JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.24.16.20

1.24.16.20 was found in our database!

This IP was reported 385 times. Confidence of Abuse is 66%: ?

66%

ISP	China unicom InnerMongolia province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Hohhot, Inner Mongolia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.24.16.20

Whois 1.24.16.20

IP Abuse Reports for 1.24.16.20:

This IP address has been reported a total of 385 times from 97 distinct sources. 1.24.16.20 was first reported on January 10th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-08 12:45:37 (1 hour ago)	Honeypot hit: HTTP/1.1 request on 49668 GET / Accept: /; 49668 [1] TCP Reported by: https://githu ... show more Honeypot hit: HTTP/1.1 request on 49668 GET / Accept: /; 49668 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-06-07 23:54:54 (14 hours ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇬🇧 PeravixGroup	2026-06-06 17:29:13 (1 day ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-06 13:37:28 (2 days ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-06-05 04:22:12 (3 days ago)	tcp/1432 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-31 14:28:46 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 17:04:53 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇵🇱 sefinek.net	2026-05-28 09:03:34 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 5570 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 5570 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-05-28 08:30:33 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-28 01:45:07 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 02:15:35 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇨🇭 4server	2026-05-26 22:28:50 (1 week ago)	[WedMay2700:28:26.6471682026][security2:error][pid3987134:tid3987402][client1.24.16.20:0]ModSecurity ... show more [WedMay2700:28:26.6471682026][security2:error][pid3987134:tid3987402][client1.24.16.20:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"4host.biz\"][uri\"/theme/default/assets/umi.js\"][unique_id\"ahYeik9H0jI8Kl1VdayGRQAAARc\"] show less	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-05-24 12:46:20 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇺🇸 MPL	2026-05-23 12:21:57 (2 weeks ago)	tcp/7687	Port Scan
🇺🇸 MPL	2026-05-22 19:28:44 (2 weeks ago)	tcp/9200 (2 or more attempts)	Port Scan

Showing 1 to 15 of 385 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 167.99.118.66

🇨🇳 125.40.92.234

🇨🇳 112.46.212.96

🇮🇩 103.236.190.229

🇺🇸 74.125.80.21

🇫🇷 62.210.38.102

🇲🇱 41.73.107.213

🇨🇳 27.215.84.8

🇨🇦 216.251.35.204

🇺🇸 185.191.171.8

🇰🇷 182.31.208.63

🇧🇷 179.96.179.92

🇺🇸 165.154.135.200

🇨🇦 148.170.156.248

🇻🇳 113.181.239.120

🇺🇸 113.20.0.58

🇷🇴 92.118.39.62

🇺🇸 50.187.96.100

🇩🇪 47.254.158.67

🇨🇳 42.239.152.157