JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.140.254.3

37.140.254.3 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 32%: ?

32%

ISP	VPN Consumer Network Services
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇨🇭 Switzerland
City	Oberhausen-Boschenwiesen, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.140.254.3

Whois 37.140.254.3

IP Abuse Reports for 37.140.254.3:

This IP address has been reported a total of 83 times from 44 distinct sources. 37.140.254.3 was first reported on September 6th 2023, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 TechnoSolutions CL	2026-06-13 11:37:07 (1 hour ago)	37.140.254.3 - - [13/Jun/2026:11:37:06 +0000] "GET /wp-admin/network/config.php HTTP/1.1" 405 552 "- ... show more 37.140.254.3 - - [13/Jun/2026:11:37:06 +0000] "GET /wp-admin/network/config.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.140.254.3 - - [13/Jun/2026:11:37:07 +0000] "GET /wp-content/uploads/wc-logs/ HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.140.254.3 - - [13/Jun/2026:11:37:07 +0000] "GET /wp-includes/rest-api/admin.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 37.140.254.3 - - [13/Jun/2026:11:37:07 +0000] "GET /wp-includes/Requests/Utility/config.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Hacking Brute-Force Web App Attack
Anonymous	2026-06-13 04:07:06 (9 hours ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=7	Hacking
🇱🇻 garmtech.com	2026-05-20 06:27:21 (3 weeks ago)	IM360 WAF: Block access to the shell MV://vendor/htmlawed/htmlawed/gel4y.php	Hacking
🇺🇸 mnsf	2026-05-10 16:05:29 (1 month ago)	Too many Status 50X (73)	Brute-Force Web App Attack
🇫🇷 masterguru	2026-05-10 09:38:34 (1 month ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-193)	Hacking
🇵🇹 Information Security	2026-04-25 10:09:01 (1 month ago)	Web App Attack	Web App Attack
🇩🇪 ecs.ge	2026-04-20 23:30:14 (1 month ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇨🇳 ThreatBook.io	2026-04-16 23:55:25 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/37.140.254.3 202 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/37.140.254.3 2026-04-16 08:54:31 /phpinfo.php 2026-04-16 08:51:10 / 2026-04-16 04:09:36 /config.local.json show less	Web App Attack
🇩🇪 ecs.ge	2026-04-16 22:50:28 (1 month ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇩🇪 ecs.ge	2026-04-15 19:44:22 (1 month ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇮🇳 Starburst SysOp Team	2026-04-12 23:05:28 (2 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-bom2-2)	Hacking Bad Web Bot
🇺🇸 Starburst SysOp Team	2026-04-12 14:09:31 (2 months ago)	Content-Type header missing from request with non-zero Content-Length. Operator EQ matched 0 at REQU ... show more Content-Type header missing from request with non-zero Content-Length. Operator EQ matched 0 at REQUEST_HEADERS. (920340-stl2-13) show less	Hacking
🇨🇦 Mediashaker	2026-04-12 01:05:08 (2 months ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 37.140.254.3 (CH/Switzer ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 37.140.254.3 (CH/Switzerland/-) show less	Port Scan
🇷🇺 sms.ru	2026-03-25 17:00:11 (2 months ago)	/wp-admin/css/colors/index.php	Web App Attack
🇬🇧 consul.to	2026-03-25 13:05:59 (2 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 94.249.42.39

🇳🇱 51.158.173.123

🇧🇬 5.188.206.66

🇧🇪 198.235.24.155

🇩🇪 185.220.101.96

🇧🇼 168.167.228.74

🇬🇧 167.71.136.93

🇵🇰 149.40.242.144

🇮🇳 122.187.229.247

🇨🇳 113.116.183.14

🇵🇹 81.193.150.183

🇲🇾 49.124.152.250

🇭🇰 43.135.49.67

🇦🇪 2a00:f29:2c8:dbcf:785e:d11b:671c:96cb

🇨🇳 123.245.85.96

🇮🇩 101.255.122.114

🇧🇷 20.226.60.146

🇺🇸 18.191.237.206

🇺🇸 208.87.243.251

🇪🇸 207.188.158.216