JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.5.57.239

120.5.57.239 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 5%: ?

ISP	China Unicom Heibei Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.5.57.239

Whois 120.5.57.239

IP Abuse Reports for 120.5.57.239:

This IP address has been reported a total of 4 times from 1 distinct source. 120.5.57.239 was first reported on June 16th 2026, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 12:02:31 (15 hours ago)	(mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 08:02:27.346182 2026] [security2:error] [pid 23243:tid 23243] [client 120.5.57.239:22835] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thereddoorlounge.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thereddoorlounge.com"] [uri "/"] [unique_id "aj-701TOV-cwZ4IZkszDBQAAACA"], referer: http://thereddoorlounge.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 07:13:48 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 03:13:45.008384 2026] [security2:error] [pid 22432:tid 22432] [client 120.5.57.239:57384] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|ictsl.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "ictsl.net"] [uri "/"] [unique_id "aj4mqaiqdNZVNZ-qOsFcSQAAAAc"], referer: http://ictsl.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:27:15 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:27:11.980322 2026] [security2:error] [pid 14892:tid 14892] [client 120.5.57.239:5833] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|celltechs.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "celltechs.net"] [uri "/"] [unique_id "ajcFrx9KCyPnRGkrGVITRgAAABc"], referer: https://celltechs.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:50:16 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 120.5.57.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:50:11.376574 2026] [security2:error] [pid 1687:tid 1687] [client 120.5.57.239:43055] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|jrqdesign.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jrqdesign.com"] [uri "/"] [unique_id "ajG3Ax296skczPz6sEmMYwAAAAM"], referer: http://jrqdesign.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.157

🇬🇹 190.151.130.5

🇨🇳 183.233.187.138

🇺🇸 152.32.236.116

🇳🇱 78.142.18.40

🇮🇩 180.254.67.9

🇺🇸 173.194.103.16

🇫🇷 172.71.135.13

🇧🇷 168.194.124.203

🇨🇦 138.197.160.77

🇧🇩 103.23.205.28

🇨🇦 85.217.149.22

🇰🇷 211.62.96.42

🇲🇾 203.121.40.210

🇬🇧 193.176.29.16

🇨🇳 183.56.183.136

🇮🇩 182.253.58.165

🇺🇸 162.216.150.95

🇸🇬 161.118.237.181

🇩🇪 159.26.104.81