JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.9.42.57

111.9.42.57 was found in our database!

This IP was reported 423 times. Confidence of Abuse is 100%: ?

100%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Chengdu, Sichuan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.9.42.57

Whois 111.9.42.57

IP Abuse Reports for 111.9.42.57:

This IP address has been reported a total of 423 times from 261 distinct sources. 111.9.42.57 was first reported on May 26th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Diskominfo Lumajang	2026-06-04 09:15:04 (2 hours ago)	Security Event Detected by SOC Diskominfo Lumajang: event=alert, hits=4	Brute-Force
🇫🇷 bellovacorp	2026-06-04 02:39:55 (9 hours ago)	Customer Telecom - Router Mikrotik perimeter blacklist	Port Scan Hacking
🇦🇷 Bruno	2026-06-04 00:03:08 (11 hours ago)	Port Scanner: 111.9.42.57	Port Scan
🇳🇱 soverin	2026-06-03 22:25:32 (13 hours ago)	Network scan on port 443	Email Spam
🇨🇳 さいとうあすか	2026-06-03 22:04:30 (13 hours ago)	Jun 4 06:04:29 pbs sshd[501597]: Invalid user admin from 111.9.42.57 port 42102 ...	Brute-Force SSH
🇺🇸 ras07	2026-06-03 22:00:10 (14 hours ago)	Brute force SSH login attempts.	Brute-Force SSH
🇩🇪 genokrad	2026-06-03 21:24:32 (14 hours ago)	Unauthorized connection attempt on TCP/23 (Telnet)	Port Scan
🇮🇪 AutosOnShow	2026-06-03 20:21:05 (15 hours ago)	blocked for webapp attack \| path requested: /index.php \| seen at 2026-06-03 20:20:44.384 \|	Web App Attack
🇺🇸 Tect.host	2026-06-03 20:17:55 (15 hours ago)	Brute-force SSH server detected by Fail2ban	Brute-Force SSH
🇫🇷 polarolouis	2026-06-03 19:48:28 (16 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-cve-2021-41773	Web App Attack Hacking
🇬🇧 PeravixGroup	2026-06-03 19:43:35 (16 hours ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 MPL	2026-06-03 19:20:43 (16 hours ago)	tcp/443 (4 or more attempts)	Port Scan
Anonymous	2026-06-03 18:43:56 (17 hours ago)	SIEM ALERT AUTO REPORT	Email Spam
🇩🇪 markawes	2026-06-03 18:32:15 (17 hours ago)	[markis] Auto banned by Fail2Ban. Reason: Malicious web scan / attempted access to sensitive paths. ... show more [markis] Auto banned by Fail2Ban. Reason: Malicious web scan / attempted access to sensitive paths. Evidence: 111.9.42.57 - - [03/Jun/2026:19:32:11 +0100] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 487 "-" "libredtail-http" 111.9.42.57 - - [03/Jun/2026:19:32:12 +0100] "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" 400 487 "-" "libredtail-http" 111.9.42.57 - - [03/Jun/2026:19:32:13 +0100] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 491 "-" "libredtail-http" show less	Port Scan Hacking Web App Attack
🇳🇱 Yachiyo Runami	2026-06-03 18:26:24 (17 hours ago)	Port Scan on Honeypot \| Ports: 2222/SSH-alt(2x) \| Proto: TCP(2) \| Flags: all SYN \| TTL: 43 \| Len: 40 ... show more Port Scan on Honeypot \| Ports: 2222/SSH-alt(2x) \| Proto: TCP(2) \| Flags: all SYN \| TTL: 43 \| Len: 40B(2x) \| Win: 65535(2) \| F2B/ufw-honeypot@2026-06-03T18:26:24Z show less	Port Scan Hacking

Showing 1 to 15 of 423 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.181.26

🇰🇷 175.207.239.222

🇺🇸 96.127.152.236

🇺🇸 74.7.228.184

🇺🇸 65.49.1.76

🇺🇸 3.81.76.12

🇺🇸 209.222.101.194

🇺🇦 178.136.46.33

🇩🇪 162.19.243.145

🇻🇳 160.191.244.158

🇺🇸 136.117.227.152

🇨🇳 111.228.13.226

🇿🇦 41.198.141.67

🇺🇸 192.81.210.247

🇳🇱 185.156.73.233

🇵🇭 150.228.225.201

🇨🇳 117.145.69.222

🇷🇴 92.118.39.236

🇱🇹 81.30.98.142

🇺🇸 64.95.14.238