JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.197.68.4

82.197.68.4 was found in our database!

This IP was reported 75 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141995
Hostname(s)	vmi3203660.contaboserver.net
Domain Name	contabo.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.197.68.4

Whois 82.197.68.4

IP Abuse Reports for 82.197.68.4:

This IP address has been reported a total of 75 times from 53 distinct sources. 82.197.68.4 was first reported on May 28th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-29 00:10:37 (1 week ago)	vars[0]=md5&vars[1][]=Hello	Fraud Orders Hacking Brute-Force Web App Attack
🇮🇳 Parth Maniar	2026-05-28 18:42:11 (1 week ago)	This IP address carried out 16 port scanning attempts on 28-05-2026. For more information or to repo ... show more This IP address carried out 16 port scanning attempts on 28-05-2026. For more information or to report interesting / incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Port Scan SSH
🇨🇭 SOC [GOLINE SA]	2026-05-28 12:07:16 (1 week ago)	FortiGate detected IPS attack from IPv4 address 82.197.68.4	Hacking
🇬🇧 xpert-servers	2026-05-28 11:43:17 (1 week ago)	session[460744] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER admin: no such user found from 82.197.68.4 ... show more session[460744] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER admin: no such user found from 82.197.68.4 [82.197.68.4] to ::ffff:10.1.2.107:2222 session[460753] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER orangepi: no such user found from 82.197.68.4 [82.197.68.4] to ::ffff:10.1.2.107:2222 session[461172] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER root (Login failed): Incorrect password session[461176] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER root (Login failed): Incorrect password session[461248] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER root (Login failed): Incorrect password session[461258] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER root (Login failed): Incorrect password session[461329] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER root (Login failed): Incorrect password session[461408] 0.0.0.0 (82.197.68.4[82.197.68.4]): USER root (Login failed): Incorrect password ... show less	FTP Brute-Force Brute-Force Exploited Host
🇨🇭 zynex	2026-05-28 11:40:11 (1 week ago)	URL Probing: /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php	Web App Attack
🇺🇸 RAP	2026-05-28 11:28:56 (1 week ago)	2026-05-28 11:28:56 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 bigscoots.com	2026-05-28 11:23:49 (1 week ago)	(sshd) Failed SSH login from 82.197.68.4 (SG/Singapore/vmi3203660.contaboserver.net): 5 in the last ... show more (sshd) Failed SSH login from 82.197.68.4 (SG/Singapore/vmi3203660.contaboserver.net): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: May 28 06:22:38 18019 sshd[21586]: Invalid user admin from 82.197.68.4 port 36470 May 28 06:22:40 18019 sshd[21586]: Failed password for invalid user admin from 82.197.68.4 port 36470 ssh2 May 28 06:23:11 18019 sshd[22016]: Invalid user orangepi from 82.197.68.4 port 54738 May 28 06:23:13 18019 sshd[22016]: Failed password for invalid user orangepi from 82.197.68.4 port 54738 ssh2 May 28 06:23:44 18019 sshd[22223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.197.68.4 user=root show less	Brute-Force SSH
🇫🇷 Selckie	2026-05-28 11:19:27 (1 week ago)	fail2ban: NGINX unusual impact	Web App Attack
🇺🇸 bigscoots.com	2026-05-28 10:54:09 (1 week ago)	(sshd) Failed SSH login from 82.197.68.4 (SG/Singapore/vmi3203660.contaboserver.net): 5 in the last ... show more (sshd) Failed SSH login from 82.197.68.4 (SG/Singapore/vmi3203660.contaboserver.net): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: May 28 05:52:54 14835 sshd[8357]: Invalid user admin from 82.197.68.4 port 36720 May 28 05:52:56 14835 sshd[8357]: Failed password for invalid user admin from 82.197.68.4 port 36720 ssh2 May 28 05:53:28 14835 sshd[8701]: Invalid user orangepi from 82.197.68.4 port 58422 May 28 05:53:30 14835 sshd[8701]: Failed password for invalid user orangepi from 82.197.68.4 port 58422 ssh2 May 28 05:54:01 14835 sshd[8861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.197.68.4 user=root show less	Brute-Force SSH
🇺🇸 MPL	2026-05-28 10:52:44 (1 week ago)	tcp/2375 (2 or more attempts)	Port Scan
Anonymous	2026-05-28 10:48:46 (1 week ago)	2026-05-28T10:48:46.344124+00:00 caddy caddy[63377]: {"level":"info","ts":1779965326.3439846,"logger ... show more 2026-05-28T10:48:46.344124+00:00 caddy caddy[63377]: {"level":"info","ts":1779965326.3439846,"logger":"http.log.access","msg":"handled request","request":{"remote_ip":"82.197.68.4","remote_port":"36726","client_ip":"82.197.68.4","proto":"HTTP/1.1","method":"POST","host":"142.132.232.19:80","uri":"/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh","headers":{"Upgrade-Insecure-Requests":["1"],"Accept":["/"],"User-Agent":["libredtail-http"],"Connection":["keep-alive"],"Content-Type":["text/plain"],"Content-Length":["117"]}},"bytes_read":0,"user_id":"","duration":0.000069681,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://142.132.232.19/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh"],"Content-Type":[]}} ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 10:42:17 (1 week ago)	(mod_security) mod_security (id:218420) triggered by 82.197.68.4 (vmi3203660.contaboserver.net): 1 i ... show more (mod_security) mod_security (id:218420) triggered by 82.197.68.4 (vmi3203660.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 06:42:09.670180 2026] [security2:error] [pid 11829:tid 11829] [client 82.197.68.4:48544] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|192.64.150.70:80\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "192.64.150.70"] [uri "/hello.world"] [unique_id "ahgcAQfU2j3f1E3Iy79v-gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 sumnone	2026-05-28 10:23:49 (1 week ago)	Port probing on unauthorized port 2222	Port Scan Hacking Exploited Host
🇺🇸 bigscoots.com	2026-05-28 10:22:10 (1 week ago)	(sshd) Failed SSH login from 82.197.68.4 (SG/Singapore/vmi3203660.contaboserver.net): 5 in the last ... show more (sshd) Failed SSH login from 82.197.68.4 (SG/Singapore/vmi3203660.contaboserver.net): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: May 28 05:20:44 14520 sshd[16425]: Invalid user admin from 82.197.68.4 port 57398 May 28 05:20:46 14520 sshd[16425]: Failed password for invalid user admin from 82.197.68.4 port 57398 ssh2 May 28 05:21:17 14520 sshd[16595]: Invalid user orangepi from 82.197.68.4 port 58136 May 28 05:21:19 14520 sshd[16595]: Failed password for invalid user orangepi from 82.197.68.4 port 58136 ssh2 May 28 05:21:51 14520 sshd[16602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.197.68.4 user=root show less	Brute-Force SSH
🇫🇷 dynamix	2026-05-28 10:11:51 (1 week ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 75 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇴 181.115.184.182

🇺🇸 173.2.101.247

🇨🇳 118.145.239.153

🇰🇷 112.175.29.94

🇦🇪 109.177.32.150

🇺🇸 84.37.49.138

🇧🇬 78.128.113.74

🇨🇳 58.47.120.165

🇮🇳 49.43.133.167

🇺🇸 6.132.172.133

🇷🇴 2.57.122.177

🇸🇬 212.73.148.42

🇬🇧 198.178.235.41

🇮🇳 172.217.38.23

🇺🇸 154.201.74.47

🇩🇪 151.243.11.37

🇮🇹 151.83.55.69

🇫🇮 147.185.133.96

🇺🇸 147.182.133.21

🇹🇼 118.163.132.212