JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.236.88.82

109.236.88.82 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 48%: ?

48%

ISP	WorldStream IPv4.31
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49981
Hostname(s)	109-236-88-82.hosted-by-worldstream.net
Domain Name	worldstream.com
Country	🇳🇱 Netherlands
City	Rotterdam, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.236.88.82

Whois 109.236.88.82

IP Abuse Reports for 109.236.88.82:

This IP address has been reported a total of 74 times from 30 distinct sources. 109.236.88.82 was first reported on December 8th 2025, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-25 07:06:04 (14 hours ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-06.109.236.88.82.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-06.109.236.88.82.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:32:20 (5 days ago)	(mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstr ... show more (mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstream.net): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:32:13.631464 2026] [security2:error] [pid 23886:tid 23903] [client 109.236.88.82:46626] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|aafmgcc.com:443\|F\|4"] [data "CONNECT aafmgcc.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "aafmgcc.com"] [uri "/"] [unique_id "ajcG3amzXy4CGI9bg7K6WQAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 21:48:30 (2 weeks ago)	(mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstr ... show more (mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstream.net): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:48:25.644450 2026] [security2:error] [pid 1479:tid 1479] [client 109.236.88.82:35242] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|creartest.com:443\|F\|4"] [data "CONNECT creartest.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "creartest.com"] [uri "/"] [unique_id "aiXnKZWFTMPq_JlYd4HVXgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 03:36:37 (2 weeks ago)	(mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstr ... show more (mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstream.net): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:36:31.526455 2026] [security2:error] [pid 6792:tid 6827] [client 109.236.88.82:56602] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|super-8mm.com:443\|F\|4"] [data "CONNECT super-8mm.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "super-8mm.com"] [uri "/"] [unique_id "aiTnP1LAv4XPCas_rCWTiQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Al Coholic	2026-05-31 20:54:43 (3 weeks ago)	Detected By Fail2ban	Hacking Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-05-31 20:45:05 (3 weeks ago)	109.236.88.82 - - [31/May/2026:22:45:05 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.git/HEAD ... show more 109.236.88.82 - - [31/May/2026:22:45:05 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.git/HEAD HTTP/1.1" 403 440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 02:02:47 (3 weeks ago)	(mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstr ... show more (mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstream.net): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 22:02:38.987078 2026] [security2:error] [pid 15884:tid 15884] [client 109.236.88.82:54372] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|spacebooger.com:443\|F\|4"] [data "CONNECT spacebooger.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "spacebooger.com"] [uri "/"] [unique_id "ahuWvkwfRrpNp8GNLneRpAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Peter Chargen	2026-05-30 21:46:38 (3 weeks ago)	PHP email form abuse/SPAM attempt	Email Spam
🇺🇸 TPI-Abuse	2026-05-30 04:33:07 (3 weeks ago)	(mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstr ... show more (mod_security) mod_security (id:217210) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstream.net): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 00:32:59.666401 2026] [security2:error] [pid 29222:tid 29250] [client 109.236.88.82:33820] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|bullfrogspond.com:443\|F\|4"] [data "CONNECT bullfrogspond.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bullfrogspond.com"] [uri "/"] [unique_id "ahpoe8nQ5C0SOmRPPVd2DQAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-30 01:22:40 (3 weeks ago)	109.236.88.82 - - [29/May/2026:16:40:47 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 109. ... show more 109.236.88.82 - - [29/May/2026:16:40:47 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 109.236.88.82 - - [29/May/2026:17:23:34 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 109.236.88.82 - - [29/May/2026:17:24:44 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 109.236.88.82 - - [29/May/2026:19:08:39 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 109.236.88.82 - - [29/May/2026:19:22:39 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇦🇺 afleventoffice.com.au	2026-05-29 20:03:57 (3 weeks ago)	GET http://crickettraveloffice.com.au/contact.asp HTTP/1.0	Web App Attack
🇺🇸 ezsystems.com	2026-05-28 13:56:08 (4 weeks ago)		Web Spam
🇨🇭 Origon	2026-05-28 05:13:05 (4 weeks ago)	http-open-proxy - IP: 109.236.88.82 - time="2026-05-28T07:13:05+02:00" level=info msg="(555f66b4f6a ... show more http-open-proxy - IP: 109.236.88.82 - time="2026-05-28T07:13:05+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-open-proxy by ip 109.236.88.82 (NL/49981) : 4h ban on Ip 109.236.88.82" module=db show less	Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (4 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇮🇩 Burayot	2026-05-21 16:45:31 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 109.236.88.82 (109-236-88-82.hosted- ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 109.236.88.82 (109-236-88-82.hosted-by-worldstream.net): 1 in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 213.176.112.172

🇺🇸 209.145.56.119

🇦🇷 191.97.99.211

🇺🇸 136.114.17.50

🇺🇸 134.122.125.153

🇮🇩 103.242.105.66

🇱🇻 81.30.98.49

🇻🇪 38.150.94.75

🇺🇸 34.106.179.142

🇺🇸 34.46.125.108

🇨🇦 23.234.122.112

🇺🇸 20.80.105.157

🇪🇸 188.77.108.250

🇨🇱 186.189.85.127

🇺🇸 154.83.197.121

🇸🇬 152.42.177.64

🇮🇹 151.74.222.154

🇨🇳 118.81.192.103

🇩🇪 93.236.58.245

🇺🇸 47.88.56.201