JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.120.172.171

37.120.172.171 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 28%: ?

28%

ISP	netcup GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197540
Hostname(s)	v2202605322861462198.supersrv.de
Domain Name	netcup.de
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.120.172.171

Whois 37.120.172.171

IP Abuse Reports for 37.120.172.171:

This IP address has been reported a total of 4 times from 4 distinct sources. 37.120.172.171 was first reported on May 29th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 10:22:01 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 37.120.172.171 (v2202605322861462198.supersrv.d ... show more (mod_security) mod_security (id:240335) triggered by 37.120.172.171 (v2202605322861462198.supersrv.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:21:56.804189 2026] [security2:error] [pid 32038:tid 32038] [client 37.120.172.171:52552] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 37.120.172.171 (+1 hits since last alert)\|pinebrookdesign.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pinebrookdesign.com"] [uri "/xmlrpc.php"] [unique_id "ajUYRDK5izv5dZiqT63aBAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 10:00:08 (1 hour ago)	[redacted] 37.120.172.171 - - [19/Jun/2026:11:59:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" " ... show more [redacted] 37.120.172.171 - - [19/Jun/2026:11:59:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 37.120.172.171 - - [19/Jun/2026:11:59:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 37.120.172.171 - - [19/Jun/2026:11:59:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 37.120.172.171 - - [19/Jun/2026:11:59:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" [redacted] 37.120.172.171 - - [19/Jun/2026:11:59:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" ... show less	Hacking Web App Attack
🇺🇸 mnsf	2026-06-13 07:07:43 (6 days ago)	Too many Status 40X (40) Scanning/Probing (40)	Brute-Force Web App Attack
🇷🇺 DZBOT	2026-05-29 02:11:39 (3 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.217.42.139

🇨🇳 121.31.210.125

🇺🇸 20.42.42.211

🇧🇷 187.72.128.177

🇪🇨 186.68.83.105

🇦🇷 181.23.69.2

🇲🇲 103.83.189.250

🇩🇪 69.5.169.155

🇫🇷 92.205.57.72

🇷🇺 85.93.58.186

🇺🇸 66.132.172.229

🇰🇷 59.27.249.238

🇧🇷 205.210.31.149

🇭🇰 203.83.11.200

🇳🇱 176.65.148.158

🇨🇦 142.93.146.198

🇮🇳 125.19.160.206

🇩🇪 87.106.135.130

🇮🇹 78.134.49.171

🇲🇾 47.250.55.117