JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.82.82.49

120.82.82.49 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 4%: ?

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.82.82.49

Whois 120.82.82.49

IP Abuse Reports for 120.82.82.49:

This IP address has been reported a total of 11 times from 4 distinct sources. 120.82.82.49 was first reported on October 24th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 19:46:36 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:46:30.168824 2026] [security2:error] [pid 26439:tid 26439] [client 120.82.82.49:7432] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|longsans.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "longsans.com"] [uri "/"] [unique_id "aiHWFifUAB7AUh7_IwxcSAAAACI"], referer: http://longsans.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 20:09:50 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 16:09:43.624181 2026] [security2:error] [pid 20662:tid 20662] [client 120.82.82.49:7789] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.embossednapkins.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.embossednapkins.com"] [uri "/"] [unique_id "aiCKBx46ArHAInYYRbLKLwAAAAk"], referer: http://www.embossednapkins.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 21:23:33 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 17:23:27.871899 2026] [security2:error] [pid 22615:tid 22635] [client 120.82.82.49:4906] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|aeaus.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "aeaus.com"] [uri "/"] [unique_id "ahymzwwrYD4ftbZ5MvqP-wAAABA"], referer: http://aeaus.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 19:45:31 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 15:45:26.874798 2026] [security2:error] [pid 28345:tid 28345] [client 120.82.82.49:8142] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.astariamusic.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.astariamusic.com"] [uri "/"] [unique_id "ahyP1mXhHIoaXSXUtO6w4gAAAA8"], referer: http://www.astariamusic.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 20:39:35 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 16:39:27.189606 2026] [security2:error] [pid 9750:tid 9750] [client 120.82.82.49:5504] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|deckmasterscompany.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "deckmasterscompany.com"] [uri "/"] [unique_id "ahn5f5dq8XSMclE66EwvwAAAAAQ"], referer: http://deckmasterscompany.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-22 03:57:16 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 23:57:09.679817 2026] [security2:error] [pid 1380541:tid 1380541] [client 120.82.82.49:21633] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.joebankx.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.joebankx.com"] [uri "/"] [unique_id "ab9olVYwleS2Wv-E35gmVgAAAAM"], referer: https://www.joebankx.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-05 04:31:07 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-02 23:00:54 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 18:00:48.083952 2026] [security2:error] [pid 3455:tid 3455] [client 120.82.82.49:24225] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.bayareamustangs.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bayareamustangs.com"] [uri "/"] [unique_id "aYEsoBTPg-weXQEx8NKURgAAABM"], referer: https://www.bayareamustangs.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 22:34:07 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 17:34:01.030540 2026] [security2:error] [pid 12671:tid 12671] [client 120.82.82.49:53733] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.monteriggioni.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.monteriggioni.net"] [uri "/"] [unique_id "aXaaWQTcIHSxvWEs8mqtrQAAAAw"], referer: http://www.monteriggioni.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-04 01:20:52 (6 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇨🇳 ThreatBook.io	2025-10-24 00:08:44 (7 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.82.82.49 2025-10-2 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.82.82.49 2025-10-23 11:33:00 /sitemap.xml 2025-10-23 02:30:44 / show less	Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.51.43.54

🇷🇺 185.107.252.224

🇧🇷 45.205.1.240

🇳🇱 45.148.10.147

🇺🇸 195.184.76.168

🇺🇸 195.184.76.67

🇷🇴 193.46.255.86

🇺🇸 162.216.149.86

🇫🇷 161.97.154.151

🇮🇳 157.41.198.213

🇺🇸 153.66.28.132

🇻🇳 123.24.196.45

🇹🇭 122.154.235.21

🇺🇸 103.234.62.98

🇰🇷 59.26.193.177

🇮🇪 3.249.133.179

🇰🇷 218.157.205.238

🇺🇸 162.216.149.162

🇺🇸 162.216.149.58

🇯🇵 124.155.125.131