95.194:

This IP address has been reported a total of 30 times from 27 distinct sources. 37.48.95.194 was first reported on March 26th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SCHAPPY	2026-06-20 12:46:58 (1 week ago)	Critical web app attack detected. Request content type is not allowed by policy	Web App Attack
Anonymous	2026-06-20 12:16:43 (1 week ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇮🇪 Jim Keir	2026-06-20 11:44:12 (1 week ago)	2026-06-20 11:44:11 37.48.95.194 File scanning, blocking 37.48.95.194 for 5 minutes	Web App Attack
🇩🇪 big-cloud.nl	2026-06-20 11:17:18 (1 week ago)	Try to access /.env	Web App Attack
Anonymous	2026-06-20 10:05:34 (1 week ago)	Blocked: Reason='Suspicious traffic score=65 (review-based detection)'; Requests=11	Hacking
🇺🇸 TPI-Abuse	2026-06-20 09:48:31 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 37.48.95.194 (hosted-by.leaseweb.com): 1 in the ... show more (mod_security) mod_security (id:210492) triggered by 37.48.95.194 (hosted-by.leaseweb.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:48:25.819585 2026] [security2:error] [pid 2766:tid 2766] [client 37.48.95.194:50058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.michaelcarrollgreen.com"] [uri "/.env"] [unique_id "ajZh6TQA0cl1ynOhkCRBEwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2026-06-20 09:26:15 (1 week ago)	(mod_security) mod_security (id:920420) triggered by 37.48.95.194 (hosted-by.leaseweb.com): 5 in the ... show more (mod_security) mod_security (id:920420) triggered by 37.48.95.194 (hosted-by.leaseweb.com): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇮🇳 dineshskt4all	2026-06-20 09:10:20 (1 week ago)	[Sat Jun 20 09:10:17.877050 2026] [proxy_fcgi:error] [pid 437437:tid 136923381212864] [client 37.48. ... show more [Sat Jun 20 09:10:17.877050 2026] [proxy_fcgi:error] [pid 437437:tid 136923381212864] [client 37.48.95.194:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇺🇸 mnsf	2026-06-20 09:06:10 (1 week ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-06-20 08:00:58 (1 week ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
Anonymous	2026-06-20 08:00:28 (1 week ago)	Web App Attack, Hacking	Hacking Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-20 07:55:41 (1 week ago)	Blocked by CSF 13 firewall - Rule: config-dotfile NL/Netherlands/hosted-by.leaseweb.com	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-20 07:44:42 (1 week ago)	[Sat Jun 20 17:44:41.976770 2026] [security2:error] [pid 728277] [client 37.48.95.194:45134] [client ... show more [Sat Jun 20 17:44:41.976770 2026] [security2:error] [pid 728277] [client 37.48.95.194:45134] [client 37.48.95.194] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "angleseaarthouse.com.au"] [uri "/_profiler/phpinfo"] [unique_id "ajZE6aN7KH0HlNbs91OmRAAAAAA"] ... show less	Web App Attack
🇩🇪 paissangroup	2026-06-20 07:30:21 (1 week ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-20 06:00:07 (1 week ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.64.89

🇺🇸 2600:1f14:2159:6a01:898:e848:2ede:80d1

🇩🇪 185.242.3.195

🇺🇸 170.106.74.215

🇺🇸 162.216.150.239

🇺🇸 64.94.159.234

🇰🇷 47.80.63.229

🇺🇸 20.98.140.180

🇬🇧 172.236.8.193

🇺🇸 162.216.149.227

🇸🇦 154.205.134.214

🇵🇱 95.214.53.157

🇩🇪 62.133.60.87

🇸🇬 47.128.61.16

🇸🇬 43.173.178.139

🇬🇧 35.203.210.7

🇺🇸 23.172.217.87

🇧🇷 177.74.175.83

🇮🇩 103.191.14.210

🇺🇸 91.230.168.220