JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.113.88.189

111.113.88.189 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 80%: ?

80%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Wuzhong, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.113.88.189

Whois 111.113.88.189

IP Abuse Reports for 111.113.88.189:

This IP address has been reported a total of 140 times from 54 distinct sources. 111.113.88.189 was first reported on January 18th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇵 radheykrishna.com.np	2026-06-18 06:31:19 (2 days ago)	Jun 18 12:16:18 kernel: [5254118.514777] [UFW BLOCK] IN=ens160 OUT= SRC=111.113.88.189 LEN=44 TOS=0x ... show more Jun 18 12:16:18 kernel: [5254118.514777] [UFW BLOCK] IN=ens160 OUT= SRC=111.113.88.189 LEN=44 TOS=0x00 PREC=0x00 TTL=233 ID=18721 PROTO=TCP SPT=63552 DPT=1105 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-06-18 03:00:50 (2 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇩🇪 dispaisyenterprises	2026-06-17 17:33:52 (3 days ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 8032 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 8032 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇦🇺 LiftUp Hosting	2026-06-16 13:03:59 (4 days ago)	Honeypot hit: Empty payload (likely service probe); 8500 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-06-16 02:13:06 (4 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇳🇱 BIV	2026-06-15 09:50:17 (5 days ago)	Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 49151. Automated t ... show more Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 49151. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇺🇸 Axel	2026-06-13 17:45:07 (1 week ago)	Blocked by UFW on LAXHH [3400/tcp] \| SPT: 49289 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [3400/tcp] \| SPT: 49289 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-13 13:46:05 (1 week ago)	tcp/3097	Port Scan
🇩🇪 femboy.cat	2026-06-13 01:03:38 (1 week ago)	Port scan to tcp/10990 from 111.113.88.189	Brute-Force
🇺🇸 donarev419	2026-06-13 00:58:31 (1 week ago)	Connection to port 83 with data transfer. Data preview: GET / HTTP/1.1 Host: 67.215.244.172:83 Acc ... show more Connection to port 83 with data transfer. Data preview: GET / HTTP/1.1 Host: 67.215.244.172:83 Accept: / show less	Port Scan Hacking
🇩🇪 Justin F. \| AS204464	2026-06-11 14:34:43 (1 week ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 18014 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 18014 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 PeravixGroup	2026-06-09 20:47:48 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-09 18:43:24 (1 week ago)	Blocked by UFW (TCP on 2541) Source port: 31168 TTL: 236 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 2541) Source port: 31168 TTL: 236 Packet length: 44 TOS: 0x08 This report (for 111.113.88.189) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-08 21:41:58 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-06-07 23:40:25 (1 week ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.0.214.136

🇷🇺 37.77.150.241

🇺🇸 20.55.3.241

🇧🇷 186.220.196.166

🇳🇱 176.65.148.216

🇩🇪 94.154.1.123

🇺🇸 52.200.54.136

🇳🇱 195.178.110.102

🇮🇳 60.243.230.40

🇯🇵 20.243.208.191

🇩🇪 213.209.159.11

🇧🇩 203.76.98.65

🇭🇰 199.45.154.181

🇦🇷 190.244.39.224

🇧🇷 187.36.129.113

🇲🇽 186.96.158.180

🇺🇸 148.153.159.172

🇫🇮 147.185.133.228

🇦🇺 103.138.201.194

🇶🇦 89.211.253.23