JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.24.16.138

1.24.16.138 was found in our database!

This IP was reported 303 times. Confidence of Abuse is 56%: ?

56%

ISP	China unicom InnerMongolia province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Hohhot, Inner Mongolia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.24.16.138

Whois 1.24.16.138

IP Abuse Reports for 1.24.16.138:

This IP address has been reported a total of 303 times from 84 distinct sources. 1.24.16.138 was first reported on January 16th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-04 00:08:31 (9 hours ago)	Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aara ... show more Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aaran.cloud show less	Email Spam
🇬🇧 PeravixGroup	2026-06-03 18:40:44 (15 hours ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 02:59:36 (4 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 20:22:46 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-22 20:48:26 (1 week ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-05-22 19:21:23 (1 week ago)	Blocked by UFW (TCP on 8030) Source port: 42452 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 8030) Source port: 42452 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 1.24.16.138) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 dispaisyenterprises	2026-05-21 14:15:49 (1 week ago)	Honeypot [fra-de-honeypot]: Large payload (1457 bytes); 18014 [1] TCP Reported by DisPaisy Enterpris ... show more Honeypot [fra-de-honeypot]: Large payload (1457 bytes); 18014 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 trentwiles.com	2026-05-19 11:39:27 (2 weeks ago)	Unauthorized connection attempt detected from IP address 1.24.16.138 to port 1165 [SYD]	Port Scan
🇬🇧 PeravixGroup	2026-05-18 20:30:48 (2 weeks ago)	Honeypot detection: RTSP streaming server scanning / unauthorized access attempt on port 554. Severi ... show more Honeypot detection: RTSP streaming server scanning / unauthorized access attempt on port 554. Severity: LOW. Aaran.cloud show less	Port Scan
🇬🇧 PeravixGroup	2026-05-16 10:02:23 (2 weeks ago)	Honeypot detection: RTSP streaming server scanning / unauthorized access attempt on port 8554. Sever ... show more Honeypot detection: RTSP streaming server scanning / unauthorized access attempt on port 8554. Severity: LOW. Aaran.cloud show less	Port Scan
🇫🇮 ngonghillsbikers	2026-05-16 10:00:07 (2 weeks ago)	Date: 16/May/2026:12:08:42.022688 +0300 \| Reported IP: 1.24.16.138 mod_security \| id: 920350 950130 ... show more Date: 16/May/2026:12:08:42.022688 +0300 \| Reported IP: 1.24.16.138 mod_security \| id: 920350 950130 959100 980170 \| CN/group.my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; ; ; ; ; Warning. Pattern match; Warning. Pattern match; Warning. Unconditional match in SecAction. [file; Access denied with code 403 (phase 4). Operator GE matched 4 at TX:blocking_outbound_anomaly_score. [file show less	SQL Injection Brute-Force Bad Web Bot
🇩🇪 femboy.cat	2026-05-16 07:03:40 (2 weeks ago)	Port scan to tcp/44444 from 1.24.16.138	Brute-Force
🇬🇧 PeravixGroup	2026-05-12 23:08:36 (3 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-12 18:30:04 (3 weeks ago)	tcp/12297	Port Scan
🇺🇸 MPL	2026-05-11 11:46:25 (3 weeks ago)	tcp/9999	Port Scan

Showing 1 to 15 of 303 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 188.113.168.133

🇨🇳 182.54.23.159

🇻🇳 160.191.244.158

🇮🇪 52.169.217.131

🇳🇱 45.148.10.151

🇳🇱 45.8.17.37

🇨🇳 39.175.51.58

🇩🇪 213.209.159.235

🇺🇸 165.154.135.210

🇫🇮 147.185.133.34

🇨🇳 114.241.255.90

🇰🇷 112.216.129.27

🇧🇷 108.165.230.148

🇲🇳 103.50.205.131

🇷🇴 92.118.39.236

🇫🇷 91.231.89.169

🇦🇿 89.219.181.111

🇺🇸 45.202.240.36

🇵🇰 39.38.252.129

🇰🇷 8.230.17.158