JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.97.136.70

122.97.136.70 was found in our database!

This IP was reported 103 times. Confidence of Abuse is 19%: ?

19%

ISP	China Unicom Jiangsu province network
Usage Type	Mobile ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Yangzhou, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.97.136.70

Whois 122.97.136.70

IP Abuse Reports for 122.97.136.70:

This IP address has been reported a total of 103 times from 42 distinct sources. 122.97.136.70 was first reported on June 6th 2024, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 20:19:46 (21 hours ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:19:40.713375 2026] [security2:error] [pid 28885:tid 28885] [client 122.97.136.70:59957] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|al-hafeeztrust.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "al-hafeeztrust.net"] [uri "/"] [unique_id "akGB3DEgkK8Qc-n2qMZZUAAAABQ"], referer: http://al-hafeeztrust.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 21:24:11 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:24:04.096646 2026] [security2:error] [pid 26381:tid 26381] [client 122.97.136.70:39425] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.simonharvey.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.simonharvey.com"] [uri "/"] [unique_id "ajMQdGyf8OXf5PGHyM84FQAAAAw"], referer: http://www.simonharvey.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 19:02:42 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 15:02:37.555467 2026] [security2:error] [pid 14875:tid 14875] [client 122.97.136.70:53406] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|edscontracting.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "edscontracting.com"] [uri "/403.html"] [unique_id "aiMdTfCO4zCEi-pn75ndYgAAAAE"], referer: http://edscontracting.com/403.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cybsecaoccol	2026-06-01 23:11:10 (3 weeks ago)	multiple malicious connection attempts on tcp port 23 - dr	DDoS Attack Port Scan Hacking Brute-Force
🇺🇸 MPL	2026-06-01 19:10:23 (3 weeks ago)	tcp/23 (2 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-05-30 02:49:18 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 22:49:11.098651 2026] [security2:error] [pid 9802:tid 9802] [client 122.97.136.70:27479] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.adn-media.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.adn-media.net"] [uri "/"] [unique_id "ahpQJ9SQcLtn6HonBnaCUgAAAAw"], referer: http://www.adn-media.net/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 20:28:27 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 16:28:21.882598 2026] [security2:error] [pid 10430:tid 10430] [client 122.97.136.70:53432] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.csme-eprr.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.csme-eprr.com"] [uri "/"] [unique_id "agONZZbUxObimAm3Kv0FZAAAAAg"], referer: http://www.csme-eprr.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇱 spd.co.il	2026-03-29 23:01:48 (2 months ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇺🇸 TPI-Abuse	2026-03-21 23:58:43 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 19:58:34.582780 2026] [security2:error] [pid 11294:tid 11319] [client 122.97.136.70:17013] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.secdc.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.secdc.org"] [uri "/index.html"] [unique_id "ab8wqmA14FFq6jFxw22iYgAAAAs"], referer: http://www.secdc.org/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-02 05:13:03 (3 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 TPI-Abuse	2026-02-28 02:11:32 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 21:11:26.817254 2026] [security2:error] [pid 9006:tid 9078] [client 122.97.136.70:23965] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.lavotel.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.lavotel.com"] [uri "/index.php"] [unique_id "aaJOzukUKsbj_QTL2mLTXQAAAhg"], referer: http://www.lavotel.com/index.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 21:29:04 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 16:28:58.550795 2026] [security2:error] [pid 1022:tid 1022] [client 122.97.136.70:21909] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|valkyriepanthers.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "valkyriepanthers.com"] [uri "/"] [unique_id "aYO6GoUwxiVhQx34_TNwyAAAAAE"], referer: http://valkyriepanthers.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 20:17:08 (5 months ago)	(mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.136.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 15:17:02.992697 2026] [security2:error] [pid 1797981:tid 1797981] [client 122.97.136.70:33608] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.tobyscott.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.tobyscott.com"] [uri "/"] [unique_id "aXfLvhr4WD5fJO-2gSQPqAAAAA4"], referer: http://www.tobyscott.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2025-10-28 03:38:12 (8 months ago)	2025-10-28 03:38:12 UTC Unauthorized activity to TCP port 2323. Telnet	Port Scan
🇹🇼 kk_it_man	2025-10-25 20:40:02 (8 months ago)	honey catch	Port Scan

Showing 1 to 15 of 103 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.21

🇲🇾 115.133.243.123

🇺🇸 65.49.1.204

🇮🇩 36.66.16.233

🇳🇱 31.14.32.6

🇲🇽 201.149.53.243

🇺🇸 191.101.33.225

🇧🇷 186.200.104.66

🇺🇸 184.105.139.112

🇸🇬 167.172.93.203

🇫🇷 144.24.207.211

🇲🇾 115.132.180.66

🇧🇩 114.130.157.118

🇦🇺 114.72.136.141

🇺🇸 108.24.186.105

🇳🇱 91.92.40.35

🇳🇱 45.148.10.239

🇸🇬 43.156.92.183

🇺🇸 199.127.63.58

🇺🇸 172.212.190.89