JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.198.227.50

82.198.227.50 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 100%: ?

100%

ISP	Hostinger International Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	hostinger.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.198.227.50

Whois 82.198.227.50

IP Abuse Reports for 82.198.227.50:

This IP address has been reported a total of 33 times from 26 distinct sources. 82.198.227.50 was first reported on June 2nd 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sandra361	2026-06-09 06:22:42 (5 days ago)	Port scan detected: 35 attempts across 1 ports (443). \| Evidence: GHOST_SCAN:IN=enp1s0 OUT= SRC=82.1 ... show more Port scan detected: 35 attempts across 1 ports (443). \| Evidence: GHOST_SCAN:IN=enp1s0 OUT= SRC=82.198.227.50 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=2962 DF PROTO=TCP SPT=59048 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇦🇺 AWW-Admin	2026-06-09 06:22:36 (5 days ago)	(mod_security) mod_security triggered on hostname [redacted] 82.198.227.50 (DE/Germany/-)	SQL Injection
🇬🇧 consul.to	2026-06-09 02:06:32 (6 days ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 Aetherweb Ark	2026-06-09 00:34:53 (6 days ago)	(mod_security) mod_security (id:949110) triggered by 82.198.227.50 (DE/Germany/-): N in the last X s ... show more (mod_security) mod_security (id:949110) triggered by 82.198.227.50 (DE/Germany/-): N in the last X secs show less	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-08 23:59:33 (6 days ago)	[Tue Jun 09 09:59:32.797061 2026] [security2:error] [pid 180752] [client 82.198.227.50:58218] [clien ... show more [Tue Jun 09 09:59:32.797061 2026] [security2:error] [pid 180752] [client 82.198.227.50:58218] [client 82.198.227.50] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/api/.env.save"] [unique_id "aidXZM3qKvq0-Idm0UlUZgAAAAw"], referer: https://realestatepromo.com.au/api/.env.save ... show less	Web App Attack
Anonymous	2026-06-08 23:58:36 (6 days ago)	(caddyscan) Scanner path probe from 82.198.227.50 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 82.198.227.50 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 82.198.227.50 - - [08/Jun/2026:23:58:31 +0000] "GET /members/.env HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [08/Jun/2026:23:58:31 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [08/Jun/2026:23:58:31 +0000] "GET /core/.env.save HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [08/Jun/2026:23:58:31 +0000] "GET /admin/.env HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [08/Jun/2026:23:58:31 +0000] "GET /api/.env HTTP/1.1" show less	Port Scan
🇩🇪 NewGastroline	2026-06-08 22:47:10 (6 days ago)	Malicious request blocked by CrowdSec on gastro-prod1.boreus.de	Bad Web Bot Web App Attack
🇯🇵 beon	2026-06-08 20:55:44 (6 days ago)	[DateTime=>2026-06-08T20:55:44Z (UTC)] , [HoneyPot_Hits=>12 times] , [HoneyPots=>/.env.save, /app/.e ... show more [DateTime=>2026-06-08T20:55:44Z (UTC)] , [HoneyPot_Hits=>12 times] , [HoneyPots=>/.env.save, /app/.env, /api/.env, /api/.env.save, /dev/.env, /.env and others] , [total_Hits=>12 times] show less	Bad Web Bot Web App Attack Hacking
🇮🇩 Burayot	2026-06-08 18:32:12 (6 days ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 82.198.227.50 (DE/Germany/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 82.198.227.50 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇩🇪 big-cloud.nl	2026-06-07 11:14:16 (1 week ago)	Try to access /api/.env	Web App Attack
🇺🇸 WellSpring	2026-06-07 10:35:30 (1 week ago)	env exposure on naturologie.com/core/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇳🇱 wlt-blocker	2026-06-07 10:28:09 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:50:02 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 82.198.227.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.198.227.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:49:54.649500 2026] [security2:error] [pid 5282:tid 5282] [client 82.198.227.50:40454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steveleeds.com"] [uri "/members/.env"] [unique_id "aiU-ws4BZga5__IRJZChSwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Matthew Ping	2026-06-07 09:30:01 (1 week ago)	ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
Anonymous	2026-06-07 09:21:08 (1 week ago)	(caddyscan) Scanner path probe from 82.198.227.50 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 82.198.227.50 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 82.198.227.50 - - [07/Jun/2026:09:21:07 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [07/Jun/2026:09:21:07 +0000] "GET /laravel/.env HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [07/Jun/2026:09:21:07 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [07/Jun/2026:09:21:07 +0000] "GET /.env.save HTTP/1.1" [REDACTED] 200 2627 82.198.227.50 - - [07/Jun/2026:09:21:07 +0000] "GET /members/.env HTTP/1.1" show less	Port Scan

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:963d:f001

🇰🇷 222.232.176.7

🇩🇪 195.230.103.244

🇺🇸 147.185.132.237

🇺🇸 136.109.67.244

🇦🇪 83.110.6.101

🇱🇹 45.227.254.170

🇧🇷 43.157.151.226

🇺🇸 34.106.136.18

🇨🇭 34.65.98.208

🇺🇸 2604:a880:400:d1:0:4:9633:4001

🇨🇿 103.200.28.211

🇷🇴 92.118.39.62

🇧🇼 83.143.28.167

🇷🇴 80.94.92.167

🇧🇬 79.124.62.126

🇫🇷 46.105.42.135

🇺🇸 216.25.89.102

🇻🇳 125.212.244.35

🇭🇰 119.28.9.170