JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.51.94.205

122.51.94.205 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 83%: ?

83%

ISP	Tencent cloud computing (Beijing) Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45090
Domain Name	tencentcloud.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.51.94.205

Whois 122.51.94.205

IP Abuse Reports for 122.51.94.205:

This IP address has been reported a total of 26 times from 19 distinct sources. 122.51.94.205 was first reported on June 6th 2026, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-16 03:09:03 (21 hours ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /de ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /device.rsp?opt=user&cmd=list HTTP/1.1" 404 414 show less	Bad Web Bot
🇹🇼 ip4.tw	2026-06-15 18:55:02 (1 day ago)	Malicious web scan	Hacking Web App Attack
🇫🇷 pm33	2026-06-15 06:44:58 (1 day ago)	Unauthorized connections HTTP 403	Web App Attack
🇧🇷 Peregrine	2026-06-15 03:08:58 (1 day ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /de ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /device.rsp?opt=user&cmd=list HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-14 03:08:51 (2 days ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /de ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /device.rsp?opt=user&cmd=list HTTP/1.1" 404 414 show less	Bad Web Bot
🇳🇱 soverin	2026-06-14 02:28:59 (2 days ago)	Network scan on port 80	Email Spam
🇩🇪 Kreisausschuss des Odenwaldkreises	2026-06-13 21:18:56 (3 days ago)	HAProxy NOSRV or BADREQ	Web App Attack
🇦🇹 Starburst SysOp Team	2026-06-13 05:19:14 (3 days ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-vie6-1)	Hacking Bad Web Bot
🇹🇼 tyetriiix	2026-06-12 18:44:40 (4 days ago)	Wazuh Alert Evidence: 122.51.94.205 - - [12/Jun/2026:18:44:37 +0000] "GET /login.rsp HTTP/1.1" 404 5 ... show more Wazuh Alert Evidence: 122.51.94.205 - - [12/Jun/2026:18:44:37 +0000] "GET /login.rsp HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4" "-" Origin: "-" CORS_Header: "-" Sent_allow_origin: "-" show less	Web App Attack
🇺🇸 kosada.com	2026-06-12 14:16:14 (4 days ago)	Web vulnerability probing: /image/lgbg.jpg (bogus vhost/SNI)	Web App Attack
🇧🇷 Peregrine	2026-06-12 05:38:38 (4 days ago)	Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /de ... show more Fail2Ban Jail: tomcat-honeypot \| Evidence: - 122.51.94.205 - - [12/Jun/2026:02:38:28 -0300] "GET /device.rsp?opt=user&cmd=list HTTP/1.1" 404 414 show less	Bad Web Bot
🇳🇿 Antinson	2026-06-11 19:03:10 (5 days ago)	High error rate and elevated request volume targeting cPanel servers	Bad Web Bot
🇭🇰 Harold Wong	2026-06-11 18:18:33 (5 days ago)	$f2bV_matches	Brute-Force
🇺🇸 itsnixk	2026-06-10 15:22:27 (6 days ago)	(mod_security) mod_security (id:920350) triggered by 122.51.94.205 (CN/China/-): 1 in the last 3600 ... show more (mod_security) mod_security (id:920350) triggered by 122.51.94.205 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 10 11:22:23.852341 2026] [security2:error] [pid 155213:tid 155313] [client 122.51.94.205:56974] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "aimBLy5CI_l3yoESktuTxwAAACE"] show less	Port Scan
🇺🇸 ne1for23	2026-06-10 00:57:38 (6 days ago)	Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 122.51.94.205 - - [10/Jun/2026:00:57:37 +0000] "GET / HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2b1) Gecko/20091014 Firefox/3.6b1 GTB5" "-" show less	Hacking

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:c84::20

🇨🇳 222.223.62.8

🇨🇳 203.189.219.195

🇹🇳 196.239.48.50

🇲🇽 187.191.48.4

🇧🇷 187.17.224.139

🇳🇱 185.226.197.29

🇺🇸 172.171.241.192

🇳🇱 172.71.182.158

🇳🇱 172.71.103.208

🇳🇱 172.71.95.97

🇳🇱 172.70.47.121

🇨🇦 142.93.153.123

🇰🇷 112.216.129.27

🇳🇱 104.23.170.64

🇷🇴 94.156.152.234

🇵🇰 72.255.18.210

🇮🇶 65.20.211.96

🇺🇸 52.159.229.48

🇳🇱 45.156.128.45