JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.82.82.203

120.82.82.203 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 5%: ?

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.82.82.203

Whois 120.82.82.203

IP Abuse Reports for 120.82.82.203:

This IP address has been reported a total of 10 times from 2 distinct sources. 120.82.82.203 was first reported on April 17th 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 00:48:00 (13 hours ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 20:47:56.393145 2026] [security2:error] [pid 15262:tid 15262] [client 120.82.82.203:55059] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|curryfirm.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "curryfirm.com"] [uri "/"] [unique_id "ajXjPPi2cSt6tcphSyPD2QAAAAM"], referer: http://curryfirm.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 21:20:00 (17 hours ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 17:19:52.500147 2026] [security2:error] [pid 23901:tid 23901] [client 120.82.82.203:54643] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.circle-h-growers.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.circle-h-growers.com"] [uri "/"] [unique_id "ajWyeM131xBn1r2cNx10eQAAAAY"], referer: http://www.circle-h-growers.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 23:30:28 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:30:22.457100 2026] [security2:error] [pid 30596:tid 30596] [client 120.82.82.203:8864] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|npcsouthernclassic.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "npcsouthernclassic.com"] [uri "/"] [unique_id "ajHcjgfJ4T5rCAKlm3cqQAAAAAk"], referer: http://npcsouthernclassic.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:12:32 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:12:28.561339 2026] [security2:error] [pid 17599:tid 17599] [client 120.82.82.203:11932] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|syconline.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "syconline.com"] [uri "/index.html"] [unique_id "ajGuLJV4cpFWjrpFdWnU4QAAAAk"], referer: http://syconline.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 22:15:16 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 18:15:08.624018 2026] [security2:error] [pid 24786:tid 24786] [client 120.82.82.203:54742] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ifatreefallsfilm.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ifatreefallsfilm.com"] [uri "/"] [unique_id "ajB5bPmq04HiNrSFNqI48gAAAA0"], referer: http://ifatreefallsfilm.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 02:11:11 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:11:07.246751 2026] [security2:error] [pid 14856:tid 14856] [client 120.82.82.203:12091] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|chrisbilder.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "chrisbilder.com"] [uri "/"] [unique_id "ai4Nuy1BqQMVKRj2isbRUgAAAAk"], referer: http://chrisbilder.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 22:46:17 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:46:11.321154 2026] [security2:error] [pid 31512:tid 31512] [client 120.82.82.203:5298] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|circleway.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "circleway.org"] [uri "/"] [unique_id "ainpM-jdT6JbAT3fa4zI0AAAAAc"], referer: http://circleway.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-02-14 22:33:21 (4 months ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.203 2026-02 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.203 2026-02-14 05:42:20 / show less	Web App Attack
🇨🇳 ThreatBook.io	2025-11-22 22:34:40 (6 months ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.203 2025-11 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.203 2025-11-22 01:41:22 /sitemap.xml show less	Web App Attack
🇨🇳 ThreatBook.io	2025-04-17 22:51:20 (1 year ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.82.82.203 2025-04-17 06 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/120.82.82.203 2025-04-17 06:59:30 /config.json show less	Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 223.204.219.11

🇩🇪 194.88.98.87

🇩🇪 167.94.145.19

🇧🇩 123.49.60.158

🇰🇷 118.37.214.187

🇺🇸 66.240.236.116

🇺🇸 47.89.234.183

🇬🇧 35.203.210.223

🇷🇺 195.133.196.93

🇷🇴 193.46.255.86

🇷🇴 193.32.162.16

🇲🇩 87.248.174.91

🇧🇬 78.128.114.66

🇩🇪 69.5.169.106

🇱🇹 45.227.254.170

🇮🇩 36.68.186.7

🇬🇧 35.203.211.83

🇺🇸 216.25.89.135

🇷🇺 193.242.177.154

🇭🇰 165.154.41.115