JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.25.102.2

82.25.102.2 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	netutils.io
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.25.102.2

Whois 82.25.102.2

IP Abuse Reports for 82.25.102.2:

This IP address has been reported a total of 53 times from 34 distinct sources. 82.25.102.2 was first reported on June 6th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-08 13:41:24 (4 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇩🇪 paissangroup	2026-06-08 13:12:04 (5 hours ago)	Multiple WAF Violations	Web App Attack
🇩🇪 NewGastroline	2026-06-08 10:14:31 (8 hours ago)	Malicious request blocked by CrowdSec on gastro-prod1.boreus.de	Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-08 08:40:42 (9 hours ago)	[MonJun0810:40:37.5802142026][security2:error][pid3396626:tid3396845][client82.25.102.2:0]ModSecurit ... show more [MonJun0810:40:37.5802142026][security2:error][pid3396626:tid3396845][client82.25.102.2:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"turismo-marocco-lugano.ch\"][uri\"/member/.env\"][unique_id\"aiaABfFFDtGVtiprPKfuMwAAAQM\"] show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-08 05:48:45 (12 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-06-08 00:54:43 (17 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack
Anonymous	2026-06-08 00:07:23 (18 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DE, Attack patterns: Clou ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DE, Attack patterns: Cloud secrets probing show less	Bad Web Bot Web App Attack
🇫🇷 Nexia	2026-06-07 23:45:11 (18 hours ago)	[SENTINEL-HQ] Sentinel detected Critical Trap on /app/.env	Web App Attack
Anonymous	2026-06-07 23:25:02 (19 hours ago)	suspicious request in access.log	Web App Attack
🇲🇾 Rizzy	2026-06-07 20:11:53 (22 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-07 15:23:47 (1 day ago)	(caddyscan) Scanner path probe from 82.25.102.2 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; D ... show more (caddyscan) Scanner path probe from 82.25.102.2 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 82.25.102.2 - - [07/Jun/2026:15:23:46 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 82.25.102.2 - - [07/Jun/2026:15:23:46 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 82.25.102.2 - - [07/Jun/2026:15:23:46 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 82.25.102.2 - - [07/Jun/2026:15:23:46 +0000] "GET /member/.env HTTP/1.1" [REDACTED] 200 2627 82.25.102.2 - - [07/Jun/2026:15:23:46 +0000] "GET /dev/.env HTTP/1.1" show less	Port Scan
🇪🇸 elcruzado.es	2026-06-07 15:19:20 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 82.25.102.2 (DE/Germany/-)	SQL Injection
🇬🇧 consul.to	2026-06-07 12:55:27 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 Apache	2026-06-07 12:28:55 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 82.25.102.2 (DE/Germany/-): 5 in the last 300 s ... show more (mod_security) mod_security (id:210492) triggered by 82.25.102.2 (DE/Germany/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 11:56:17 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 82.25.102.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 82.25.102.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 07:56:14.122343 2026] [security2:error] [pid 10643:tid 10643] [client 82.25.102.2:32316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evelynkay.com"] [uri "/member/.env"] [unique_id "aiVcXvzRTlw_XSL1A_BFeAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 81.192.46.45

🇮🇷 2.180.152.3

🇮🇳 210.16.91.237

🇮🇳 203.145.143.163

🇭🇰 199.45.154.183

🇳🇱 185.93.89.79

🇨🇳 171.83.117.102

🇺🇸 162.243.228.110

🇬🇧 145.40.159.83

🇰🇪 105.27.148.94

🇪🇸 82.165.2.98

🇺🇸 66.132.172.43

🇬🇧 2a02:4780:a:1694:0:35e9:ed55:1

🇹🇼 198.235.24.54

🇹🇼 198.235.24.19

🇩🇪 176.65.132.129

🇺🇸 172.253.221.16

🇭🇰 152.32.226.205

🇨🇳 120.48.147.81

🇨🇳 112.122.237.117