JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.20.172.234

111.20.172.234 was found in our database!

This IP was reported 486 times. Confidence of Abuse is 100%: ?

100%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.20.172.234

Whois 111.20.172.234

IP Abuse Reports for 111.20.172.234:

This IP address has been reported a total of 486 times from 178 distinct sources. 111.20.172.234 was first reported on May 10th 2026, and the most recent report was 42 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-06-22 22:01:54 (42 minutes ago)	Unauthorized mail server scanning	Port Scan
🇺🇸 MPL	2026-06-22 17:19:20 (5 hours ago)	tcp/2222 (2 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-22 15:03:14 (7 hours ago)	2026-06-22 15:03:14 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 Admins@FBN	2026-06-22 14:49:45 (7 hours ago)	FW-PortScan: Traffic Blocked srcport=59044 dstport=22	Port Scan Hacking SSH
🇺🇸 MPL	2026-06-22 14:00:18 (8 hours ago)	tcp ports: 2375,22 (4 or more attempts)	Port Scan
🇰🇷 PROJECT ELIV	2026-06-22 13:16:54 (9 hours ago)	SSH honeypot: failed brute-force login attempt (username: admin)	Brute-Force SSH
🇺🇸 MPL	2026-06-22 12:56:45 (9 hours ago)	tcp/22 (2 or more attempts)	Port Scan
🇧🇷 helix	2026-06-22 10:59:04 (11 hours ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇩🇪 Loris007	2026-06-22 07:48:15 (14 hours ago)	Fail2Ban (Cowrie) detected attack from 111.20.172.234	Port Scan Brute-Force SSH
🇺🇸 MPL	2026-06-22 06:32:45 (16 hours ago)	tcp/80 (2 or more attempts)	Port Scan
🇫🇷 security.rdmc.fr	2026-06-22 03:45:12 (18 hours ago)	Port Scan Attack proto:TCP src:47861 dst:23	Port Scan
🇺🇸 MPL	2026-06-22 01:27:34 (21 hours ago)	tcp/22 (4 or more attempts)	Port Scan
🇦🇹 urnilxfgbez	2026-06-21 22:45:00 (23 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 MPL	2026-06-21 20:46:03 (1 day ago)	tcp/2375 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-21 16:59:26 (1 day ago)	tcp/23 (2 or more attempts)	Port Scan

Showing 1 to 15 of 486 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.209

🇸🇬 168.144.141.144

🇯🇵 119.25.157.105

🇱🇻 81.30.98.158

🇺🇸 54.205.235.49

🇳🇱 45.198.224.115

🇺🇸 34.106.92.215

🇺🇸 34.94.95.233

🇺🇸 162.216.149.129

🇷🇴 80.94.92.165

🇳🇱 45.148.10.121

🇳🇱 185.224.128.16

🇨🇦 152.232.73.95

🇺🇸 149.88.18.28

🇻🇳 116.110.221.153

🇨🇳 106.37.72.234

🇨🇳 39.149.216.44

🇨🇳 14.103.159.154

🇺🇸 147.45.60.18

🇻🇳 101.99.14.34