JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.28.197.130

120.28.197.130 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 13%: ?

13%

ISP	GBB VISAYAS
Usage Type	Fixed Line ISP
ASN	AS132199
Domain Name	globe.com.ph
Country	🇵🇭 Philippines
City	Tacurong, Soccsksargen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.28.197.130

Whois 120.28.197.130

IP Abuse Reports for 120.28.197.130:

This IP address has been reported a total of 26 times from 21 distinct sources. 120.28.197.130 was first reported on October 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 1175168a-7e6d-467e-bb9a-dd1cdfa3fb9e	DDoS Attack
🇨🇦 leithzz	2026-05-21 10:44:30 (1 month ago)	Report by Cloudflare.Time: 2026-05-21T10:43:54Z	DDoS Attack
🇩🇪 pltcldvlpr	2026-05-10 05:40:02 (1 month ago)	Unidentified crawler ignoring robots.txt: 120.28.197.130 - - [10/May/2026:07:39:30 +0200] "GET /prot ... show more Unidentified crawler ignoring robots.txt: 120.28.197.130 - - [10/May/2026:07:39:30 +0200] "GET /protocol?id=sh_17_61&offset=0&seq=36/ HTTP/1.1" 200 344705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36" asn=132199 org="Globe Telecom Inc." 120.28.197.130 - - [10/May/2026:07:39:58 +0200] "GET /protocol?id=hb_18_81&paragraph=4247864&seq=1135 HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" asn=132199 org="Globe Telecom Inc." ... show less	Bad Web Bot
🇳🇱 maxxsense	2026-04-09 06:23:34 (2 months ago)	120.28.197.130 (PH/Philippines/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
Anonymous	2026-03-31 15:02:03 (2 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇨🇭 backslash	2026-03-02 14:27:03 (3 months ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇨🇭 Modules	2025-12-14 04:04:38 (6 months ago)	Open proxy http://120.28.197.130:8080 (RT:8111ms,Loc:Philippines,ASN:AS132199)	Open Proxy
🇦🇺 GreyWatch - Honeypot Intelligence	2025-11-08 15:26:31 (7 months ago)	ASN: 132199 (GLOBE-MOBILE-5TH-GEN-AS Globe Telecom Inc.) Botnet Zombie: This IP has been detected as ... show more ASN: 132199 (GLOBE-MOBILE-5TH-GEN-AS Globe Telecom Inc.) Botnet Zombie: This IP has been detected as a botnet zombie \| Outbound DDoS attack source \| Malicious show less	DDoS Attack Bad Web Bot
🇺🇸 SuperEvilLuke	2025-11-04 21:44:11 (7 months ago)	Malicious activity detected from 132199 GLOBE-MOBILE-5TH-GEN-AS Globe Telecom Inc. towards host dash ... show more Malicious activity detected from 132199 GLOBE-MOBILE-5TH-GEN-AS Globe Telecom Inc. towards host dash.embotic.xyz (GET HTTP/2) @ 2025-11-04T21:44:11Z (5 occurrences) show less	DDoS Attack Exploited Host
🇸🇬 Vano Ganzzz	2025-10-11 03:27:19 (8 months ago)	Triggered Cloudflare WAF (l7ddos) from PH. Action taken: BLOCK ASN: 132199 (GLOBE-MOBILE-5TH-GEN-AS ... show more Triggered Cloudflare WAF (l7ddos) from PH. Action taken: BLOCK ASN: 132199 (GLOBE-MOBILE-5TH-GEN-AS Globe Telecom Inc.) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2025-10-11T03:27:19Z Ray ID: 98cb42d0c911ce49 UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_16_0) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇩🇪 1gz	2025-09-29 21:52:30 (8 months ago)	Triggered Cloudflare WAF (l7ddos) from PH. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoin ... show more Triggered Cloudflare WAF (l7ddos) from PH. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Sprint; SCH-i830; PPC; 240x320) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇪🇸 cuscusero (FlexBacks, FlexChar, FlexAve, FlexCDNM, FlexTudy, ColdHosting SL)	2025-09-10 12:48:01 (9 months ago)	[CPD ESP-BCN02-FW11-394] Suspicious connection detected on port 443 LAYER-7. DDoS detected	DDoS Attack Port Scan Brute-Force
🇩🇪 CommanderRoot	2025-08-30 18:34:02 (9 months ago)	HTTP request flood	DDoS Attack Web Spam
Anonymous	2025-08-17 14:25:17 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403	Brute-Force SSH
🇩🇪 Bedios GmbH	2025-08-17 07:53:05 (10 months ago)	Wordpress hacking attempt	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 216.26.249.22

🇨🇳 182.32.144.59

🇵🇭 180.190.171.117

🇰🇷 119.207.63.208

🇨🇳 116.5.128.9

🇺🇸 74.125.179.29

🇺🇸 66.132.195.27

🇻🇳 14.176.34.242

🇺🇸 2a04:c300:400::1b0

🇳🇱 192.178.118.155

🇨🇴 191.95.163.188

🇩🇪 151.243.150.222

🇺🇸 134.209.65.153

🇮🇩 103.253.245.115

🇺🇸 71.6.232.22

🇺🇸 50.116.72.139

🇳🇱 45.148.10.200

🇧🇪 34.76.70.213

🇺🇸 17.22.245.202

🇩🇪 216.26.249.114