JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.38.73.82

209.38.73.82 was found in our database!

This IP was reported 1,469 times. Confidence of Abuse is 8%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.38.73.82

Whois 209.38.73.82

IP Abuse Reports for 209.38.73.82:

This IP address has been reported a total of 1,469 times from 558 distinct sources. 209.38.73.82 was first reported on January 2nd 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 QSC-Sentinel	2026-05-20 21:58:09 (1 month ago)	Banned by fail2ban jail sshd on etlab-research	Brute-Force SSH
🇬🇧 thetomtaylor.co.uk	2026-05-05 23:08:18 (1 month ago)	Fail2Ban - [SSH]Brute-force login attempts on sshd ... [mx02]	Brute-Force SSH
🇪🇸 Gem	2025-11-12 13:13:51 (7 months ago)	Unauthorized web scan.	Web App Attack
🇹🇷 rtbh.com.tr	2025-11-09 20:09:50 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 octageeks.com	2025-11-08 05:06:53 (7 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇹🇷 rtbh.com.tr	2025-11-07 20:09:47 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-11-07 13:20:29 (7 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇬🇧 Mendip_Defender	2025-11-07 11:44:44 (7 months ago)	209.38.73.82 - - [07/Nov/2025:11:44:36 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.0" 404 4964 ... show more 209.38.73.82 - - [07/Nov/2025:11:44:36 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.0" 404 4964 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 209.38.73.82 - - [07/Nov/2025:11:44:36 +0000] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.0" 404 4964 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 209.38.73.82 - - [07/Nov/2025:11:44:36 +0000] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.0" 404 4964 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" ... show less	Hacking Web App Attack
🇫🇮 [email protected]	2025-11-07 11:36:55 (7 months ago)	Attack attempt against Interwebbi servers; (WPNINJA) Ninja Firewall attack on www.trackpunkracing.co ... show more Attack attempt against Interwebbi servers; (WPNINJA) Ninja Firewall attack on www.trackpunkracing.com (User enumeration scan (WP REST API)) 209.38.73.82 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); IP: 209.38.73.82; Ports: *; Direction: 0; Trigger: LF_CUSTOMTRIGGER; show less	Web App Attack
🇬🇧 Apache	2025-11-07 11:16:58 (7 months ago)	(mod_security) mod_security (id:210410) triggered by 209.38.73.82 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:210410) triggered by 209.38.73.82 (US/United States/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-07 11:11:21 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 209.38.73.82 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 209.38.73.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 06:11:13.936180 2025] [security2:error] [pid 26065:tid 26065] [client 209.38.73.82:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|skinnywheels.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "skinnywheels.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ3T0QOWYJ1JlYomBEf4VgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 tinect	2025-11-07 11:06:05 (7 months ago)	tries to find malicious content	Hacking Web App Attack
🇪🇸 masterguru	2025-11-07 10:30:20 (7 months ago)	WordPress: User enumeration. Pattern match "(author\\\\= (1000-123)	Web App Attack
🇮🇩 Burayot	2025-11-07 10:30:06 (7 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 209.38.73.82 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 209.38.73.82 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇪🇪 Unwasted	2025-11-07 09:15:23 (7 months ago)	Blocked IP still knocking	Hacking

Showing 1 to 15 of 1469 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.212

🇳🇱 160.119.69.16

🇺🇸 139.144.239.72

🇺🇸 98.84.122.14

🇬🇧 79.79.107.49

🇩🇴 38.210.90.57

🇬🇧 195.96.139.141

🇬🇧 195.96.139.111

🇮🇩 180.247.4.181

🇺🇾 179.29.192.71

🇫🇷 176.190.12.163

🇵🇭 118.193.73.8

🇭🇰 118.193.44.169

🇸🇦 109.82.106.45

🇰🇪 102.210.148.41

🇨🇳 49.73.235.4

🇨🇴 152.203.64.97

🇭🇺 84.225.51.158

🇺🇸 67.197.111.225

🇺🇸 47.77.232.127