JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.82.84.105

120.82.84.105 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 12%: ?

12%

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.82.84.105

Whois 120.82.84.105

IP Abuse Reports for 120.82.84.105:

This IP address has been reported a total of 12 times from 4 distinct sources. 120.82.84.105 was first reported on September 17th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 23:40:49 (9 hours ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:40:44.965622 2026] [security2:error] [pid 15531:tid 15531] [client 120.82.84.105:6569] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|mtalame.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mtalame.com"] [uri "/"] [unique_id "aj8N_IYxAJ76T9FdTLN5LgAAAB4"], referer: http://mtalame.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 23:23:18 (10 hours ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:23:12.690177 2026] [security2:error] [pid 5795:tid 5795] [client 120.82.84.105:7799] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.stoneageartifacts.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.stoneageartifacts.com"] [uri "/"] [unique_id "aj8J4P58K4fcnTY8849-KwAAAAI"], referer: http://www.stoneageartifacts.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 02:06:48 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 22:06:43.143269 2026] [security2:error] [pid 7247:tid 7247] [client 120.82.84.105:7944] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.kwtlaw.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.kwtlaw.com"] [uri "/"] [unique_id "aj3es1UxpbQBqGsrXlJkhwAAAAc"], referer: http://www.kwtlaw.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 04:59:11 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 00:59:03.400492 2026] [security2:error] [pid 11553:tid 11553] [client 120.82.84.105:45938] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|salsontap.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "salsontap.com"] [uri "/"] [unique_id "ajdvl1klm-ELqGdVwjcj9gAAAAw"], referer: http://salsontap.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 18:40:22 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 14:40:13.829599 2026] [security2:error] [pid 21734:tid 21858] [client 120.82.84.105:38963] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|cibernetic.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "cibernetic.com"] [uri "/"] [unique_id "ahndjSeTDzy1ME-ziB-BJQAAAoo"], referer: http://cibernetic.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 23:18:44 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 19:18:37.323241 2026] [security2:error] [pid 7917:tid 7917] [client 120.82.84.105:38909] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|heavenonearthonline.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "heavenonearthonline.net"] [uri "/"] [unique_id "ahTYzcEe_zvUf51eEc2hXQAAAAs"], referer: http://heavenonearthonline.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-06 23:55:35 (1 month ago)	ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.84.105 2026-05-06 04: ... show more ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/120.82.84.105 2026-05-06 04:56:32 /portal.html show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 18:38:14 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 14:38:07.429640 2026] [security2:error] [pid 30642:tid 30653] [client 120.82.84.105:12501] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|12am.us\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "12am.us"] [uri "/"] [unique_id "adKsD_iIC5-L-WCsjiURmQAAAEA"], referer: http://12am.us/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 00:30:45 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 20:30:37.204341 2026] [security2:error] [pid 19104:tid 19104] [client 120.82.84.105:13132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|fallweddingnapkins.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "fallweddingnapkins.com"] [uri "/"] [unique_id "ac8KLWvBBJtNqFr8hip9BQAAABs"], referer: http://fallweddingnapkins.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-27 19:40:55 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 27 14:40:47.584246 2026] [security2:error] [pid 2365:tid 2365] [client 120.82.84.105:42245] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|theonepieceisreal.click\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "theonepieceisreal.click"] [uri "/"] [unique_id "aXkUv45HI7X6-N-IIGIkAQAAAAE"], referer: http://theonepieceisreal.click/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-11-26 05:29:29 (7 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇫🇷 bigorre.org	2025-09-17 16:28:26 (9 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 217.61.143.105

🇫🇷 82.64.38.234

🇬🇧 35.203.211.53

🇹🇳 197.5.145.114

🇮🇩 182.9.33.4

🇺🇸 128.203.204.195

🇰🇷 119.204.60.250

🇹🇭 118.193.56.246

🇻🇳 103.106.104.25

🇳🇱 89.21.67.149

🇭🇰 43.129.170.61

🇺🇸 20.65.195.48

🇺🇸 5.161.101.51

🇺🇸 2a03:2880:f800:19::

🇺🇸 170.106.152.135

🇺🇸 162.216.149.12

🇩🇪 158.94.208.36

🇳🇿 121.73.169.140

🇫🇷 92.205.50.247

🇳🇱 91.92.40.12