JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.118.29.241

82.118.29.241 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 60%: ?

60%

ISP	Sheimo Scorpion Data AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	scorpiondata.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.118.29.241

Whois 82.118.29.241

IP Abuse Reports for 82.118.29.241:

This IP address has been reported a total of 147 times from 63 distinct sources. 82.118.29.241 was first reported on August 10th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇪 AutosOnShow	2026-06-28 19:19:08 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-28 19:18:08.488 \|	Web App Attack
Anonymous	2026-06-27 15:54:49 (2 days ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 11:35:13 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 07:34:40.510265 2026] [security2:error] [pid 901:tid 901] [client 82.118.29.241:29939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.johneiden.com"] [uri "/.env"] [unique_id "aj-1UHqLgK4cox7N3QSp7wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 10:28:22 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:28:10.429745 2026] [security2:error] [pid 29770:tid 29770] [client 82.118.29.241:22759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lyounglaw.com"] [uri "/.env"] [unique_id "aj-luh4bsvjlpr0u-uSALgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Marten Mark	2026-06-27 06:16:27 (2 days ago)	82.118.29.241 - - [27/Jun/2026:06:16:23 +0000] "GET /.env.local HTTP/1.1" 404 150 "-" "Mozilla/5.0 ( ... show more 82.118.29.241 - - [27/Jun/2026:06:16:23 +0000] "GET /.env.local HTTP/1.1" 404 150 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.4 Safari/605.1.15" ... show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-27 02:10:21 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:10:07.911312 2026] [security2:error] [pid 20197:tid 20197] [client 82.118.29.241:61243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trafficstopper.com"] [uri "/laravel/.env"] [unique_id "aj8w_92BPfg0b7QMyaX0lAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mccsoft.io	2026-06-27 00:06:40 (3 days ago)	Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to ... show more Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /.env. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.4 Safari/6. Observed 2026-06-27 00:06:02 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot. show less	Bad Web Bot Web App Attack
🇫🇷 Petre 21_ip	2026-06-26 23:18:42 (3 days ago)	2026-06-27T01:18:40.993398+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-27T01:18:40.993398+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=82.118.29.241 DST=155.133.26.57 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=48253 DF PROTO=TCP SPT=36477 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 YF	2026-06-26 19:20:12 (3 days ago)	Environment file probe	Web App Attack
Anonymous	2026-06-18 10:49:59 (1 week ago)	(wordpress) Failed wordpress login from 82.118.29.241 (SE/Sweden/-)	Brute-Force
🇺🇸 Dolphi	2026-06-17 19:20:08 (1 week ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-05-20 21:48:33 (1 month ago)	82.118.29.241 - - [21/May/2026:00:48:32 +0300] "GET /wp-content/plugins/core-plugin/include.php HTTP ... show more 82.118.29.241 - - [21/May/2026:00:48:32 +0300] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 404 709 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 Octopuce	2026-05-20 17:07:02 (1 month ago)	Aggressive web search of vulnerable pages: /templates/protostar/error.php /templates/beez3/error.php ... show more Aggressive web search of vulnerable pages: /templates/protostar/error.php /templates/beez3/error.php /templates/beez3/jsstrings.php /templates/ ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-20 16:49:27 (1 month ago)	82.118.29.241 - - [20/May/2026:19:49:26 +0300] "GET /wp-content/themes/aahana/json.php HTTP/1.1" 404 ... show more 82.118.29.241 - - [20/May/2026:19:49:26 +0300] "GET /wp-content/themes/aahana/json.php HTTP/1.1" 404 711 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇸🇪 KIDOS	2026-05-20 04:30:30 (1 month ago)	CrowdSec detected malicious activity	DDoS Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇹 213.225.0.131

🇳🇱 204.76.203.49

🇳🇱 193.176.31.225

🇳🇱 185.226.197.35

🇭🇰 123.58.215.196

🇮🇩 103.97.101.25

🇺🇸 87.249.134.24

🇱🇹 81.30.98.44

🇺🇸 66.132.172.247

🇸🇬 47.84.111.82

🇧🇷 45.71.104.168

🇬🇧 213.166.84.47

🇦🇱 185.224.103.142

🇽🇰 185.186.83.38

🇫🇷 185.177.72.17

🇹🇭 184.22.78.234

🇮🇩 180.241.251.253

🇫🇮 147.185.133.18

🇺🇸 136.34.101.98

🇺🇸 104.140.148.54