JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.97.212.66

122.97.212.66 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 3%: ?

ISP	China Unicom Jiangsu province network
Usage Type	Mobile ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.97.212.66

Whois 122.97.212.66

IP Abuse Reports for 122.97.212.66:

This IP address has been reported a total of 35 times from 16 distinct sources. 122.97.212.66 was first reported on April 28th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 iamxorum	2026-06-15 08:44:27 (4 hours ago)	2026-06-15T08:44:26.677671+00:00 XRM-01 kernel: [TELNET-TRAP] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2: ... show more 2026-06-15T08:44:26.677671+00:00 XRM-01 kernel: [TELNET-TRAP] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=122.97.212.66 DST=46.62.222.43 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=28566 DF PROTO=TCP SPT=64899 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 ... show less	Port Scan IoT Targeted
🇫🇷 security.rdmc.fr	2026-04-02 01:26:57 (2 months ago)	Port Scan Attack proto:TCP src:6021 dst:23	Port Scan
🇺🇸 TPI-Abuse	2026-01-31 19:33:11 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 122.97.212.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 122.97.212.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 14:33:07.889400 2026] [security2:error] [pid 2048:tid 2048] [client 122.97.212.66:15208] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.aaronnosan.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.aaronnosan.com"] [uri "/"] [unique_id "aX5Y80v8rKk1fbdjzZYOgQAAAAo"], referer: http://www.aaronnosan.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-01-17 23:52:13 (4 months ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/122.97.212.66	SSH
🇷🇸 Scan	2025-12-27 00:34:04 (5 months ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2025-12-15 20:00:42 (5 months ago)	Unauthorized connection to Telnet port 23	Port Scan
🇩🇪 KPS	2025-11-25 15:51:56 (6 months ago)	PortscanM	Port Scan
🇫🇷 security.rdmc.fr	2025-11-24 22:52:09 (6 months ago)	Port Scan Attack proto:TCP src:40552 dst:23	Port Scan
🇹🇷 rtbh.com.tr	2025-11-24 20:10:06 (6 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇩🇪 guldkage	2025-11-17 22:53:14 (6 months ago)	Unauthorized connection attempt detected from IP address 122.97.212.66 to port 23 (ger-03) [f]	Brute-Force Exploited Host
🇹🇷 rtbh.com.tr	2025-11-06 12:09:45 (7 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇨🇿 Countryman	2025-11-05 10:45:35 (7 months ago)	repeated unauthorized connection attempts, host sweep, port 23	Hacking Brute-Force
🇨🇿 Countryman	2025-11-05 10:45:35 (7 months ago)	repeated unauthorized connection attempts, host sweep, port 23	Hacking Brute-Force
🇩🇪 guldkage	2025-10-18 17:46:26 (7 months ago)	Unauthorized connection attempt detected from IP address 122.97.212.66 to port 23 (ger-01) [TELNET]	Exploited Host
🇺🇸 RAP	2025-10-08 22:27:57 (8 months ago)	2025-10-08 22:27:57 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 91.225.162.70

🇳🇱 77.83.39.14

🇺🇸 20.169.83.190

🇫🇷 2a02:c207:2302:6309::1

🇬🇧 198.244.226.54

🇳🇱 45.148.10.141

🇳🇱 34.34.24.223

🇺🇸 18.221.179.104

🇪🇸 196.196.150.4

🇺🇸 172.234.218.87

🇮🇳 128.185.226.14

🇰🇷 116.125.120.27

🇮🇳 103.51.139.21

🇺🇸 34.26.147.120

🇯🇵 20.153.204.5

🇧🇷 187.103.87.20

🇳🇱 172.94.9.157

🇨🇳 120.48.104.37

🇫🇮 94.159.112.56

🇺🇸 91.230.168.124