AbuseIPDB » 37.140.254.9
37.140.254.9 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 47% : ?
ISP
VPN Consumer Network Services
Usage Type
Data Center/Web Hosting/Transit
ASN
AS206092
Domain Name
vpnconsumer.com
Country
π¨π
Switzerland
City
Oberhausen-Boschenwiesen, Zurich
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 37.140.254.9 :
This IP address has been reported a total of
9
times from
8 distinct
sources.
37.140.254.9 was first reported on
June 9th 2026 , and the most recent report was
1 day ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
πͺπΈ
DXC-0
2026-07-02 03:00:55
(1 day ago)
Multiple attacks on Honeypot servers
Web Spam
Brute-Force
Web App Attack
Hacking
π©πͺ
Starburst SysOp Team
2026-07-01 17:05:45
(2 days ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-nue6-1)
Hacking
Bad Web Bot
π¨π
YF
2026-07-01 17:00:42
(2 days ago)
Attaque distribuΓ©e subnet
DDoS Attack
Web App Attack
π¬π§
markawes
2026-07-01 16:14:47
(2 days ago)
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
37.140.254.9 ...
show more
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
37.140.254.9 - - [01/Jul/2026:16:14:04 +0000] "GET /.env HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36"
37.140.254.9 - - [01/Jul/2026:16:14:46 +0000] "GET /.env.old HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36"
show less
Web App Attack
Port Scan
π«π·
YF
2026-07-01 15:15:59
(2 days ago)
Environment file probe
Web App Attack
π«π·
Baking333
2026-07-01 11:55:20
(2 days ago)
redacted:443 37.140.254.9 - - [01/Jul/2026:12:55:03 +0100] "GET /.[redacted] HTTP/1.1" 200 5359 0/29 ...
show more
redacted:443 37.140.254.9 - - [01/Jul/2026:12:55:03 +0100] "GET /.[redacted] HTTP/1.1" 200 5359 0/29187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" redacted:80 37.140.254.9 - - [01/Jul/2026:12:55:13 +0100] "GET /.[redacted] HTTP/1.1" 200 166 0/14109 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
πΊπΈ
technojoe99
2026-07-01 07:28:44
(2 days ago)
Exploit scan from 37.140.254.9. GET /.git/config HTTP/1.1.
Web App Attack
π«π·
LoneRider
2026-07-01 06:43:25
(2 days ago)
[01/Jul/2026:08:43:18.219053 +0200] akS3BsgC6az2T7IUXgSDhAAAAAA 37.140.254.9 37196 127.0.0.1 7081
[0 ...
show more
[01/Jul/2026:08:43:18.219053 +0200] akS3BsgC6az2T7IUXgSDhAAAAAA 37.140.254.9 37196 127.0.0.1 7081
[01/Jul/2026:08:43:21.632005 +0200] akS3Cf9VMCtYGj7BKzBS1AAAAAM 37.140.254.9 52242 127.0.0.1 7080
[01/Jul/2026:08:43:25.627534 +0200] akS3DXJl1kC78cEQYZ6LDwAAAAQ 37.140.254.9 52388 127.0.0.1 7080
...
show less
Hacking
π«π·
Octopuce
2026-06-09 12:39:32
(3 weeks ago)
Aggressive web search of vulnerable pages: /wp-content/1.php /ioxi-o.php /info.php /setup.php /.bod/ ...
show more
Aggressive web search of vulnerable pages: /wp-content/1.php /ioxi-o.php /info.php /setup.php /.bod/.ll/ss.php /.well-known/radio.php /wp-conte ...
show less
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: