JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.140.254.207

37.140.254.207 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 13%: ?

13%

ISP	VPN Consumer Network Services
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇨🇭 Switzerland
City	Oberhausen-Boschenwiesen, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.140.254.207

Whois 37.140.254.207

IP Abuse Reports for 37.140.254.207:

This IP address has been reported a total of 81 times from 42 distinct sources. 37.140.254.207 was first reported on September 6th 2023, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 SentinalX by uzumaru	2026-06-29 06:36:35 (7 hours ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443 show less	Open Proxy Port Scan
🇨🇦 TechnoSolutions CL	2026-06-13 11:34:49 (2 weeks ago)	37.140.254.207 - - [13/Jun/2026:11:34:48 +0000] "GET /wp-includes/blocks/group/ HTTP/1.1" 405 552 "- ... show more 37.140.254.207 - - [13/Jun/2026:11:34:48 +0000] "GET /wp-includes/blocks/group/ HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.140.254.207 - - [13/Jun/2026:11:34:48 +0000] "GET /wp-content/uploads/wp-load.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.140.254.207 - - [13/Jun/2026:11:34:49 +0000] "GET /wp-includes/js/dist HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.140.254.207 - - [13/Jun/2026:11:34:49 +0000] "GET /wp-includes/certificates/autoload_classmap.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 Major Hostility	2026-04-29 02:09:15 (2 months ago)	"GET /images/images/cache.php HTTP/1.1" 404 "GET /api/objects/codes.php HTTP/1.1" 404 "GET /wp-inclu ... show more "GET /images/images/cache.php HTTP/1.1" 404 "GET /api/objects/codes.php HTTP/1.1" 404 "GET /wp-includes/blocks/gallery/index.php HTTP/1.1" 404 "GET /sites/all/libraries/elfinder/src/connectors/php/connector.php HTTP/1.1" 404 "GET /wp-content/themes/twentytwentyfour/patterns/gallery-offset-images-grid-4-col.php HTTP/1.1" 404 "GET /wp-content/plugins/yanierin/akcc.php HTTP/1.1" 404 "GET /dup-installer/main.installer.php HTTP/1.1" 404 "GET /wp-admin/options-writing.php HTTP/1.1" 404 "GET /wp-includes/blocks/nextpage/index.php HTTP/1.1" 404 "GET /wp-content/plugins/wpcss/404.php HTTP/1.1" 404 "GET /admin/assets/global/plugins/jquery-file-upload/server/php/index.php HTTP/1.1" 404 "GET /assets/images/accesson.php HTTP/1.1" 404 show less	Web App Attack
🇫🇷 dynamix	2026-04-28 21:42:07 (2 months ago)	Multiple WAF Violations	Web App Attack
🇮🇹 Progetto1	2026-04-28 09:35:03 (2 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 ipblock.com	2026-04-27 02:46:00 (2 months ago)	IPBlock protected site ID [4055-d][s=07]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇫🇮 YF	2026-04-27 01:01:12 (2 months ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇵🇹 Information Security	2026-04-25 10:09:03 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 ecs.ge	2026-04-20 23:30:00 (2 months ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇺🇸 c y	2026-04-17 00:10:52 (2 months ago)	Security Monitor detected: sensitive_path_access	Port Scan
🇩🇪 ecs.ge	2026-04-16 22:50:17 (2 months ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇺🇸 jcbriar	2026-04-16 21:36:22 (2 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇩🇪 ecs.ge	2026-04-15 19:57:54 (2 months ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇸🇬 Starburst SysOp Team	2026-04-12 17:45:25 (2 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-sin2-2)	Hacking Bad Web Bot
🇦🇺 Starburst SysOp Team	2026-04-12 14:01:43 (2 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-syd2-4)	Hacking Bad Web Bot

Showing 1 to 15 of 81 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.232.176.7

🇪🇸 194.62.96.221

🇧🇷 179.97.27.72

🇧🇷 179.43.9.2

🇯🇵 163.44.101.215

🇧🇷 131.100.131.61

🇺🇸 104.248.208.166

🇺🇸 104.198.21.1

🇧🇬 93.94.141.115

🇷🇴 80.94.95.211

🇳🇱 204.76.203.212

🇲🇦 196.74.180.79

🇩🇪 185.242.3.226

🇻🇳 183.91.186.36

🇷🇺 178.176.178.161

🇧🇷 170.239.72.126

🇺🇸 162.241.235.142

🇺🇸 157.230.142.72

🇧🇷 129.121.42.131

🇨🇳 116.179.32.46