AbuseIPDB » 37.140.254.51
37.140.254.51 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 42% : ?
ISP
VPN Consumer Network Services
Usage Type
Data Center/Web Hosting/Transit
ASN
AS206092
Domain Name
vpnconsumer.com
Country
๐จ๐ญ
Switzerland
City
Oberhausen-Boschenwiesen, Zurich
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 37.140.254.51 :
This IP address has been reported a total of
8
times from
7 distinct
sources.
37.140.254.51 was first reported on
June 9th 2026 , and the most recent report was
53 minutes ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
Starburst SysOp Team
2026-07-01 17:05:42
(53 minutes ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-nue6-1)
Hacking
Bad Web Bot
๐จ๐ญ
YF
2026-07-01 17:00:41
(58 minutes ago)
Attaque distribuรฉe subnet
DDoS Attack
Web App Attack
๐ฌ๐ง
markawes
2026-07-01 16:14:04
(1 hour ago)
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
37.140.254.51 ...
show more
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
37.140.254.51 - - [01/Jul/2026:16:13:59 +0000] "GET /.env HTTP/1.1" 404 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"
37.140.254.51 - - [01/Jul/2026:16:14:04 +0000] "GET /.env.local HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36"
show less
Web App Attack
Port Scan
Anonymous
2026-07-01 15:51:54
(2 hours ago)
2026/07/01 15:51:48 [error] 3404736#3404736: *12697 [client 37.140.254.51] ModSecurity: Access denie ...
show more
2026/07/01 15:51:48 [error] 3404736#3404736: *12697 [client 37.140.254.51] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.27.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "94.72.101.158"] [uri "/.env"] [unique_id "178292110873.469901"] [ref ""], client: 37.140.254.51, server: srv.ingeltechgh.com, request: "GET /.env HTTP/1.1", host: "94.72.101.158"
2026/07/01 15:51:52 [error] 3404734#3404734: *12711 [client 37.140.254.51] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity
...
show less
Brute-Force
๐ซ๐ท
YF
2026-07-01 15:15:57
(2 hours ago)
Environment file probe
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-01 08:22:22
(9 hours ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-09 16:05:57
(3 weeks ago)
37.140.254.51 - - [09/Jun/2026:19:05:56 +0300] "GET /wp-includes/images/smilies/about.php HTTP/1.1" ...
show more
37.140.254.51 - - [09/Jun/2026:19:05:56 +0300] "GET /wp-includes/images/smilies/about.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
37.140.254.51 - - [09/Jun/2026:19:05:56 +0300] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
Octopuce
2026-06-09 12:37:50
(3 weeks ago)
Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ...
show more
Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ...
show less
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: