JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.113.88.72

111.113.88.72 was found in our database!

This IP was reported 159 times. Confidence of Abuse is 54%: ?

54%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Wuzhong, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.113.88.72

Whois 111.113.88.72

IP Abuse Reports for 111.113.88.72:

This IP address has been reported a total of 159 times from 58 distinct sources. 111.113.88.72 was first reported on January 19th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-10 06:47:29 (8 hours ago)	Blocked by UFW (TCP on 2282) Source port: 28830 TTL: 238 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 2282) Source port: 28830 TTL: 238 Packet length: 44 TOS: 0x00 This report (for 111.113.88.72) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 security.rdmc.fr	2026-06-10 06:08:21 (9 hours ago)	Port Scan Attack proto:TCP src:31806 dst:21	Port Scan
🇬🇧 PeravixGroup	2026-06-10 02:26:24 (13 hours ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-08 23:12:05 (1 day ago)	Honeypot detection: LDAP injection / directory service abuse attempt on port 8080. Severity: MEDIUM. ... show more Honeypot detection: LDAP injection / directory service abuse attempt on port 8080. Severity: MEDIUM. Aaran.cloud show less	Web App Attack
🇧🇾 StatsMe	2026-06-07 22:18:20 (2 days ago)	2026-06-07T15:14:24.507152+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇬🇧 PeravixGroup	2026-06-06 22:02:40 (3 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 11:41:21 (4 days ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 06:59:30 (4 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇳🇱 BIV	2026-06-06 03:34:33 (4 days ago)	Honeypot multi-source hit. Sources: tpot:Fatt,tpot:P0f,tpot:Suricata,tpot:Tanner. Ports: 80. Automat ... show more Honeypot multi-source hit. Sources: tpot:Fatt,tpot:P0f,tpot:Suricata,tpot:Tanner. Ports: 80. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇩🇪 David Ferneding	2026-06-05 16:16:21 (4 days ago)	Blocked by UFW (TCP on 5601) Source port: 26341 TTL: 236 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 5601) Source port: 26341 TTL: 236 Packet length: 44 TOS: 0x00 This report (for 111.113.88.72) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-05 09:30:06 (5 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-01 21:14:39 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 xmission.com	2026-05-11 15:59:13 (4 weeks ago)	Blocked by UFW (TCP on 8000) Source port: 60446 TTL: 236 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 8000) Source port: 60446 TTL: 236 Packet length: 44 TOS: 0x08 This report (for 111.113.88.72) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 Kinsei Engineering Inc.	2026-05-10 11:31:02 (1 month ago)	nginx:Illicit login attempts to the CMS, or investigation into CMS plugins with vulnerabilities.	Brute-Force Web Spam Web App Attack
🇺🇸 MPL	2026-05-10 07:52:10 (1 month ago)	tcp/9020	Port Scan

Showing 1 to 15 of 159 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 152.67.46.203

🇷🇴 2.57.121.112

🇧🇷 200.6.88.248

🇸🇬 128.199.225.7

🇸🇬 103.250.11.63

🇨🇳 60.18.105.58

🇺🇸 34.106.190.235

🇺🇸 98.159.37.229

🇪🇸 91.142.223.216

🇺🇸 54.85.109.140

🇨🇱 45.181.120.160

🇳🇱 45.148.10.183

🇳🇱 31.14.32.4

🇵🇭 180.194.72.202

🇺🇸 174.35.25.181

🇨🇳 112.66.13.10

🇺🇸 103.153.183.69

🇵🇱 87.251.64.145

🇳🇱 34.32.250.117

🇷🇴 2.57.122.177