JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 129.122.56.101

129.122.56.101 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 49%: ?

49%

ISP	Kwame Nkrumah University of Science and Technology
Usage Type	University/College/School
ASN	AS327947
Domain Name	knust.edu.gh
Country	🇬🇭 Ghana
City	Kumasi, Ashanti

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 129.122.56.101

Whois 129.122.56.101

IP Abuse Reports for 129.122.56.101:

This IP address has been reported a total of 74 times from 41 distinct sources. 129.122.56.101 was first reported on March 2nd 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-09 19:52:59 (2 weeks ago)	ICS Labs identified 129.122.56.101 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
Anonymous	2026-06-07 20:15:21 (2 weeks ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 integrantservices.com	2026-06-05 17:12:26 (3 weeks ago)	(wordpress) Failed wordpress login from 129.122.56.101 (GH/Ghana/-)	Brute-Force
🇨🇭 4server	2026-06-04 22:48:20 (3 weeks ago)	[FriJun0500:48:14.3907892026][security2:error][pid2146796:tid2146948][client129.122.56.101:0]ModSecu ... show more [FriJun0500:48:14.3907892026][security2:error][pid2146796:tid2146948][client129.122.56.101:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"mondialtrade.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiIArj1ZxnlT8w4H0bqyOAAAABc\"] show less	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-04 22:30:51 (3 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-02 20:20:21 (3 weeks ago)	[redacted] 129.122.56.101 - - [02/Jun/2026:22:18:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 129.122.56.101 - - [02/Jun/2026:22:18:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/97.0.0.0 Safari/537.36" [redacted] 129.122.56.101 - - [02/Jun/2026:22:19:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/86.0.0.0 Safari/537.36" [redacted] 129.122.56.101 - - [02/Jun/2026:22:19:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [redacted] 129.122.56.101 - - [02/Jun/2026:22:20:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/71.0.0.0 Safari/537.36" [redacted] 129.122.56.101 - - [02/Jun/2026:22:20:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.3; x ... show less	Hacking Web App Attack
🇩🇪 stinpriza	2026-06-02 16:08:22 (3 weeks ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 19:17:25 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 129.122.56.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 129.122.56.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:17:21.421080 2026] [security2:error] [pid 31935:tid 31935] [client 129.122.56.101:53909] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aroilcontrolsystem.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aroilcontrolsystem.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah3awbErMAulyCYAzLiUYwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 rsiddall	2026-05-31 17:45:13 (3 weeks ago)	129.122.56.101 - - [31/May/2026:13:45:12 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5. ... show more 129.122.56.101 - - [31/May/2026:13:45:12 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/96.0.0.0 Safari/537.36" 129.122.56.101 - - [31/May/2026:13:45:12 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/15.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 xserverx.ru	2026-05-31 13:04:05 (3 weeks ago)	Honeypot triggered: IP: 129.122.56.101 Request to: https://xserverx.ru/xmlrpc.php Method: POST Host: ... show more Honeypot triggered: IP: 129.122.56.101 Request to: https://xserverx.ru/xmlrpc.php Method: POST Host: xserverx.ru User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/75.0.0.0 Safari/537.36 Referer: Direct Country: GH ASN: Unknown Triggered rules: /xmlrpc\.php, \.php, (<methodCall>\|<methodName>\|<params>) Timestamp: 2026-05-31T13:04:05.660Z show less	Hacking Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-05-30 17:59:57 (3 weeks ago)	[redacted] 129.122.56.101 - - [30/May/2026:18:59:35 +0100] "POST /[redacted] HTTP/1.1" 405 4877 0/18 ... show more [redacted] 129.122.56.101 - - [30/May/2026:18:59:35 +0100] "POST /[redacted] HTTP/1.1" 405 4877 0/180456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/74.0.0.0 Safari/537.36" [redacted] 129.122.56.101 - - [30/May/2026:18:59:56 +0100] "POST /[redacted] HTTP/1.1" 405 4877 0/141981 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/15.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 21:17:12 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 129.122.56.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 129.122.56.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 17:17:06.006433 2026] [security2:error] [pid 19261:tid 19261] [client 129.122.56.101:49582] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|takeapawsboston.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "takeapawsboston.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahoCUjuzc15zpyzFBFhb4wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-05-29 07:23:30 (4 weeks ago)	Web App Attack	Web App Attack
🇩🇪 big-cloud.nl	2026-05-26 11:48:18 (1 month ago)	Try to access /xmlrpc.php	Web App Attack
🇳🇱 ipoac.nl	2026-05-26 11:40:28 (1 month ago)	-:443 129.122.56.101 - - [26/May/2026:13:40:27 +0200] - "POST /xmlrpc.php HTTP/1.1" 404 6420 "-" "Mo ... show more -:443 129.122.56.101 - - [26/May/2026:13:40:27 +0200] - "POST /xmlrpc.php HTTP/1.1" 404 6420 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/81.0.0.0 Safari/537.36" show less	Bad Web Bot

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.223.235.40

🇺🇸 162.216.150.124

🇩🇪 64.226.71.148

🇨🇦 185.98.171.78

🇨🇳 117.139.165.132

🇦🇺 92.113.139.172

🇺🇸 92.71.34.162

🇧🇬 84.242.142.194

🇫🇷 46.202.79.176

🇨🇳 223.68.7.235

🇨🇳 221.10.187.253

🇰🇷 211.187.7.14

🇺🇸 191.102.159.95

🇭🇰 168.76.131.178

🇺🇸 147.185.132.24

🇨🇳 113.220.115.113

🇨🇳 101.76.248.214

🇳🇱 45.148.10.141

🇪🇸 212.64.172.182

🇧🇷 190.89.137.38