JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.140.254.138

37.140.254.138 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Network Services
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇨🇭 Switzerland
City	Oberhausen-Boschenwiesen, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.140.254.138

Whois 37.140.254.138

IP Abuse Reports for 37.140.254.138:

This IP address has been reported a total of 134 times from 49 distinct sources. 37.140.254.138 was first reported on August 7th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-04-24 01:35:09 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇭🇷 fmilkovic	2026-04-15 10:34:15 (2 months ago)	Coordinated scanner farm (VPN exit) probing for PHPUnit RCE (CVE-2017-9841), .env files, Redmine exp ... show more Coordinated scanner farm (VPN exit) probing for PHPUnit RCE (CVE-2017-9841), .env files, Redmine exposure show less	Web App Attack
🇩🇪 barbarella	2026-04-15 02:58:21 (2 months ago)	Configuration snooping in .env file (GET /..;/env.dev.js)	Hacking Web App Attack
Anonymous	2026-04-14 13:35:05 (2 months ago)	Automatic report - Vulnerability scan /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	Web App Attack
🇸🇬 Starburst SysOp Team	2026-04-14 13:26:00 (2 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-sin2-2)	Hacking Bad Web Bot
🇺🇸 interbiznw.com	2026-04-13 21:23:08 (2 months ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 Baking333	2026-04-13 21:01:14 (2 months ago)	[redacted] 37.140.254.138 - - [13/Apr/2026:22:01:13 +0100] "GET /wp-includes/ID3/autoload_classmap.p ... show more [redacted] 37.140.254.138 - - [13/Apr/2026:22:01:13 +0100] "GET /wp-includes/ID3/autoload_classmap.php HTTP/1.1" 301 592 0/166 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" [redacted] 37.140.254.138 - - [13/Apr/2026:22:01:13 +0100] "GET /wp-includes/pomo/[redacted] HTTP/1.1" 301 570 0/146 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-04-12 05:14:50 (2 months ago)	(mod_security-custom) mod_security (id:210492) triggered by 37.140.254.138 (CH/Switzerland/Zurich/Zu ... show more (mod_security-custom) mod_security (id:210492) triggered by 37.140.254.138 (CH/Switzerland/Zurich/Zurich/-/[AS206092 SECFIREWALLAS]): 1 in the last 3600 secs (0-srv1) show less	Hacking
Anonymous	2026-04-02 06:50:22 (2 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇷 dynamix	2026-03-01 13:38:42 (3 months ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-02-23 10:03:31 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-02-23 08:37:39 (3 months ago)	Multiple WAF Violations	Web App Attack
🇨🇦 Mediashaker	2026-02-20 17:21:48 (3 months ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 37.140.254.138 (CH/Switz ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 37.140.254.138 (CH/Switzerland/-) show less	Port Scan
🇬🇧 consul.to	2026-02-20 08:11:12 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-02-18 09:47:24 (3 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.51

🇺🇸 172.56.95.252

🇮🇳 154.84.242.115

🇰🇷 112.151.178.49

🇦🇴 102.213.34.99

🇦🇪 86.98.122.212

🇺🇸 20.115.90.12

🇨🇳 111.61.176.244

🇮🇩 103.155.47.102

🇺🇸 98.251.200.14

🇬🇧 86.164.185.206

🇱🇹 62.60.130.139

🇳🇱 45.142.193.164

🇪🇹 196.189.9.233

🇪🇸 185.237.234.64

🇺🇸 172.56.180.76

🇵🇰 153.117.15.132

🇨🇳 106.12.148.154

🇨🇦 99.236.225.215

🇫🇷 91.238.181.10