JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.113.89.205

111.113.89.205 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 56%: ?

56%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Wuzhong, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.113.89.205

Whois 111.113.89.205

IP Abuse Reports for 111.113.89.205:

This IP address has been reported a total of 142 times from 49 distinct sources. 111.113.89.205 was first reported on January 18th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-14 02:13:36 (3 days ago)	Honeypot hit: Empty payload (likely service probe); 10000 [1] TCP	Port Scan
🇺🇸 Axel	2026-06-13 19:02:51 (3 days ago)	Blocked by UFW on LAXHH [5061/tcp] \| SPT: 56059 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [5061/tcp] \| SPT: 56059 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Fraud VoIP
🇺🇸 MPL	2026-06-13 18:33:23 (3 days ago)	tcp/20201	Port Scan
🇮🇩 PENJAGA.AUM	2026-06-12 15:55:38 (4 days ago)	111.113.89.205 - Attack: Possible XSS attack, script tag	Web App Attack SQL Injection Spoofing
🇯🇵 mkaraki	2026-06-12 00:10:59 (5 days ago)	1781223058 # Service_probe # SIGNATURE_SEND # source_ip:111.113.89.205 # dst_port:9042 ...	Port Scan
🇫🇷 TheHoneyPotter	2026-06-11 22:06:04 (5 days ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 52200 [1] TCP Reported by: https://git ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 52200 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 MPL	2026-06-11 09:29:43 (6 days ago)	tcp/8025 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-10 22:14:21 (6 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-09 22:11:33 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-06-09 11:21:46 (1 week ago)	Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aar ... show more Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇩🇪 femboy.cat	2026-06-08 05:10:00 (1 week ago)	Port scan to tcp/8069 from 111.113.89.205	Brute-Force
🇺🇸 MPL	2026-06-07 13:06:05 (1 week ago)	tcp/10110 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-06 18:32:38 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-06 07:37:27 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-06-06 02:06:10 (1 week ago)	Honeypot hit: Large payload (1457 bytes); 3075 [1] TCP Reported by: https://github.com/sefinek/T-Pot ... show more Honeypot hit: Large payload (1457 bytes); 3075 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.231

🇺🇸 209.141.47.217

🇮🇳 122.187.227.167

🇨🇳 120.193.223.46

🇮🇪 54.217.16.109

🇺🇸 45.130.83.57

🇫🇷 194.163.179.92

🇺🇸 109.105.209.3

🇧🇩 103.183.62.0

🇮🇷 91.251.246.179

🇩🇪 91.98.70.204

🇰🇷 61.76.38.54

🇱🇹 45.227.254.170

🇺🇸 38.34.175.19

🇻🇳 27.79.4.125

🇧🇷 205.210.31.215

🇦🇷 201.252.36.143

🇧🇷 187.84.154.132

🇸🇬 168.144.39.160

🇻🇳 160.25.81.6