JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.140.223.60

37.140.223.60 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 57%: ?

57%

ISP	Turkbil Sunucu Hizmetleri
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	turkbil.net.tr
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.140.223.60

Whois 37.140.223.60

IP Abuse Reports for 37.140.223.60:

This IP address has been reported a total of 238 times from 100 distinct sources. 37.140.223.60 was first reported on December 29th 2023, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 etu brutus	2026-06-26 17:16:26 (8 hours ago)	37.140.223.60 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 04:44:48 (20 hours ago)	(mod_security) mod_security (id:234930) triggered by 37.140.223.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:234930) triggered by 37.140.223.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:44:44.134728 2026] [security2:error] [pid 24346:tid 24346] [client 37.140.223.60:34585] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|automatebi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "automatebi.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aj4DvJnKqvzTV6NphojyDQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-25 22:00:34 (1 day ago)	Aggressive web search of vulnerable pages: /wp-content/wp-conflg.php /wp-includes/rest-api/endpoints ... show more Aggressive web search of vulnerable pages: /wp-content/wp-conflg.php /wp-includes/rest-api/endpoints/ /wp-admin/css/colors/coffee/ /wp-includes ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 21:45:07 (1 day ago)	(mod_security) mod_security (id:234930) triggered by 37.140.223.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:234930) triggered by 37.140.223.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 17:45:02.628881 2026] [security2:error] [pid 22973:tid 22973] [client 37.140.223.60:47233] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|78cardsofthetarot-tarotmancy-tarot-cards-and-tarot-readings.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "78cardsofthetarot-tarotmancy-tarot-cards-and-tarot-readings.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aj2hXuS6Bcp4Gd2g856plgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 20:26:32 (1 day ago)	ANFRADE WEBEXPLOIT 37.140.223.60 (37.140.223.60)	Web App Attack
🇩🇪 lespbaj	2026-06-22 13:15:05 (4 days ago)	{"time":"2026-06-22T13:15:03+00:00","ip":"37.140.223.60","method":"GET","uri":"/wp-login.php","ua":" ... show more {"time":"2026-06-22T13:15:03+00:00","ip":"37.140.223.60","method":"GET","uri":"/wp-login.php","ua":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15","referer":""} ... show less	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-21 12:00:20 (5 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇮🇩 soc-yk	2026-06-20 17:07:13 (6 days ago)	Type: web_scanning Risk: 100 Events: 59 Evidence: - Automated hostile web probing detected - Repeat ... show more Type: web_scanning Risk: 100 Events: 59 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇬🇷 setupgr	2026-06-17 03:33:29 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 37.140.223.60: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 37.140.223.60: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 17 06:33:24.917501 2026] [security2:error] [pid 2210295:tid 2210434] [client 37.140.223.60:40079] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "ajIVhIHi3fYqxwKQHNYB5AAAAcw"] show less	Port Scan
🇩🇪 FeG Deutschland	2026-05-26 17:32:00 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇦🇺 MAGIC	2026-05-25 00:25:19 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇵🇱 sefinek.net	2026-05-16 14:25:56 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /wp-login.php \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; rv:143.0) Gecko/20100101 Firefox/143.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 factor1	2026-05-07 11:21:24 (1 month ago)	Fail2ban at saturn Reports Abuse.	Brute-Force Web App Attack
Anonymous	2026-05-01 21:06:43 (1 month ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Webshell probing, Backup file probing show less	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-01 07:32:22 (1 month ago)	37.140.223.60 - - [01/May/2026:10:32:21 +0300] "GET /amax.php HTTP/1.1" 404 710 "-" "Mozilla/5.0 (Wi ... show more 37.140.223.60 - - [01/May/2026:10:32:21 +0300] "GET /amax.php HTTP/1.1" 404 710 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 37.140.223.60 - - [01/May/2026:10:32:22 +0300] "GET /wp-content/hello.php HTTP/1.1" 404 710 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" ... show less	Web App Attack

Showing 1 to 15 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 208.109.11.76

🇨🇴 190.26.146.233

🇸🇬 172.188.89.41

🇩🇪 167.94.145.21

🇺🇸 104.196.150.227

🇺🇸 65.49.1.68

🇺🇸 64.224.17.57

🇳🇱 45.156.87.130

🇺🇸 205.210.31.10

🇬🇧 193.163.125.53

🇫🇷 167.86.89.248

🇦🇪 165.154.12.108

🇩🇪 144.76.132.76

🇩🇪 104.248.26.206

🇺🇸 104.43.131.157

🇨🇦 99.234.129.171

🇹🇷 78.186.54.65

🇫🇷 77.207.54.215

🇺🇸 65.49.1.22

🇪🇨 45.239.48.40