JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.180.143.72

82.180.143.72 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 82%: ?

82%

ISP	TerraTransit AG
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	terratransit.de
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.180.143.72

Whois 82.180.143.72

IP Abuse Reports for 82.180.143.72:

This IP address has been reported a total of 37 times from 21 distinct sources. 82.180.143.72 was first reported on August 21st 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-08 21:59:36 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇬🇧 openstrike.co.uk	2026-06-08 05:13:10 (1 week ago)	18 attacks on env grabbing URLs: GET /api/.env HTTP/1.1	Hacking
🇩🇪 paissangroup	2026-06-08 03:47:55 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 psauxit	2026-06-07 22:20:20 (1 week ago)	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show more Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less	Web App Attack Hacking
🇬🇧 consul.to	2026-06-07 17:46:11 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 masterguru	2026-06-07 17:09:34 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
Anonymous	2026-06-07 15:55:01 (1 week ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:45:25 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:45:21.042770 2026] [security2:error] [pid 31215:tid 31215] [client 82.180.143.72:21532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrisswansoncampaign.com"] [uri "/app/.env"] [unique_id "aiU9sR87U5ABbBHZLeNasQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2026-06-07 08:53:04 (1 week ago)	Scanning for exploits - /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 08:42:18 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:42:14.453930 2026] [security2:error] [pid 11875:tid 11875] [client 82.180.143.72:16586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jhollingshead.com"] [uri "/backend/.env"] [unique_id "aiUu5nt6lonGtnSGp5QNwwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-06-07 08:01:24 (1 week ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 07:59:55 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 03:59:49.791409 2026] [security2:error] [pid 9590:tid 9590] [client 82.180.143.72:47476] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "musiclipsapp.com"] [uri "/core/.env"] [unique_id "aiUk9Tr8ELeqw8C1bg19FAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-07 06:54:46 (2 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:39:28 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.180.143.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:39:21.532701 2026] [security2:error] [pid 14000:tid 14000] [client 82.180.143.72:21038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lucitania.com"] [uri "/core/.env"] [unique_id "aiUSGXUOtg6ueezxNCVB1QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 zynex	2026-06-07 06:01:02 (2 weeks ago)	URL Probing: /backend/.env	Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.216.84

🇬🇧 193.176.29.24

🇳🇱 188.166.15.24

🇨🇳 183.215.215.231

🇨🇳 180.153.236.41

🇫🇷 176.191.43.176

🇹🇼 122.116.32.119

🇭🇰 103.243.26.174

🇱🇹 45.227.254.170

🇺🇸 45.79.132.41

🇧🇪 34.79.250.92

🇻🇳 27.74.243.228

🇰🇷 222.116.149.144

🇭🇰 199.45.154.158

🇨🇳 180.153.236.35

🇫🇷 167.86.75.114

🇦🇺 120.157.46.235

🇺🇸 107.172.14.219

🇳🇬 102.88.21.136

🇮🇷 5.219.154.55