JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.21.243.120

82.21.243.120 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	netutils.io
Country	🇬🇷 Greece
City	Athens, Attica

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.21.243.120

Whois 82.21.243.120

IP Abuse Reports for 82.21.243.120:

This IP address has been reported a total of 10 times from 3 distinct sources. 82.21.243.120 was first reported on June 1st 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-01 11:31:17 (4 months ago)	(mod_security) mod_security (id:212620) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:212620) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:31:04.008205 2026] [security2:error] [pid 16723:tid 16811] [client 82.21.243.120:47907] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_COOKIES:svpnlang. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_COOKIES:svpnlang: <script>alert('document.domain')</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.net"] [uri "/wnm/login/login.json"] [unique_id "aX85eP0s_0SzhyBvLdixTAAAAwY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 17:45:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 12:45:14.680127 2025] [security2:error] [pid 13125:tid 13125] [client 82.21.243.120:33829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.nbcnewsradio.com"] [uri "/.svn/wc.db"] [unique_id "aTmxqgDvEyEUrG5Sl7vQUwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:12:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:12:40.283332 2025] [security2:error] [pid 19152:tid 19152] [client 82.21.243.120:51451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.farmers123.com"] [uri "/.env.stage"] [unique_id "aS9kWFdCeFVGxGyKWhrXPgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:52:09 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:51:02.146197 2025] [security2:error] [pid 31256:tid 31265] [client 82.21.243.120:34355] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/wp-content/plugins/wp-custom-pages/wp-download.php"] [unique_id "aS0sxm28JkE_f6YcP87t6AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 04:14:35 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 00:14:32.550337 2025] [security2:error] [pid 1688:tid 1688] [client 82.21.243.120:38147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nbcnewsradio.com"] [uri "/.svn/entries"] [unique_id "aQGUqMy_XkXrgel94d7pQgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:45:14 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:45:05.495650 2025] [security2:error] [pid 12475:tid 12490] [client 82.21.243.120:39637] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mail.kettlehill.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.kettlehill.com"] [uri "/mcp"] [unique_id "aN0-cWCKjmgjI9kURFKBTwAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 06:41:53 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:41:44.089059 2025] [security2:error] [pid 3331447:tid 3331463] [client 82.21.243.120:42455] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/ssl/localhost.key"] [unique_id "aIxhqFSZjg6lcpTf51ZZqwAAAYw"], referer: http://ftp.kettlehill.com/ssl/localhost.key show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-07-26 04:13:00 (10 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-07-20 10:10:02 (10 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 05:51:28 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 82.21.243.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 01:50:15.071040 2025] [security2:error] [pid 2256137:tid 2256249] [client 82.21.243.120:56355] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?filename=../../../../../../etc/passwd&mphb_action=download"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/"] [unique_id "aDvqF2Q8Dui5hvebpq96LwAAANI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 194.226.55.19

🇬🇧 87.236.176.52

🇰🇷 211.178.247.182

🇻🇳 203.145.46.217

🇮🇳 125.23.183.142

🇩🇪 83.135.177.123

🇺🇸 66.132.172.123

🇳🇱 5.187.35.26

🇩🇪 167.94.146.62

🇨🇳 118.145.242.91

🇷🇴 80.94.92.164

🇧🇬 78.128.114.58

🇺🇸 47.90.179.104

🇳🇱 45.148.10.151

🇩🇪 31.70.71.228

🇪🇸 196.196.150.5

🇮🇹 151.115.167.190

🇵🇭 143.44.165.251

🇨🇳 106.13.181.87

🇳🇱 45.148.10.157