JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 82.25.216.112

82.25.216.112 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 34%: ?

34%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS30860
Domain Name	netutils.io
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 82.25.216.112

Whois 82.25.216.112

IP Abuse Reports for 82.25.216.112:

This IP address has been reported a total of 14 times from 8 distinct sources. 82.25.216.112 was first reported on February 24th 2026, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-14 11:33:01 (23 hours ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
Anonymous	2026-06-01 08:46:20 (2 weeks ago)	Blocked: Reason='Suspicious traffic score=70 (review-based detection)'; Requests=11	Hacking
🇩🇪 BlueWire Hosting	2026-05-31 19:33:44 (2 weeks ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 mnsf	2026-05-29 11:05:32 (2 weeks ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-28 22:03:46 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-27 23:06:20 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 19:05:31.294306 2026] [security2:error] [pid 4276:tid 4276] [client 82.25.216.112:38829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.joe.hatfulofrain.com"] [uri "/.env.vercel"] [unique_id "ahd4u35wcA7xmX_wB9YO5QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 15:47:21 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 11:47:17.210238 2026] [security2:error] [pid 25120:tid 25120] [client 82.25.216.112:45519] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|destintoday.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "destintoday.com"] [uri "/backup.sql"] [unique_id "ahcSBZPtazwOr4mojlZ2_gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:57:02 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:56:44.610474 2026] [security2:error] [pid 15555:tid 15555] [client 82.25.216.112:44147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.johnlittlehorn.littlehorndesign.com"] [uri "/wp-config.php"] [unique_id "ahZBTBmaRhan62iavOaQGwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:22:10 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:21:59.936350 2026] [security2:error] [pid 16221:tid 16221] [client 82.25.216.112:51273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lhhs69.johnpritchett.com"] [uri "/.env.php"] [unique_id "ahY5JwAUabQrbZ6pb24DowAAABA"], referer: https://www.google.com/search?q=www.lhhs69.johnpritchett.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 23:51:02 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 19:50:30.097925 2026] [security2:error] [pid 27973:tid 27973] [client 82.25.216.112:40631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.asfmglobal.com"] [uri "/.env.production"] [unique_id "ahYxxsfGqHnnwhNfmraKcwAAAAE"], referer: https://www.google.com/search?q=cpcalendars.asfmglobal.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-26 21:59:54 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-05-26	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-26 18:06:46 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 82.25.216.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:06:37.502081 2026] [security2:error] [pid 13271:tid 13271] [client 82.25.216.112:33393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "17thstreetrealty.com"] [uri "/sftp-config.json"] [unique_id "ahXhLVUBOlVR-sxtZ1d6iQAAAAg"], referer: https://www.google.com/search?q=17thstreetrealty.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-24 07:01:24 (3 months ago)	2026-02-24T09:01:23.942266+02:00 zanati wp(www.sahpa.co.za)[2144629]: Blocked authentication attempt ... show more 2026-02-24T09:01:23.942266+02:00 zanati wp(www.sahpa.co.za)[2144629]: Blocked authentication attempt for Lisa from 82.25.216.112 ... show less	Web App Attack
🇮🇹 VHosting	2026-02-24 02:05:05 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.100

🇮🇳 159.65.156.145

🇺🇸 20.98.140.180

🇰🇷 220.71.199.64

🇮🇩 203.83.45.113

🇫🇷 185.177.72.67

🇸🇬 168.138.177.40

🇳🇱 160.119.69.14

🇹🇭 118.194.251.144

🇺🇸 66.132.172.43

🇨🇳 39.105.133.77

🇺🇸 216.73.161.220

🇮🇳 122.183.57.114

🇨🇳 115.231.78.11

🇫🇷 91.196.152.29

🇬🇧 89.37.172.136

🇺🇸 20.80.105.86

🇰🇷 222.232.176.7

🇨🇳 221.228.10.226

🇧🇷 187.8.3.230