JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.113.89.153

111.113.89.153 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 74%: ?

74%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Wuzhong, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.113.89.153

Whois 111.113.89.153

IP Abuse Reports for 111.113.89.153:

This IP address has been reported a total of 144 times from 41 distinct sources. 111.113.89.153 was first reported on January 20th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-07 14:53:20 (3 hours ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-06-06 16:15:33 (1 day ago)	tcp/10139	Port Scan
🇬🇧 PeravixGroup	2026-06-05 04:23:56 (2 days ago)	Honeypot detection: rsync unauthorized access / module enumeration attempt on port 873. Severity: ME ... show more Honeypot detection: rsync unauthorized access / module enumeration attempt on port 873. Severity: MEDIUM. Aaran.cloud show less	Hacking Brute-Force
🇺🇸 MPL	2026-06-05 00:40:31 (2 days ago)	tcp/12443 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-04 21:27:27 (2 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Justin F. \| AS204464	2026-06-04 13:10:44 (3 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 50050 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 50050 [1] TCP Reported by: Justin F. show less	Port Scan
Anonymous	2026-06-04 03:47:05 (3 days ago)	Honeypot hit: Unauthorized traffic on 27017/mongod Reported by: https://github.com/sefinek/T-Pot-To- ... show more Honeypot hit: Unauthorized traffic on 27017/mongod Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 17:41:52 (4 days ago)	Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aara ... show more Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aaran.cloud show less	Email Spam
🇩🇪 Admins@FBN	2026-06-03 07:33:56 (4 days ago)	FW-PortScan: Traffic Blocked srcport=29439 dstport=2601	Port Scan
🇺🇸 MPL	2026-06-02 22:43:50 (4 days ago)	tcp/6665 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-02 09:48:33 (5 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-02 06:55:39 (5 days ago)	Blocked by UFW (TCP on 4040) Source port: 47227 TTL: 238 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 4040) Source port: 47227 TTL: 238 Packet length: 44 TOS: 0x00 This report (for 111.113.89.153) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-31 07:34:31 (1 week ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 1099 GET / Accept: /; 1099 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 1099 GET / Accept: /; 1099 [1] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-05-31 06:03:14 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 20:40:20 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 206.232.43.78

🇳🇱 204.76.203.30

🇨🇴 181.61.251.4

🇮🇳 125.19.206.54

🇨🇳 117.68.56.51

🇷🇴 92.118.39.236

🇷🇴 80.94.92.177

🇨🇳 58.144.223.65

🇨🇳 14.105.93.23

🇩🇪 4.184.246.230

🇩🇪 213.209.159.56

🇧🇪 198.235.24.217

🇹🇼 198.235.24.67

🇧🇷 186.248.197.77

🇪🇸 185.62.21.32

🇨🇳 115.190.203.239

🇫🇮 86.54.25.234

🇨🇳 58.19.82.204

🇮🇳 45.127.223.161

🇧🇷 38.3.133.65