JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.29.61.192

111.29.61.192 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Guangzhou, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.29.61.192

Whois 111.29.61.192

IP Abuse Reports for 111.29.61.192:

This IP address has been reported a total of 26 times from 26 distinct sources. 111.29.61.192 was first reported on August 14th 2024, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Smel	2025-07-05 10:45:03 (11 months ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
🇫🇷 oonux.net	2025-06-20 22:30:10 (11 months ago)	RouterOS: Scanning detected TCP 111.29.61.192:50994 > x.x.x.x:8848	Port Scan
Anonymous	2025-06-11 20:29:36 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇸🇰 GOVCERT	2025-06-04 22:46:19 (1 year ago)	Sweep Scan	Port Scan
🇩🇪 Admins@FBN	2025-06-03 02:53:46 (1 year ago)	FW-PortScan: Traffic Blocked srcport=38822 dstport=8848	Port Scan
🇬🇧 Andrew	2025-05-31 13:55:45 (1 year ago)	Blocked by UFW (TCP on port 8848). Source port: 42934 TTL: 47 Packet length: 60 TOS: 0x00 This repo ... show more Blocked by UFW (TCP on port 8848). Source port: 42934 TTL: 47 Packet length: 60 TOS: 0x00 This report (for 111.29.61.192) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇴 Harald	2024-08-19 22:24:55 (1 year ago)	Aug 19 22:24:46 jump sshd[1193414]: Failed password for root from 111.29.61.192 port 36968 ssh2 Aug ... show more Aug 19 22:24:46 jump sshd[1193414]: Failed password for root from 111.29.61.192 port 36968 ssh2 Aug 19 22:24:49 jump sshd[1193414]: Failed password for root from 111.29.61.192 port 36968 ssh2 Aug 19 22:24:53 jump sshd[1193414]: Failed password for root from 111.29.61.192 port 36968 ssh2 ... show less	Brute-Force SSH
🇩🇪 ps-center	2024-08-19 15:59:20 (1 year ago)	LT: TCP-Scanner. Port: 6379	Port Scan
🇵🇱 TostHost	2024-08-19 13:28:25 (1 year ago)	Aug 19 15:28:12 ts-24 sshd[2708779]: Failed password for root from 111.29.61.192 port 54538 ssh2 Aug ... show more Aug 19 15:28:12 ts-24 sshd[2708779]: Failed password for root from 111.29.61.192 port 54538 ssh2 Aug 19 15:28:20 ts-24 sshd[2708779]: Disconnecting authenticating user root 111.29.61.192 port 54538: Change of username or service not allowed: (root,ssh-connection) -> (test,ssh-connection) [preauth] Aug 19 15:28:22 ts-24 sshd[2708794]: Invalid user test from 111.29.61.192 port 55470 Aug 19 15:28:22 ts-24 sshd[2708794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.29.61.192 Aug 19 15:28:24 ts-24 sshd[2708794]: Failed password for invalid user test from 111.29.61.192 port 55470 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2024-08-19 12:49:28 (1 year ago)	111.29.61.192 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 111.29.61.192 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Aug 19 07:49:18 15800 sshd[30012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.29.61.192 user=root Aug 19 07:49:20 15800 sshd[30012]: Failed password for root from 111.29.61.192 port 59210 ssh2 Aug 19 07:49:22 15800 sshd[30012]: Failed password for root from 111.29.61.192 port 59210 ssh2 Aug 19 07:37:18 15800 sshd[29180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.215.190.221 user=root Aug 19 07:37:19 15800 sshd[29180]: Failed password for root from 181.215.190.221 port 37234 ssh2 IP Addresses Blocked: show less	Brute-Force SSH
🇨🇦 electronico	2024-08-19 02:07:00 (1 year ago)	Aug 19 13:06:50 electronicohost sshd[1926838]: Failed password for root from 111.29.61.192 port 5509 ... show more Aug 19 13:06:50 electronicohost sshd[1926838]: Failed password for root from 111.29.61.192 port 55092 ssh2 Aug 19 13:06:56 electronicohost sshd[1926838]: Disconnecting authenticating user root 111.29.61.192 port 55092: Change of username or service not allowed: (root,ssh-connection) -> (test,ssh-connection) [preauth] Aug 19 13:06:57 electronicohost sshd[1926840]: Invalid user test from 111.29.61.192 port 55954 Aug 19 13:06:57 electronicohost sshd[1926840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.29.61.192 Aug 19 13:06:59 electronicohost sshd[1926840]: Failed password for invalid user test from 111.29.61.192 port 55954 ssh2 show less	Brute-Force SSH
🇹🇷 rtbh.com.tr	2024-08-18 20:55:31 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 paradigma-software.de	2024-08-18 20:15:25 (1 year ago)	2024-08-18T22:15:14.952998+02:00 s15260644 sshd[383547]: Failed password for root from 111.29.61.192 ... show more 2024-08-18T22:15:14.952998+02:00 s15260644 sshd[383547]: Failed password for root from 111.29.61.192 port 34874 ssh2 2024-08-18T22:15:21.738460+02:00 s15260644 sshd[383547]: Failed password for root from 111.29.61.192 port 34874 ssh2 2024-08-18T22:15:24.503098+02:00 s15260644 sshd[383547]: Failed password for root from 111.29.61.192 port 34874 ssh2 show less	Brute-Force SSH
Anonymous	2024-08-18 13:41:10 (1 year ago)	sshd	Brute-Force SSH
🇵🇱 sefinek.net	2024-08-18 08:49:50 (1 year ago)	IP: 111.29.61.192 Protocol: TCP Source port: 52368 Destination port: 6379 TTL: 96 Packet length: 40 ... show more IP: 111.29.61.192 Protocol: TCP Source port: 52368 Destination port: 6379 TTL: 96 Packet length: 40 TOS: 0x00 Timestamp: Aug 18 10:49:50 (10:49:50, 18.08.2024) The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details suggest a possible unauthorized access or port scanning attempt. show less	Port Scan

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 144.123.76.111

🇳🇱 92.67.13.123

🇳🇱 91.92.42.61

🇮🇷 85.198.19.242

🇷🇴 80.94.92.171

🇫🇷 51.178.114.78

🇨🇳 218.25.89.208

🇬🇧 195.96.139.111

🇺🇸 162.216.149.93

🇺🇸 143.244.168.218

🇺🇸 143.244.152.105

🇫🇷 143.244.57.118

🇺🇸 124.198.131.231

🇨🇳 120.229.120.30

🇨🇳 117.147.109.125

🇺🇸 100.54.132.1

🇱🇹 45.227.254.170

🇳🇱 45.148.10.152

🇫🇮 45.87.249.146

🇬🇧 35.203.211.214