JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.97.138.137

122.97.138.137 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 22%: ?

22%

ISP	China Unicom Jiangsu province network
Usage Type	Mobile ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Yangzhou, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.97.138.137

Whois 122.97.138.137

IP Abuse Reports for 122.97.138.137:

This IP address has been reported a total of 123 times from 45 distinct sources. 122.97.138.137 was first reported on May 21st 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 security.rdmc.fr	2026-06-16 12:31:35 (1 week ago)	Port Scan Attack proto:TCP src:38099 dst:23	Port Scan
🇬🇧 PeravixGroup	2026-06-06 23:31:23 (3 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 cybsecaoccol	2026-06-01 07:38:20 (3 weeks ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
🇺🇸 MPL	2026-05-31 14:53:38 (3 weeks ago)	tcp/23	Port Scan
🇦🇹 urnilxfgbez	2025-12-07 23:45:00 (6 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2025-09-24 04:38:39 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 24 00:38:30.379878 2025] [security2:error] [pid 11276:tid 11276] [client 122.97.138.137:26616] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/people/100877/game/147846/"] [unique_id "aNN1xtr2BPDRHOEJD1ePcQAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 02:00:25 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 21 22:00:16.263533 2025] [security2:error] [pid 28032:tid 28032] [client 122.97.138.137:20572] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/2336/game/100280/"] [unique_id "aNCtsJMMfHFR0vP23nEEFgAAAAE"], referer: https://www.renju.net/tournament/2336/game/100280 show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-19 21:16:03 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 19 17:15:59.225253 2025] [security2:error] [pid 32553:tid 32553] [client 122.97.138.137:55079] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/213/game/90512/"] [unique_id "aM3ID3YYIh8NZnmAtpGLEwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-11 17:49:18 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 122.97.138.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 13:49:14.920466 2025] [security2:error] [pid 19607:tid 19607] [client 122.97.138.137:11028] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/game/100272"] [unique_id "aMMLmllysfDtji4wEQRpZAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-12 11:42:43 (10 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-08-02 15:40:49 (10 months ago)	Infected user bad webscan	Exploited Host
🇨🇳 ThreatBook.io	2025-07-17 00:37:38 (11 months ago)	ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/122.97.138.137	SSH
🇨🇳 ThreatBook.io	2025-07-15 01:11:48 (11 months ago)	ThreatBook Intelligence: Mobile more details on http://threatbook.io/ip/122.97.138.137	SSH
🇹🇷 rtbh.com.tr	2025-07-14 04:07:43 (11 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇦🇹 urnilxfgbez	2025-06-20 22:45:00 (1 year ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.167.75.86

🇺🇸 204.44.102.119

🇺🇸 198.23.249.85

🇲🇿 197.219.208.58

🇲🇽 186.96.151.198

🇺🇸 173.255.223.115

🇺🇸 162.216.149.39

🇺🇸 137.184.25.41

🇦🇹 109.70.100.1

🇮🇳 103.252.168.4

🇧🇬 79.124.56.146

🇯🇵 20.89.107.118

🇺🇸 2607:f8b0:4001:c20::121

🇨🇷 186.26.118.246

🇺🇸 162.216.150.57

🇵🇰 160.187.180.173

🇸🇪 89.253.90.113

🇺🇸 66.132.172.114

🇮🇳 49.43.241.11

🇷🇺 46.138.254.1