JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.180.132.232

82.180.132.232 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 88%: ?

88%

ISP	TerraTransit AG
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	terratransit.de
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.180.132.232

Whois 82.180.132.232

IP Abuse Reports for 82.180.132.232:

This IP address has been reported a total of 40 times from 21 distinct sources. 82.180.132.232 was first reported on April 8th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-20 04:17:23 (17 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:20:55 (22 hours ago)	(mod_security) mod_security (id:225170) triggered by 82.180.132.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 82.180.132.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:20:52.030938 2026] [security2:error] [pid 21420:tid 21420] [client 82.180.132.232:48848] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vintageamptubes.ink2wear.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vintageamptubes.ink2wear.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajXO1FXv3r5DQbFu-mgVKgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:58:21 (22 hours ago)	(mod_security) mod_security (id:225170) triggered by 82.180.132.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 82.180.132.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:58:13.948084 2026] [security2:error] [pid 15971:tid 15971] [client 82.180.132.232:53382] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marklex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marklex.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajXJhYm1QOHb4WQrHnhZNgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-06-19 17:35:14 (1 day ago)	2026-06-19T19:35:13.848920+02:00 web wordpress(varhanykolin.cz)[4138508]: Immediately block connecti ... show more 2026-06-19T19:35:13.848920+02:00 web wordpress(varhanykolin.cz)[4138508]: Immediately block connections from 82.180.132.232 ... show less	Brute-Force
🇩🇪 Lino Project	2026-06-19 16:30:09 (1 day ago)	82.180.132.232 - - [19/Jun/2026:18:30:05 +0200] "GET /wp-login.php HTTP/2.0" 403 285 "-" "Mozilla/5. ... show more 82.180.132.232 - - [19/Jun/2026:18:30:05 +0200] "GET /wp-login.php HTTP/2.0" 403 285 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 eliosbrocchi	2026-06-19 16:24:52 (1 day ago)	2026-06-19T18:24:51.341075+02:00 thunderchild wordpress(vocidallapiazzaliberta.ddns.net)[12915]: Imm ... show more 2026-06-19T18:24:51.341075+02:00 thunderchild wordpress(vocidallapiazzaliberta.ddns.net)[12915]: Immediately block connections from 82.180.132.232 ... show less	VPN IP
🇩🇪 LRob.fr	2026-06-19 16:15:05 (1 day ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 dtorrer	2026-06-19 16:07:35 (1 day ago)	Forged login request.	Brute-Force
🇺🇸 cwytech	2026-06-19 16:01:35 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-login-lockdown-high.	Bad Web Bot Web App Attack
Anonymous	2026-06-19 16:01:24 (1 day ago)	82.180.132.232 - - [19/Jun/2026:17:52:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9976 "https://joyc ... show more 82.180.132.232 - - [19/Jun/2026:17:52:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9976 "https://joycomfortlodge.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 82.180.132.232 - - [19/Jun/2026:17:52:43 +0200] "POST /wp-login.php HTTP/1.1" 200 9452 "https://joycomfortlodge.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 82.180.132.232 - - [19/Jun/2026:18:00:45 +0200] "POST /wp-login.php HTTP/1.1" 200 2668 "https://wasarec.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 82.180.132.232 - - [19/Jun/2026:18:00:45 +0200] "POST /wp-login.php HTTP/1.1" 200 2149 "https://wasarec.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 82.180.132.232 - - [19/Jun/2026:18:01:23 ... show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-19 15:55:22 (1 day ago)	(wordpress) Apache: Failed WordPress login from 82.180.132.232 (US/United States/-): 10 in the last ... show more (wordpress) Apache: Failed WordPress login from 82.180.132.232 (US/United States/-): 10 in the last 3600 secs (0-195) show less	Hacking
🇳🇴 jad-abuse	2026-06-19 15:51:20 (1 day ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_login. ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_login. Observed by 1 sensor(s); 2 hits. show less	Brute-Force Web App Attack
🇺🇸 Victor López	2026-06-19 15:51:12 (1 day ago)	empresarioexpress.com 82.180.132.232 - - [19/Jun/2026:10:51:10 -0500] "GET /wp-login.php HTTP/2.0" 2 ... show more empresarioexpress.com 82.180.132.232 - - [19/Jun/2026:10:51:10 -0500] "GET /wp-login.php HTTP/2.0" 200 1864 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" advisainternational.com 82.180.132.232 - - [19/Jun/2026:10:51:11 -0500] "GET /wp-login.php HTTP/2.0" 200 1864 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" advisainternational.com 82.180.132.232 - - [19/Jun/2026:10:51:11 -0500] "POST /wp-login.php HTTP/2.0" 200 1993 "https://advisainternational.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-19 15:39:33 (1 day ago)	(wordpress) Apache: Failed WordPress login from 82.180.132.232 (US/United States/-): 10 in the last ... show more (wordpress) Apache: Failed WordPress login from 82.180.132.232 (US/United States/-): 10 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 Victor López	2026-06-13 09:50:35 (1 week ago)	ads.buscaempresas.co 82.180.132.232 - - [13/Jun/2026:04:50:33 -0500] "GET /wp-login.php HTTP/2.0" 20 ... show more ads.buscaempresas.co 82.180.132.232 - - [13/Jun/2026:04:50:33 -0500] "GET /wp-login.php HTTP/2.0" 200 1863 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" advisainternational.com 82.180.132.232 - - [13/Jun/2026:04:50:34 -0500] "GET /wp-login.php HTTP/2.0" 200 1863 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" advisainternational.com 82.180.132.232 - - [13/Jun/2026:04:50:34 -0500] "POST /wp-login.php HTTP/2.0" 200 1992 "https://advisainternational.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.218.206.80

🇪🇬 197.37.86.64

🇩🇪 213.209.159.238

🇮🇩 202.152.201.166

🇹🇼 198.235.24.121

🇺🇸 147.185.132.149

🇮🇳 103.127.30.137

🇺🇸 50.46.141.125

🇺🇸 35.186.100.84

🇹🇭 223.206.193.109

🇳🇱 185.242.226.8

🇺🇸 174.169.224.27

🇫🇷 173.249.52.138

🇻🇳 125.212.217.143

🇷🇴 92.118.39.214

🇷🇴 92.118.39.203

🇲🇾 49.124.154.172

🇮🇳 45.40.57.172

🇧🇷 43.164.192.40

🇺🇸 162.216.150.180