JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.82.82.89

120.82.82.89 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 12%: ?

12%

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.82.82.89

Whois 120.82.82.89

IP Abuse Reports for 120.82.82.89:

This IP address has been reported a total of 12 times from 2 distinct sources. 120.82.82.89 was first reported on May 7th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 00:18:40 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:18:34.354314 2026] [security2:error] [pid 20546:tid 20546] [client 120.82.82.89:44692] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.zoboz.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.zoboz.com"] [uri "/"] [unique_id "ajM5WlglOKRjEgNi0dOlfwAAAAI"], referer: http://www.zoboz.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 21:59:35 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 17:59:29.811395 2026] [security2:error] [pid 7401:tid 7401] [client 120.82.82.89:42792] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.cajunfriedturkey.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.cajunfriedturkey.com"] [uri "/"] [unique_id "ahTGQUVUoMJ-rhINkWXT1AAAABQ"], referer: http://www.cajunfriedturkey.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 20:31:18 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 16:31:11.470525 2026] [security2:error] [pid 31052:tid 31052] [client 120.82.82.89:44922] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|hawaiireservations.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "hawaiireservations.com"] [uri "/"] [unique_id "ahNgD6kvfWoI424QqNKF9AAAABU"], referer: http://hawaiireservations.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-13 01:02:29 (1 month ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.89 2026-05- ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.89 2026-05-12 05:25:39 /robots.txt 2026-05-12 13:12:44 /favicon.ico show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 18:41:06 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 14:40:59.429594 2026] [security2:error] [pid 11925:tid 11933] [client 120.82.82.89:9015] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|forrestwozniak.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "forrestwozniak.com"] [uri "/"] [unique_id "agDROyG0c-Luqml5Gk4HAgAAAAQ"], referer: http://forrestwozniak.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-10 00:47:37 (1 month ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.89 2026-05- ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.89 2026-05-09 09:38:13 /guard.html show less	Web App Attack
🇨🇳 ThreatBook.io	2026-04-01 00:24:19 (2 months ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.89 2026-03- ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.82.89 2026-03-31 04:45:06 / 2026-03-31 05:14:27 /config.json show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 14:55:28 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 10:55:21.333201 2026] [security2:error] [pid 18379:tid 18379] [client 120.82.82.89:8263] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.mtbpv.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mtbpv.org"] [uri "/"] [unique_id "acvgWc4IpkXEGYNBaw797AAAAA8"], referer: http://www.mtbpv.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 22:23:58 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.82.82.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 17:23:51.666864 2026] [security2:error] [pid 10525:tid 10525] [client 120.82.82.89:42499] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|daveweisman.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "daveweisman.com"] [uri "/403.shtml"] [unique_id "aYPG9_KYWjSSXVkuGL1yTwAAAAo"], referer: https://daveweisman.com/403.shtml show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-12-20 00:44:52 (6 months ago)	ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.82.89 2025-12-19 08:5 ... show more ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.82.89 2025-12-19 08:51:47 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-10-24 23:52:09 (7 months ago)	ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.82.89 2025-10-24 05:5 ... show more ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.82.89 2025-10-24 05:59:47 /explore/projects?non_archived=true&page=2&sort=latest_activity_desc show less	Web App Attack
🇨🇳 ThreatBook.io	2025-05-07 01:04:08 (1 year ago)	ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.82.89 2025-05-06 02:1 ... show more ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.82.89 2025-05-06 02:11:44 /robots.txt show less	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 185.233.3.95

🇷🇴 80.94.92.187

🇺🇸 34.181.181.246

🇳🇱 192.42.116.143

🇰🇷 112.168.121.39

🇻🇳 103.75.182.132

🇮🇳 103.39.245.69

🇨🇳 101.126.53.14

🇳🇱 89.21.67.179

🇺🇸 64.207.185.5

🇳🇱 45.198.224.244

🇭🇰 45.142.154.42

🇭🇰 45.142.154.31

🇬🇹 190.151.130.5

🇲🇽 187.191.48.23

🇺🇸 147.185.132.191

🇭🇰 118.193.38.178

🇺🇸 104.21.88.126

🇺🇸 69.164.217.245

🇩🇪 69.5.169.8