JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.118.29.237

82.118.29.237 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 63%: ?

63%

ISP	Sheimo Scorpion Data AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	scorpiondata.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.118.29.237

Whois 82.118.29.237

IP Abuse Reports for 82.118.29.237:

This IP address has been reported a total of 121 times from 59 distinct sources. 82.118.29.237 was first reported on August 10th 2022, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 10:56:29 (34 minutes ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:56:05.569231 2026] [security2:error] [pid 26384:tid 26384] [client 82.118.29.237:48457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heytechiesshow.com"] [uri "/.env.staging"] [unique_id "aj-sRYDAgv29sTJK0a1-4QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 10:28:51 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:28:33.171923 2026] [security2:error] [pid 20559:tid 20559] [client 82.118.29.237:52741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lyounglaw.com"] [uri "/.env.staging"] [unique_id "aj-l0WZ8FFCL6VT2T_wj2wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 07:56:35 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:56:22.516012 2026] [security2:error] [pid 6086:tid 6086] [client 82.118.29.237:64745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.iwsa.info"] [uri "/.env.backup"] [unique_id "aj-CJn8BJPP-aBaCVN5HGgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2026-06-27 04:29:57 (7 hours ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/src/config.js, Method:GET, UA:Mozilla/5.0 (X1 ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/src/config.js, Method:GET, UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36 show less	Port Scan Web App Attack Bad Web Bot
🇩🇪 Mykola Spesivtsev	2026-06-27 03:43:58 (7 hours ago)	HTTP Tarpit detected bot activity:TargetPort:443, Path:/.env, Method:GET, UA:Mozilla/5.0 (Windows NT ... show more HTTP Tarpit detected bot activity:TargetPort:443, Path:/.env, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36 show less	Port Scan Web App Attack Bad Web Bot
🇩🇪 Mykola Spesivtsev	2026-06-27 02:55:05 (8 hours ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/docker-compose.yml, Method:GET, UA:Mozilla/5. ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/docker-compose.yml, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36 show less	Port Scan Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-27 02:10:36 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:09:26.246129 2026] [security2:error] [pid 18953:tid 18953] [client 82.118.29.237:52469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trafficstopper.com"] [uri "/.env.prod"] [unique_id "aj8w1v8EP6DhAHPS51Cu0QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2026-06-27 01:52:58 (9 hours ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0 ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0 show less	Port Scan Web App Attack Bad Web Bot
🇺🇸 mccsoft.io	2026-06-27 00:09:24 (11 hours ago)	Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to ... show more Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /.env.staging. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0. Observed 2026-06-27 00:06:23 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot. show less	Bad Web Bot Web App Attack
🇩🇪 kkwemi	2026-06-26 20:34:33 (14 hours ago)	Blocked by block-exploit-paths on /.env.production	Bad Web Bot
Anonymous	2026-06-26 17:58:36 (17 hours ago)	82.118.29.237 - - [26/Jun/2026:19:58:36 +0200] "GET /.env.development HTTP/1.1" 403 2368 "-" "Mozill ... show more 82.118.29.237 - - [26/Jun/2026:19:58:36 +0200] "GET /.env.development HTTP/1.1" 403 2368 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.3 Safari/605.1.15" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-18 12:52:31 (1 week ago)	(PERMBLOCK) 82.118.29.237 (SE/Sweden/-) has had more than 4 temp blocks	Hacking
Anonymous	2026-06-18 09:48:32 (1 week ago)	(wordpress) Failed wordpress login from 82.118.29.237 (SE/Sweden/-)	Brute-Force
🇫🇷 dynamix	2026-06-18 07:03:17 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇲🇽 octageeks.com	2026-06-18 04:20:54 (1 week ago)	Wordpress malicious attack:[octamissingdomain]	Web App Attack

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 136.144.19.159

🇸🇪 88.218.45.142

🇮🇩 202.145.0.61

🇮🇶 169.224.41.168

🇩🇪 165.245.240.81

🇺🇸 64.62.156.91

🇬🇧 217.146.80.108

🇺🇸 193.36.224.7

🇨🇳 175.19.75.82

🇮🇹 169.155.232.220

🇺🇸 162.216.150.47

🇺🇸 157.245.143.46

🇸🇬 139.99.82.130

🇸🇬 101.47.156.21

🇺🇸 100.28.153.226

🇧🇬 91.148.190.150

🇯🇵 84.37.36.4

🇸🇪 189.81.8.248

🇺🇸 134.122.115.47

🇭🇰 118.193.47.155