JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.113.89.191

111.113.89.191 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 80%: ?

80%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Wuzhong, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.113.89.191

Whois 111.113.89.191

IP Abuse Reports for 111.113.89.191:

This IP address has been reported a total of 128 times from 43 distinct sources. 111.113.89.191 was first reported on January 18th 2024, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Domainhizmetleri.com	2026-06-21 07:07:58 (12 hours ago)	[honeypot] - MS-SQL-PROBE	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-21 01:59:54 (17 hours ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-20 18:05:02 (1 day ago)	Blocked by UFW (TCP on 10224) Source port: 46368 TTL: 238 Packet length: 44 TOS: 0x00 This report ( ... show more Blocked by UFW (TCP on 10224) Source port: 46368 TTL: 238 Packet length: 44 TOS: 0x00 This report (for 111.113.89.191) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-15 20:58:56 (5 days ago)	Blocked by UFW on LAXHH [12400/tcp] \| SPT: 13785 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: git ... show more Blocked by UFW on LAXHH [12400/tcp] \| SPT: 13785 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 StopAbuse	2026-06-14 23:23:19 (6 days ago)	tcp/9001	Port Scan
Anonymous	2026-06-13 13:57:32 (1 week ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 2333 [1] TCP Reported by: https://github.c ... show more Honeypot hit: Unauthorized traffic (16 bytes of payload); 2333 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇭🇰 www.winos.me	2026-06-13 03:59:49 (1 week ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
🇺🇸 Axel	2026-06-13 02:55:53 (1 week ago)	Blocked by UFW on LAXHH [3260/tcp] \| SPT: 15869 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [3260/tcp] \| SPT: 15869 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 6kilowatti	2026-06-13 01:47:48 (1 week ago)	2026-06-13T04:47:47.424254+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-06-13T04:47:47.424254+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=111.113.89.191 DST=5.61.88.83 LEN=44 TOS=0x00 PREC=0x00 TTL=236 ID=22431 PROTO=TCP SPT=55115 DPT=4567 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-06-11 01:38:44 (1 week ago)	Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: ... show more Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: MEDIUM. Aaran.cloud show less	Port Scan Brute-Force
🇺🇸 MPL	2026-06-11 01:18:06 (1 week ago)	tcp/7070	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-10 16:38:42 (1 week ago)	Honeypot hit: Large payload (1457 bytes); 10129 [1] TCP	Hacking
🇬🇧 PeravixGroup	2026-06-09 16:13:33 (1 week ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇳🇱 BIV	2026-06-08 10:42:33 (1 week ago)	Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 5600. Automated ti ... show more Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 5600. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-07 15:45:46 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 45.154.244.2

🇭🇰 199.45.154.185

🇺🇦 185.78.237.176

🇨🇳 60.188.58.133

🇨🇳 47.106.252.152

🇳🇱 45.148.10.152

🇺🇸 207.90.244.12

🇧🇷 191.193.227.71

🇧🇷 191.183.41.74

🇧🇷 191.183.41.9

🇷🇴 80.94.92.186

🇮🇷 78.109.200.147

🇳🇱 45.156.87.34

🇵🇱 45.141.215.39

🇺🇸 2604:a880:400:d1:0:4:9e88:c001

🇺🇸 216.25.89.119

🇳🇮 190.212.214.122

🇳🇱 176.65.132.22

🇪🇨 157.100.121.138

🇺🇸 147.185.132.115