JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.28.1.197

119.28.1.197 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	Tencent cloud computing (Beijing) Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	tencent.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.28.1.197

Whois 119.28.1.197

IP Abuse Reports for 119.28.1.197:

This IP address has been reported a total of 19 times from 13 distinct sources. 119.28.1.197 was first reported on March 11th 2021, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-28 03:29:47 (3 months ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in printer-friendly.asp show less	Exploited Host Bad Web Bot
🇳🇱 alexbfr	2026-02-27 02:25:34 (3 months ago)	Web attack/scanning directories detected via nginx \| Log: 119.28.1.197 - - [27/Feb/2026:03:24:39 +01 ... show more Web attack/scanning directories detected via nginx \| Log: 119.28.1.197 - - [27/Feb/2026:03:24:39 +0100] "GET /robots.txt HTTP/2.0" 404 11112 "https://alex.int.yt/robots.txt" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇬🇧 adnscom.net	2026-02-26 02:33:37 (3 months ago)	IPS trigger: Brute force WebApp/CMS scanning/attack	Brute-Force Web App Attack
🇮🇳 Parth Maniar	2021-03-13 01:20:19 (5 years ago)	SSH bruteforce login attempts.	Brute-Force SSH
Anonymous	2021-03-12 13:21:05 (5 years ago)	119.28.1.197 (HK/Hong Kong/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; P ... show more 119.28.1.197 (HK/Hong Kong/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Mar 12 13:17:44 server4 sshd[30378]: Failed password for root from 119.28.1.197 port 50326 ssh2 Mar 12 13:17:05 server4 sshd[29995]: Failed password for root from 162.243.136.58 port 45102 ssh2 Mar 12 12:44:36 server4 sshd[12380]: Failed password for root from 138.197.178.85 port 38554 ssh2 Mar 12 13:21:00 server4 sshd[32132]: Failed password for root from 98.202.75.42 port 56612 ssh2 Mar 12 13:17:42 server4 sshd[30378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.1.197 user=root Mar 12 13:17:02 server4 sshd[29995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.136.58 user=root IP Addresses Blocked: show less	Brute-Force
🇺🇸 trentwiles.com	2021-03-12 02:13:02 (5 years ago)	Unauthorized connection attempt detected from IP address 119.28.1.197 to port 22 [g]	Brute-Force SSH
🇩🇪 nextweb	2021-03-12 02:03:30 (5 years ago)	(sshd) Failed SSH login from 119.28.1.197 (HK/Hong Kong/Central and Western District/Central/-/[AS13 ... show more (sshd) Failed SSH login from 119.28.1.197 (HK/Hong Kong/Central and Western District/Central/-/[AS132203 Tencent Building, Kejizhongyi Avenue]): 2 in the last 3600 secs show less	Brute-Force SSH
🇺🇸 amit177	2021-03-12 00:29:39 (5 years ago)		Brute-Force SSH
🇩🇪 sglorch.de	2021-03-11 19:27:44 (5 years ago)	2021-03-12T01:27:40.379905Z [cowrie.ssh.factory.CowrieSSHFactory] New connection: 119.28.1.197:54246 ... show more 2021-03-12T01:27:40.379905Z [cowrie.ssh.factory.CowrieSSHFactory] New connection: 119.28.1.197:54246 (173.249.29.137:2222) [session: 5485fc31f01c] 2021-03-12T01:27:43.177174Z [cowrie.ssh.factory.CowrieSSHFactory] New connection: 119.28.1.197:54688 (173.249.29.137:2222) [session: d05b8cd01e12] ... show less	Brute-Force
Anonymous	2021-03-11 17:40:30 (5 years ago)	(sshd) Failed SSH login from 119.28.1.197 (HK/Hong Kong/Central and Western/Hong Kong/-): 5 in the l ... show more (sshd) Failed SSH login from 119.28.1.197 (HK/Hong Kong/Central and Western/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 11 17:34:02 atlas sshd[3761]: Invalid user oscar from 119.28.1.197 port 36924 Mar 11 17:34:04 atlas sshd[3761]: Failed password for invalid user oscar from 119.28.1.197 port 36924 ssh2 Mar 11 17:37:05 atlas sshd[4597]: Invalid user cloud from 119.28.1.197 port 40884 Mar 11 17:37:07 atlas sshd[4597]: Failed password for invalid user cloud from 119.28.1.197 port 40884 ssh2 Mar 11 17:40:14 atlas sshd[5374]: Invalid user philip from 119.28.1.197 port 44836 show less	Brute-Force
🇺🇸 serverargentina.com	2021-03-11 16:01:57 (5 years ago)	Mar 11 21:01:54 danelsonic123 sshd[21815]: Invalid user image from 119.28.1.197 port 40214 ...	Brute-Force SSH
🇺🇸 serverargentina.com	2021-03-11 13:55:18 (5 years ago)	Mar 11 18:55:18 danelsonic123 sshd[20421]: Invalid user king from 119.28.1.197 port 59940 ...	Brute-Force SSH
🇺🇸 serverargentina.com	2021-03-11 13:24:04 (5 years ago)	Mar 11 18:24:03 danelsonic123 sshd[20027]: Invalid user wy from 119.28.1.197 port 57814 ...	Brute-Force SSH
Anonymous	2021-03-11 12:29:05 (5 years ago)	Mar 11 17:25:15 s158416 sshd[1415736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e ... show more Mar 11 17:25:15 s158416 sshd[1415736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.1.197 Mar 11 17:25:15 s158416 sshd[1415736]: Invalid user cisco from 119.28.1.197 port 38174 Mar 11 17:25:16 s158416 sshd[1415736]: Failed password for invalid user cisco from 119.28.1.197 port 38174 ssh2 Mar 11 17:29:03 s158416 sshd[1417614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.1.197 user=root Mar 11 17:29:04 s158416 sshd[1417614]: Failed password for root from 119.28.1.197 port 51892 ssh2 ... show less	Brute-Force SSH
Anonymous	2021-03-11 11:35:27 (5 years ago)	Mar 11 16:31:34 s158416 sshd[1389478]: Invalid user deploy from 119.28.1.197 port 43856 Mar 11 16:31 ... show more Mar 11 16:31:34 s158416 sshd[1389478]: Invalid user deploy from 119.28.1.197 port 43856 Mar 11 16:31:34 s158416 sshd[1389478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.1.197 Mar 11 16:31:34 s158416 sshd[1389478]: Invalid user deploy from 119.28.1.197 port 43856 Mar 11 16:31:35 s158416 sshd[1389478]: Failed password for invalid user deploy from 119.28.1.197 port 43856 ssh2 Mar 11 16:35:26 s158416 sshd[1391383]: Invalid user smbuser from 119.28.1.197 port 57562 ... show less	Brute-Force SSH

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a03:4000:5c:a57:84a7:b0ff:fe9f:a67

🇿🇲 102.23.122.235

🇫🇷 2a02:c207:2297:9142::1

🇩🇪 213.209.159.236

🇲🇽 189.178.84.91

🇱🇹 185.36.81.23

🇺🇸 172.237.156.201

🇲🇾 115.135.234.221

🇨🇦 72.251.5.58

🇺🇸 47.251.62.188

🇺🇸 20.169.74.228

🇬🇧 193.163.125.57

🇯🇵 193.32.149.48

🇧🇷 187.0.238.211

🇺🇸 162.216.150.22

🇷🇴 85.122.120.118

🇱🇹 81.30.98.62

🇯🇵 45.192.241.244

🇯🇵 45.192.200.179

🇸🇬 45.78.194.242