JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.97.1.34

212.97.1.34 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 27%: ?

27%

ISP	OJSC Kyrgyztelecom
Usage Type	Fixed Line ISP
ASN	AS12997
Hostname(s)	212-97-1-34.pppoe.ktnet.kg
Domain Name	kt.kg
Country	🇰🇬 Kyrgyzstan
City	Karakol, Issyk-Kul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.97.1.34

Whois 212.97.1.34

IP Abuse Reports for 212.97.1.34:

This IP address has been reported a total of 25 times from 16 distinct sources. 212.97.1.34 was first reported on June 1st 2023, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 soverin	2026-06-17 08:46:05 (20 hours ago)	spam	Email Spam
🇳🇱 soverin	2026-06-05 14:58:27 (1 week ago)	spam	Email Spam
Anonymous	2026-05-16 13:52:35 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-16 13:42:24 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
Anonymous	2026-05-16 13:37:17 (1 month ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇫🇷 security.rdmc.fr	2026-05-16 07:37:57 (1 month ago)	Port Scan Attack proto:TCP src:28847 dst:23	Port Scan
🇳🇴 Fredrik_2015	2026-05-13 17:22:29 (1 month ago)	Tries for open relay	Hacking Brute-Force
🇨🇭 Origon	2026-05-13 10:31:59 (1 month ago)	NOQUEUE - IP: 212.97.1.34 - May 13 12:31:59 plesk postfix/smtpd[1878291]: NOQUEUE: reject: RCPT fro ... show more NOQUEUE - IP: 212.97.1.34 - May 13 12:31:59 plesk postfix/smtpd[1878291]: NOQUEUE: reject: RCPT from unknown[212.97.1.34]: 554 5.7.1 Service unavailable; Client host [212.97.1.34] blocked using dnsbl-2.uceprotect.net; Net 212.97.0.0/20 is UCEPROTECT-Level2 listed because 59 impacts are seen from KTNET, KG/AS12997 there. See: http://www.uceprotect.net/rblcheck.php?ipr=212.97.1.34 / Net 212.97.0.0/19 is UCEPROTECT-Level2 listed because 59 impacts are seen from KTNET, KG/AS12997 there. See: http://www.uceprotect.net/rblcheck.php?ipr=212.97.1.34; from=<REDACTED@REDACTED> to=<REDACTED@REDACTED> proto=ESMTP helo=<[212.97.1.34]> show less	Email Spam
🇺🇸 TPI-Abuse	2026-02-13 11:14:11 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 212.97.1.34 (212-97-1-34.pppoe.ktnet.kg): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 212.97.1.34 (212-97-1-34.pppoe.ktnet.kg): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 06:14:05.166121 2026] [security2:error] [pid 7199:tid 7296] [client 212.97.1.34:20150] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mcismanila.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mcismanila.com"] [uri "/saemed.com"] [unique_id "aY8HfaD2klrFGs5qcSYhAgAAAEs"], referer: https://www.mcismanila.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-01-18 02:07:36 (5 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/212.97.1.34	SSH
🇺🇸 octageeks.com	2025-09-24 04:06:40 (8 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
Anonymous	2025-01-10 04:03:46 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇦🇺 Block Rockin' Beats	2025-01-08 09:55:04 (1 year ago)	Attempted connection to TCP port 21	Port Scan
🇷🇸 Smel	2024-11-26 05:00:15 (1 year ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2024-11-22 04:50:18 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2600:1f14:1285:4501:5973:25fc:5b18:84cf

🇧🇪 198.235.24.165

🇪🇨 186.43.219.97

🇭🇰 156.238.232.64

🇺🇸 143.198.173.25

🇫🇷 75.119.146.252

🇫🇷 62.210.142.21

🇧🇿 45.227.254.154

🇳🇱 45.142.193.70

🇺🇸 40.124.186.155

🇺🇸 20.168.121.167

🇭🇰 220.246.42.222

🇵🇾 181.94.227.32

🇩🇪 167.71.54.24

🇺🇸 162.216.150.171

🇺🇸 162.216.150.55

🇺🇸 156.238.224.43

🇮🇳 154.84.216.147

🇲🇴 125.31.2.160

🇮🇳 117.193.225.14