JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.132.231.198

82.132.231.198 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 4%: ?

ISP	02 Online (uk)
Usage Type	Mobile ISP
ASN	AS35228
Hostname(s)	82-132-231-198.dab.02.net
Domain Name	02.net
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.132.231.198

Whois 82.132.231.198

IP Abuse Reports for 82.132.231.198:

This IP address has been reported a total of 9 times from 7 distinct sources. 82.132.231.198 was first reported on April 1st 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-13 06:43:39 (5 days ago)	Blocked by UFW (TCP on 1024) Source port: 8776 TTL: 35 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 1024) Source port: 8776 TTL: 35 Packet length: 60 TOS: 0x08 This report (for 82.132.231.198) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-11 00:05:51 (2 months ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (12/60 min)'; Requests=12	Port Scan
🇺🇸 TPI-Abuse	2026-04-10 23:20:40 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 82.132.231.198 (82-132-231-198.dab.02.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 82.132.231.198 (82-132-231-198.dab.02.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 19:20:33.125643 2026] [security2:error] [pid 1325786:tid 1325786] [client 82.132.231.198:17206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|difusionens.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "difusionens.org"] [uri "/wp-json/wp/v2/users"] [unique_id "admFwVnIYEsQ8Dy2Pid07AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-04-10 23:15:06 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-01 19:33:29 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 82.132.231.198 (82-132-231-198.dab.02.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 82.132.231.198 (82-132-231-198.dab.02.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 01 15:33:21.407213 2025] [security2:error] [pid 3974760:tid 3974760] [client 82.132.231.198:21859] [client 82.132.231.198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|smogsandiego.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "smogsandiego.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z-w_gVYQOe2AdrUrCgRyXQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 applemooz	2025-04-01 17:02:49 (1 year ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-04-01 16:53:40 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 82.132.231.198 (82-132-231-198.dab.02.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 82.132.231.198 (82-132-231-198.dab.02.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 01 12:53:30.429812 2025] [security2:error] [pid 30231:tid 30231] [client 82.132.231.198:23437] [client 82.132.231.198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|savingspools.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "savingspools.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z-waCtriFl2H1YZ-4jOm_AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Guardian	2025-04-01 12:05:45 (1 year ago)	Unauthorized connection attempt / Port scanning 82.132.231.198 [01/Apr/2025:12:05:45] "POST /xmlrpc. ... show more Unauthorized connection attempt / Port scanning 82.132.231.198 [01/Apr/2025:12:05:45] "POST /xmlrpc.php HTTP/1.1" show less	Port Scan Web App Attack
Anonymous	2025-04-01 11:33:34 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.103.215.91

🇮🇩 202.47.188.92

🇹🇭 202.29.5.180

🇫🇷 185.177.72.69

🇯🇵 165.154.231.236

🇺🇸 154.217.253.190

🇨🇳 120.239.57.239

🇨🇳 115.190.173.91

🇰🇷 106.251.244.178

🇬🇧 89.37.172.133

🇳🇱 45.148.10.141

🇺🇸 34.123.134.194

🇺🇸 20.168.7.168

🇫🇷 5.35.251.128

🇳🇱 185.223.235.55

🇨🇳 180.102.110.174

🇺🇸 172.237.136.213

🇫🇮 147.185.133.253

🇵🇭 139.135.222.222

🇺🇸 136.30.192.93