JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.60.247.234

37.60.247.234 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 18%: ?

18%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi1819623.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.60.247.234

Whois 37.60.247.234

IP Abuse Reports for 37.60.247.234:

This IP address has been reported a total of 76 times from 45 distinct sources. 37.60.247.234 was first reported on May 6th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-11 21:59:31 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-10. show less	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-06-09 22:44:46 (2 weeks ago)	1.122 requests with url.path *.env	Brute-Force Bad Web Bot
🇷🇺 DZBOT	2026-06-09 12:24:15 (2 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇩🇪 Bedios GmbH	2026-04-24 12:51:25 (2 months ago)	Login credentials theft attempt	Hacking
Anonymous	2026-04-24 12:28:16 (2 months ago)	SQL Injection	SQL Injection
🇹🇼 kk_it_man	2026-04-24 12:13:02 (2 months ago)	ET INFO Request to Hidden Environment File - Inbound ET WEB_SERVER Script tag in URI Possible Cros ... show more ET INFO Request to Hidden Environment File - Inbound ET WEB_SERVER Script tag in URI Possible Cross Site Scripting Attempt show less	Port Scan
🇩🇪 strzonnek	2026-04-24 12:09:49 (2 months ago)	attack on webform	Brute-Force Web App Attack
🇩🇪 grassau.com	2026-04-24 11:58:41 (2 months ago)	Port Scan detected from 37.60.247.234 (FR/France/Bas-Rhin/Lauterbourg/vmi1819623.contaboserver.net ... show more Port Scan detected from 37.60.247.234 (FR/France/Bas-Rhin/Lauterbourg/vmi1819623.contaboserver.net). show less	Port Scan
🇭🇺 zolav8	2026-04-24 10:10:18 (2 months ago)	SQL injection / web attack attempt	Hacking SQL Injection
🇯🇵 HeliJP	2026-04-24 09:45:32 (2 months ago)	2026-04-24T08:58:43Z - Recognized attacks\bad behavior from IP address 37.60.247.234 on port 443\80 ... show more 2026-04-24T08:58:43Z - Recognized attacks\bad behavior from IP address 37.60.247.234 on port 443\80 (78 daily hits): Path Traversal Attack (/../), OS File Access Attempt, Remote Command Execution: Unix Shell Code Found, Multiple URL Encoding Detected, XSS Attack Detected via libinjection, SQLi bypass attempt by ticks detected, SQL Injection Attack: Common Injection Testing Detected, Detects classic SQL injection probings 2/3, SQL Injection Attack: SQL Tautology Detected, XSS Filter - Category 1: Script Tag Vector, Possible XSS Attack Detected - HTML Tag Handler, Detects classic SQL injection probings 1/3, NoScript XSS InjectionChecker: HTML Injection, Restricted File Access Attempt show less	Hacking Web App Attack SQL Injection
Anonymous	2026-04-24 09:20:01 (2 months ago)	suspicious request in access.log	Web App Attack
🇬🇧 poundawebsiteltd	2026-04-23 22:35:46 (2 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 37.60.247.234 - - [23/Apr/2026:2 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 37.60.247.234 - - [23/Apr/2026:23:35:45 +0100] GET /forum/ucp.php?mode=register%27 HTTP/1.1 200 8803 - Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 22:23:32 (2 months ago)	(mod_security) mod_security (id:212620) triggered by 37.60.247.234 (vmi1819623.contaboserver.net): 1 ... show more (mod_security) mod_security (id:212620) triggered by 37.60.247.234 (vmi1819623.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 18:23:25.937514 2026] [security2:error] [pid 19029:tid 19029] [client 37.60.247.234:48974] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|hanabritgermanshepherds.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php/puppies/index.php?itemid=116&catid=2&id=23&option=<script>alert('xss')</script>&view=article"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "hanabritgermanshepherds.com"] [uri "/index.php/puppies/index.php"] [unique_id "aeqb3WblUjwg9VmX7y4CGgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 21:58:06 (2 months ago)	(mod_security) mod_security (id:212620) triggered by 37.60.247.234 (vmi1819623.contaboserver.net): 1 ... show more (mod_security) mod_security (id:212620) triggered by 37.60.247.234 (vmi1819623.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 17:58:01.548769 2026] [security2:error] [pid 9521:tid 9521] [client 37.60.247.234:36804] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|www.powerkiteforum.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /viewthread.php?tid=<script>alert('xss')</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.powerkiteforum.com"] [uri "/viewthread.php"] [unique_id "aeqV6YZUXiVhRmQylnCQowAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-04-23 21:19:48 (2 months ago)	SQL injection attempt	SQL Injection

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2404:6800:4003:c0f::127

🇺🇸 2602:80d:1007::61

🇹🇬 196.171.22.50

🇳🇱 176.65.139.181

🇨🇦 99.250.201.209

🇧🇷 190.115.84.25

🇩🇪 167.233.38.249

🇺🇸 147.185.132.67

🇷🇴 141.98.83.240

🇱🇹 62.60.130.148

🇺🇸 205.210.31.55

🇧🇷 129.121.42.131

🇺🇸 66.132.224.18

🇳🇱 45.153.34.235

🇸🇾 5.0.47.159

🇨🇦 4.239.240.98

🇧🇪 178.51.62.121

🇺🇸 162.216.149.121

🇺🇸 147.185.132.75

🇭🇰 101.36.106.134