JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.118.29.233

82.118.29.233 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 62%: ?

62%

ISP	Sheimo Scorpion Data AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	scorpiondata.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.118.29.233

Whois 82.118.29.233

IP Abuse Reports for 82.118.29.233:

This IP address has been reported a total of 130 times from 74 distinct sources. 82.118.29.233 was first reported on August 10th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-27 15:54:08 (1 day ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 11:35:23 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 07:35:03.042225 2026] [security2:error] [pid 5932:tid 5932] [client 82.118.29.233:55037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.johneiden.com"] [uri "/config/parameters.yml"] [unique_id "aj-1Z3vFZ-Rm5lwMK8Y3tQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 10:56:17 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:55:56.000012 2026] [security2:error] [pid 30905:tid 30905] [client 82.118.29.233:20741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heytechiesshow.com"] [uri "/.htaccess"] [unique_id "aj-sO96F1Bq9VBHV6eLOIAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 10:28:24 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:28:07.130797 2026] [security2:error] [pid 29770:tid 29770] [client 82.118.29.233:29491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lyounglaw.com"] [uri "/.env"] [unique_id "aj-ltx4bsvjlpr0u-uSALAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2026-06-27 06:25:53 (2 days ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/api/config.json, Method:GET, UA:Mozilla/5.0 ( ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/api/config.json, Method:GET, UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36 show less	Port Scan Web App Attack Bad Web Bot
🇬🇧 Marten Mark	2026-06-27 06:16:24 (2 days ago)	82.118.29.233 - - [27/Jun/2026:06:16:23 +0000] "GET /.env.local HTTP/1.1" 404 150 "-" "Mozilla/5.0 ( ... show more 82.118.29.233 - - [27/Jun/2026:06:16:23 +0000] "GET /.env.local HTTP/1.1" 404 150 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack Bad Web Bot
🇩🇪 Mykola Spesivtsev	2026-06-27 03:26:21 (2 days ago)	HTTP Tarpit detected bot activity:TargetPort:443, Path:/npm-debug.log, Method:GET, UA:Mozilla/5.0 (W ... show more HTTP Tarpit detected bot activity:TargetPort:443, Path:/npm-debug.log, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0 show less	Port Scan Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-27 02:11:01 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 82.118.29.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:09:31.727565 2026] [security2:error] [pid 19197:tid 19197] [client 82.118.29.233:61651] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|trafficstopper.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "trafficstopper.com"] [uri "/database.ini"] [unique_id "aj8w2wlK10eh24yzv3mmiQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mccsoft.io	2026-06-27 00:07:34 (2 days ago)	Web application attack / vulnerability scanning. Source sent 3 HTTP request(s) (3 distinct paths) to ... show more Web application attack / vulnerability scanning. Source sent 3 HTTP request(s) (3 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /npm-debug.log \| GET /openapi.json \| GET /php-info.php. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.3. Observed 2026-06-27 00:06:02 to 2026-06-27 00:06:14 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot. show less	Bad Web Bot Web App Attack
Anonymous	2026-06-26 22:29:43 (2 days ago)	82.118.29.233 - - [27/Jun/2026:01:29:26 +0300] "GET /settings.js HTTP/1.1" 404 257 82.118.29.233 - - ... show more 82.118.29.233 - - [27/Jun/2026:01:29:26 +0300] "GET /settings.js HTTP/1.1" 404 257 82.118.29.233 - - [27/Jun/2026:01:29:38 +0300] "GET /database.json HTTP/1.1" 404 259 82.118.29.233 - - [27/Jun/2026:01:29:41 +0300] "GET /public/config.js HTTP/1.1" 404 262 show less	Bad Web Bot
Anonymous	2026-06-26 18:58:06 (2 days ago)	fail2ban_an apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/rest/. ... show more fail2ban_an apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/rest/.env"] show less	Bad Web Bot Web App Attack
Anonymous	2026-06-26 18:37:13 (2 days ago)	82.118.29.233 - - [26/Jun/2026:18:37:12 +0000] "GET /.env HTTP/1.1" 404 6978 "-" "Mozilla/5.0 (Macin ... show more 82.118.29.233 - - [26/Jun/2026:18:37:12 +0000] "GET /.env HTTP/1.1" 404 6978 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4) AppleWebKit/537.36 Chrome/123.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-26 17:58:18 (2 days ago)	82.118.29.233 - - [26/Jun/2026:19:58:17 +0200] "GET /.env.prod HTTP/1.1" 403 2368 "-" "Mozilla/5.0 ( ... show more 82.118.29.233 - - [26/Jun/2026:19:58:17 +0200] "GET /.env.prod HTTP/1.1" 403 2368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-18 10:43:27 (1 week ago)	(PERMBLOCK) 82.118.29.233 (SE/Sweden/-) has had more than 4 temp blocks	Hacking
Anonymous	2026-06-18 08:56:51 (1 week ago)	(wordpress) Failed wordpress login from 82.118.29.233 (SE/Sweden/-)	Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 160.119.69.14

🇿🇦 105.216.107.93

🇪🇸 85.251.51.122

🇰🇷 211.253.10.61

🇮🇶 204.154.201.108

🇵🇦 200.115.141.58

🇲🇽 186.96.158.180

🇨🇴 181.51.34.153

🇳🇱 176.65.148.144

🇮🇩 175.184.236.68

🇵🇰 139.135.44.123

🇵🇭 136.158.29.48

🇨🇳 111.31.165.51

🇿🇦 105.209.145.73

🇲🇦 105.188.81.181

🇮🇳 103.55.89.5

🇸🇬 20.212.226.51

🇺🇸 18.116.101.220

🇺🇸 3.133.55.150

🇰🇷 211.223.107.86