JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.113.89.5

111.113.89.5 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 61%: ?

61%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Wuzhong, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.113.89.5

Whois 111.113.89.5

IP Abuse Reports for 111.113.89.5:

This IP address has been reported a total of 138 times from 40 distinct sources. 111.113.89.5 was first reported on February 6th 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-17 17:54:42 (4 hours ago)	tcp/6665	Port Scan
🇺🇸 Axel	2026-06-16 23:08:34 (22 hours ago)	Blocked by UFW on LAXHH [2078/tcp] \| SPT: 60871 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [2078/tcp] \| SPT: 60871 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇸🇬 drewf.ink	2026-06-15 21:40:14 (2 days ago)	[21:40] Port scanning. Port(s) scanned: TCP/5269	Port Scan
🇺🇸 Axel	2026-06-15 19:17:38 (2 days ago)	Blocked by UFW on LAXHH [13246/tcp] \| SPT: 10694 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: git ... show more Blocked by UFW on LAXHH [13246/tcp] \| SPT: 10694 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 ras07	2026-06-15 16:00:38 (2 days ago)	Brute force SSH login attempts.	Brute-Force SSH
🇺🇸 Axel	2026-06-14 23:22:06 (2 days ago)	Blocked by UFW on LAXHH [9004/tcp] \| SPT: 48008 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9004/tcp] \| SPT: 48008 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-14 12:59:03 (3 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 5001 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 5001 [1] TCP Reported by: Justin F. show less	Port Scan
🇫🇮 6kilowatti	2026-06-12 23:39:58 (4 days ago)	2026-06-13T02:39:57.623414+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-13T02:39:57.623414+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=111.113.89.5 DST=83.148.240.21 LEN=44 TOS=0x00 PREC=0x00 TTL=235 ID=46048 PROTO=TCP SPT=30787 DPT=10333 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 xmission.com	2026-06-12 20:21:39 (5 days ago)	Blocked by UFW (TCP on 7093) Source port: 36375 TTL: 238 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 7093) Source port: 36375 TTL: 238 Packet length: 44 TOS: 0x00 This report (for 111.113.89.5) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-12 17:13:33 (5 days ago)	Blocked by UFW on LAXHH [8087/tcp] \| SPT: 45156 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [8087/tcp] \| SPT: 45156 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-11 20:30:57 (6 days ago)	tcp/5984	Port Scan
🇬🇧 PeravixGroup	2026-06-11 09:37:52 (6 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-10 16:52:48 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-07 16:01:47 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-06-07 11:59:05 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.9

🇷🇴 80.94.92.165

🇺🇸 34.145.125.186

🇩🇪 34.141.96.233

🇧🇷 205.210.31.167

🇧🇷 192.178.95.16

🇨🇳 180.76.240.68

🇧🇷 177.200.39.156

🇺🇸 147.185.132.21

🇨🇳 111.26.6.111

🇸🇬 101.32.244.145

🇷🇺 95.215.108.47

🇳🇱 62.4.15.81

🇫🇷 51.68.34.131

🇳🇱 34.141.178.173

🇩🇪 34.141.54.227

🇺🇸 34.139.199.70

🇧🇪 34.14.21.112

🇫🇷 2400:cb00:538:1000:7a96:ba20:7bff:659f

🇹🇳 197.5.145.150