JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.23.213.2

82.23.213.2 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS32613
Domain Name	netutils.io
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.23.213.2

Whois 82.23.213.2

IP Abuse Reports for 82.23.213.2:

This IP address has been reported a total of 10 times from 3 distinct sources. 82.23.213.2 was first reported on May 30th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-07 11:36:22 (4 months ago)	(mod_security) mod_security (id:212620) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:212620) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 06:36:15.437220 2026] [security2:error] [pid 23337:tid 23337] [client 82.23.213.2:51769] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /ajax/apps/manifests?action=all&format=debug&xss=<script>alert(document.domain);</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.nbcnewsradio.com"] [uri "/ajax/apps/manifests"] [unique_id "aYcjr7r7TNTIj5aGh3UKogAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:27:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:27:03.706115 2025] [security2:error] [pid 4786:tid 4786] [client 82.23.213.2:34161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.farmers123.com"] [uri "/.env.farmers123"] [unique_id "aS9nt7M37zockMl4hPl8qQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:40:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:40:28.031371 2025] [security2:error] [pid 27471:tid 27490] [client 82.23.213.2:37479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aS04XHLXOKC0tXS7y0kw-AAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 23:20:36 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 19:20:33.680204 2025] [security2:error] [pid 3250:tid 3250] [client 82.23.213.2:47203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nbcnewsradio.com"] [uri "/.env.prod.local"] [unique_id "aQFPwdT6o0t-h-HokUwOmQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 17:55:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 13:55:08.455153 2025] [security2:error] [pid 26299:tid 26313] [client 82.23.213.2:52225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.fandgins.com"] [uri "/.env.fandgins"] [unique_id "aQEDfARrYKPIsVpitPuBiwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-01 01:34:47 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 21:34:44.278990 2025] [security2:error] [pid 4167008:tid 4167057] [client 82.23.213.2:40597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/_.htaccess"] [unique_id "aLT4NA6DfZQKU24eXUwj0wAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 raramos	2025-08-07 19:00:07 (10 months ago)	[SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed ... show more [SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed' in sorbs:'listed [web], [spam]' in Unsubscore:'listed' *(RWIN=8192)(04:10) show less	Web Spam Email Spam Port Scan Hacking Brute-Force Web App Attack
Anonymous	2025-06-01 16:50:03 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 06:32:35 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 02:32:27.959430 2025] [security2:error] [pid 2256135:tid 2256199] [client 82.23.213.2:40691] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".kettlehill.com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/www.kettlehill.com.sql"] [unique_id "aDvz-649PdggYnA6bsspJAAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 20:12:31 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 82.23.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 16:12:26.369040 2025] [security2:error] [pid 624085:tid 624085] [client 82.23.213.2:55607] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/elmah.axd"] [unique_id "aDoRKtFaNKmzSnCxJFADYAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.222

🇬🇧 81.19.219.208

🇫🇷 54.38.241.200

🇳🇱 45.148.10.152

🇧🇷 205.210.31.242

🇮🇷 185.226.119.178

🇨🇳 183.250.89.44

🇨🇳 183.56.236.229

🇳🇱 138.249.141.173

🇩🇪 84.32.10.175

🇦🇲 45.159.74.212

🇺🇸 20.163.2.151

🇫🇷 185.188.249.130

🇫🇷 95.111.230.218

🇷🇴 92.118.39.62

🇷🇺 83.246.133.16

🇮🇪 34.245.100.248

🇯🇵 34.97.219.71

🇸🇪 2.66.71.248

🇺🇸 2604:a940:300:5b6:0:26::