JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.140.243.40

37.140.243.40 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 100%: ?

100%

ISP	LLP Kompaniya Hoster.KZ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202958
Domain Name	hoster.kz
Country	🇰🇿 Kazakhstan
City	Almaty, Almaty

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.140.243.40

Whois 37.140.243.40

IP Abuse Reports for 37.140.243.40:

This IP address has been reported a total of 40 times from 27 distinct sources. 37.140.243.40 was first reported on January 11th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-17 05:14:06 (20 hours ago)	3 attacks on env grabbing URLs: GET /.env HTTP/1.1	Hacking
🇬🇧 Aetherweb Ark	2026-06-16 19:46:54 (1 day ago)	(mod_security) mod_security (id:949110) triggered by 37.140.243.40 (KZ/Kazakhstan/-): N in the last ... show more (mod_security) mod_security (id:949110) triggered by 37.140.243.40 (KZ/Kazakhstan/-): N in the last X secs show less	Web App Attack
🇫🇷 ELYAZ	2026-06-16 12:11:36 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 37.140.243.40 (KZ/Kazakhstan/-): (CF_E ... show more (mod_security) mod_security triggered on hostname [redacted] 37.140.243.40 (KZ/Kazakhstan/-): (CF_ENABLE) show less	SQL Injection
🇸🇪 SkyDancer	2026-06-16 07:58:45 (1 day ago)	Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ... show more Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X). show less	Hacking Brute-Force
🇫🇷 Baking333	2026-06-16 05:44:29 (1 day ago)	[redacted] 37.140.243.40 - - [16/Jun/2026:06:44:27 +0100] "GET /.env HTTP/2.0" 301 169 "https://[red ... show more [redacted] 37.140.243.40 - - [16/Jun/2026:06:44:27 +0100] "GET /.env HTTP/2.0" 301 169 "https://[redacted]/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" [redacted] 37.140.243.40 - - [16/Jun/2026:06:44:28 +0100] "GET /fr/.env/ HTTP/2.0" 404 26834 "https://[redacted]/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Bad Web Bot Web App Attack
🇫🇷 polido	2026-06-15 22:43:04 (2 days ago)	Unauthorized connection attempt to port 443 from 37.140.243.40	Port Scan
🇫🇷 dynamix	2026-06-15 11:18:17 (2 days ago)	Multiple WAF Violations	Web App Attack
🇧🇪 voormedia	2026-06-15 10:25:26 (2 days ago)	Accessed trap at '/.env'	Web App Attack
🇷🇴 iulianh	2026-06-15 09:27:18 (2 days ago)	80,443	Brute-Force SSH
🇮🇹 Inartis	2026-06-15 07:24:56 (2 days ago)	37.140.243.40 - - [15/Jun/2026:08:43:59 +0200] "GET /.env HTTP/1.1" 403 179 "-" "Mozilla/5.0 (Window ... show more 37.140.243.40 - - [15/Jun/2026:08:43:59 +0200] "GET /.env HTTP/1.1" 403 179 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 37.140.243.40 - - [15/Jun/2026:08:44:00 +0200] "GET /.env HTTP/1.1" 403 179 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 37.140.243.40 - - [15/Jun/2026:09:24:55 +0200] "GET /.env HTTP/1.1" 404 41770 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Inartis	2026-06-15 06:43:58 (2 days ago)	37.140.243.40 - - [15/Jun/2026:06:43:58 +0000] "GET /.env HTTP/1.1" 403 3500 "-" "Mozilla/5.0 (Windo ... show more 37.140.243.40 - - [15/Jun/2026:06:43:58 +0000] "GET /.env HTTP/1.1" 403 3500 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 [email protected]	2026-06-15 05:50:49 (2 days ago)	[Mon Jun 15 07:50:48.969879 2026] [authz_core:error] [pid 3872230:tid 3872319] [client 37.140.243.40 ... show more [Mon Jun 15 07:50:48.969879 2026] [authz_core:error] [pid 3872230:tid 3872319] [client 37.140.243.40:48796] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/.env show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:21:16 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 37.140.243.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 37.140.243.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:21:12.566751 2026] [security2:error] [pid 6631:tid 6631] [client 37.140.243.40:37990] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ipad.cmabiblequizzing.org"] [uri "/.env"] [unique_id "ai99uPHNThrLylxfaxVe9QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:21:24 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 37.140.243.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 37.140.243.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:21:18.901898 2026] [security2:error] [pid 27763:tid 27763] [client 37.140.243.40:53942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "5995.us"] [uri "/.env"] [unique_id "ai9TjgfeFZPndGH_uQCBfAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:33:47 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 37.140.243.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 37.140.243.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:33:39.662386 2026] [security2:error] [pid 15864:tid 15864] [client 37.140.243.40:58368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.natashahenry.co.uk"] [uri "/.env"] [unique_id "ai4vI8Le3Ri4wMKto3-8iAAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.120.184.63

🇮🇶 212.237.119.18

🇳🇱 176.65.139.215

🇰🇷 112.167.230.128

🇸🇬 108.162.226.140

🇩🇪 104.28.163.86

🇮🇳 59.89.225.192

🇬🇧 35.203.211.205

🇮🇪 34.245.159.227

🇨🇳 14.103.118.114

🇬🇧 217.146.80.126

🇹🇭 202.29.232.118

🇨🇱 201.223.238.203

🇨🇳 183.164.242.191

🇮🇳 165.101.250.39

🇺🇸 91.193.232.172

🇱🇹 81.30.98.142

🇧🇬 79.124.58.102

🇫🇷 51.68.34.131

🇱🇹 45.227.254.170