JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.82.84.137

120.82.84.137 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 12%: ?

12%

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.82.84.137

Whois 120.82.84.137

IP Abuse Reports for 120.82.84.137:

This IP address has been reported a total of 11 times from 2 distinct sources. 120.82.84.137 was first reported on September 5th 2025, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 21:26:13 (59 minutes ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:26:05.407179 2026] [security2:error] [pid 27235:tid 27235] [client 120.82.84.137:53048] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.thephysicsroom.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.thephysicsroom.com"] [uri "/"] [unique_id "akA_7ZvA1kMbDI2lBKT-JAAAAA0"], referer: http://www.thephysicsroom.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 03:28:06 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:28:00.469699 2026] [security2:error] [pid 8649:tid 8649] [client 120.82.84.137:51298] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|sunapeeautomation.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sunapeeautomation.com"] [uri "/"] [unique_id "ajtOwG4KEJdmRszlq-fjMAAAABM"], referer: http://sunapeeautomation.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 20:38:22 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:38:14.816081 2026] [security2:error] [pid 32359:tid 32359] [client 120.82.84.137:34994] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.noshsf.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.noshsf.com"] [uri "/"] [unique_id "aiHiNuj97-3-tGqkNZ3_nQAAABA"], referer: http://www.noshsf.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 11:39:27 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 07:39:20.857376 2026] [security2:error] [pid 1596:tid 1596] [client 120.82.84.137:33329] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|aupapierjaponais.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "aupapierjaponais.com"] [uri "/index.php"] [unique_id "aiFj6C3Lkf7HD2MDyQzq-wAAAAE"], referer: http://aupapierjaponais.com/index.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 19:11:33 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:11:27.767936 2026] [security2:error] [pid 19891:tid 19902] [client 120.82.84.137:34654] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|mdbscommercialcleaning.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mdbscommercialcleaning.com"] [uri "/"] [unique_id "ah3ZX9yys4bbyWn1TPoVjQAAAIk"], referer: http://mdbscommercialcleaning.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-05-06 23:55:11 (1 month ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.82.84.137 2026-05- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.82.84.137 2026-05-06 04:33:45 /portal.html show less	Web App Attack
🇨🇳 ThreatBook.io	2026-05-06 00:20:50 (1 month ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.82.84.137 2026-05- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/120.82.84.137 2026-05-05 11:33:28 / show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 18:55:05 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 14:54:56.592535 2026] [security2:error] [pid 345:tid 371] [client 120.82.84.137:8904] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.exede-sales.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.exede-sales.com"] [uri "/index.html"] [unique_id "ae5fgIYnx732058skIqw_QAAAVc"], referer: http://www.exede-sales.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 21:38:14 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 120.82.84.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 17:38:10.284290 2026] [security2:error] [pid 693:tid 693] [client 120.82.84.137:8194] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.thehomedaleinn.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.thehomedaleinn.com"] [uri "/"] [unique_id "aeqRQqxxZZAqXqvEUfwSxwAAAAY"], referer: http://www.thehomedaleinn.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-11-25 23:37:56 (7 months ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.84.137 2025-11 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/120.82.84.137 2025-11-25 22:43:18 / 2025-11-25 09:52:44 /config.json show less	Web App Attack
🇨🇳 ThreatBook.io	2025-09-05 23:16:38 (9 months ago)	ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/120.82.84.137 2025 ... show more ThreatBook Intelligence: Scanner,Gateway more details on https://threatbook.io/ip/120.82.84.137 2025-09-05 08:07:27 / 2025-09-05 02:37:18 / show less	Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 122.187.229.160

🇭🇰 118.193.32.119

🇷🇺 62.16.41.154

🇩🇴 38.147.152.2

🇳🇱 193.39.208.26

🇺🇾 186.52.146.99

🇩🇪 167.94.146.73

🇺🇸 162.216.149.54

🇭🇰 152.32.214.226

🇺🇸 135.119.89.57

🇰🇷 121.131.220.152

🇨🇳 116.228.233.93

🇳🇱 20.16.180.61

🇦🇷 186.158.183.66

🇧🇷 177.221.185.48

🇺🇸 162.216.150.133

🇨🇦 149.248.54.194

🇨🇳 117.176.106.182

🇷🇺 88.84.209.146

🇸🇬 47.128.61.241