JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.91.138.252

112.91.138.252 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 0%: ?

ISP	China Unicom Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS17623
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.91.138.252

Whois 112.91.138.252

IP Abuse Reports for 112.91.138.252:

This IP address has been reported a total of 92 times from 22 distinct sources. 112.91.138.252 was first reported on May 9th 2022, and the most recent report was 3 years ago.

Old Reports: The most recent abuse report for this IP address is from 3 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 hypergate-soc	2022-07-16 16:38:50 (3 years ago)	"anomaly: tcp_port_scan, 11 > threshold 10, repeats 11 times since last log"	Port Scan
🇫🇷 QUADEMU Abuse Dpt	2022-07-16 13:33:58 (3 years ago)	Noxious/Nuisible/вредоносный Host.	Port Scan Brute-Force
🇺🇸 imgzit	2022-07-16 06:59:22 (3 years ago)	Port 22 SSH Bruteforcing - Caught by Zit Honeypot	Brute-Force SSH
🇩🇪 rd1742	2022-07-15 22:05:53 (3 years ago)	2022-07-16 02:05:52,958 quad proftpd[1202746] quad (112.91.138.252[112.91.138.252]): USER root: no s ... show more 2022-07-16 02:05:52,958 quad proftpd[1202746] quad (112.91.138.252[112.91.138.252]): USER root: no such user found from 112.91.138.252 [112.91.138.252] to 2.56.97.107:22 show less	Brute-Force SSH
🇨🇦 Largnet SOC	2022-07-15 09:08:31 (3 years ago)	112.91.138.252 triggered Icarus honeypot on port 22. Check us out on github.	Port Scan Hacking
Anonymous	2022-07-15 02:50:41 (3 years ago)	port scan and connect, tcp 22 (ssh)	Port Scan
🇩🇪 FunyMails	2022-07-14 21:17:30 (3 years ago)	Jul 15 01:03:20 localhost sshd[1895119]: Disconnected from authenticating user root 112.91.138.252 p ... show more Jul 15 01:03:20 localhost sshd[1895119]: Disconnected from authenticating user root 112.91.138.252 port 54264 [preauth] Jul 15 01:17:28 localhost sshd[1895151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.138.252 user=root Jul 15 01:17:30 localhost sshd[1895151]: Failed password for root from 112.91.138.252 port 58632 ssh2 ... show less	Brute-Force SSH
🇺🇸 General_Failure	2022-07-14 06:22:53 (3 years ago)	2022-07-14T05:22:13.023618nio.local.lan sshd[427569]: Disconnected from authenticating user root 112 ... show more 2022-07-14T05:22:13.023618nio.local.lan sshd[427569]: Disconnected from authenticating user root 112.91.138.252 port 48070 [preauth] 2022-07-14T05:22:52.601558nio.local.lan sshd[427571]: Disconnected from authenticating user root 112.91.138.252 port 48230 [preauth] ... show less	Brute-Force SSH
🇮🇳 Parth Maniar	2022-07-12 06:17:06 (3 years ago)	SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect ... show more SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇩🇪 www.blocklist.de	2022-07-11 23:20:40 (3 years ago)	Lines containing failures of 112.91.138.252 Jul 12 05:51:07 server5 sshd[13677]: User r.r from 112.9 ... show more Lines containing failures of 112.91.138.252 Jul 12 05:51:07 server5 sshd[13677]: User r.r from 112.91.138.252 not allowed because not listed in AllowUsers Jul 12 05:51:07 server5 sshd[13677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.138.252 user=r.r Jul 12 05:51:08 server5 sshd[13677]: Failed password for AD user r.r from 112.91.138.252 port 45168 ssh2 Jul 12 05:51:08 server5 sshd[13677]: Received disconnect from 112.91.138.252 port 45168:11: Bye Bye [preauth] Jul 12 05:51:08 server5 sshd[13677]: Disconnected from AD user r.r 112.91.138.252 port 45168 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.91.138.252 show less	FTP Brute-Force Hacking
🇷🇴 eddy.ro	2022-07-11 22:51:09 (3 years ago)	$f2bV_matches	Brute-Force SSH
Anonymous	2022-07-11 17:51:34 (3 years ago)	Brute Force attempts	Brute-Force Exploited Host
🇩🇪 MrRage	2022-07-11 01:21:29 (3 years ago)	SSH Brute Force Attempt Failed Login From IP Address 112.91.138.252	Brute-Force SSH
Anonymous	2022-06-28 10:02:20 (3 years ago)	2022-06-28T15:59:05.975239condo sshd[1216757]: Disconnected from authenticating user root 112.91.138 ... show more 2022-06-28T15:59:05.975239condo sshd[1216757]: Disconnected from authenticating user root 112.91.138.252 port 60520 [preauth] 2022-06-28T16:00:12.757570condo sshd[1216784]: Disconnected from authenticating user root 112.91.138.252 port 60884 [preauth] 2022-06-28T16:00:59.166835condo sshd[1216791]: Disconnected from authenticating user root 112.91.138.252 port 32904 [preauth] 2022-06-28T16:01:38.422429condo sshd[1216802]: Disconnected from authenticating user root 112.91.138.252 port 33132 [preauth] 2022-06-28T16:02:19.532761condo sshd[1216812]: Disconnected from authenticating user root 112.91.138.252 port 33350 [preauth] ... show less	Brute-Force SSH
🇿🇦 IrisFlower	2022-05-22 12:08:35 (4 years ago)	Unauthorized connection attempt detected from IP address 112.91.138.252 to port 23 [J]	Port Scan Hacking

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 223.123.72.217

🇹🇼 221.120.4.61

🇺🇸 147.185.132.252

🇨🇳 120.48.175.69

🇺🇸 100.29.164.178

🇹🇼 198.235.24.124

🇩🇪 165.232.71.112

🇺🇸 147.185.132.168

🇺🇸 147.185.132.132

🇳🇱 91.92.40.4

🇧🇾 81.30.98.142

🇳🇱 45.137.212.23

🇰🇷 218.144.90.41

🇦🇷 190.174.105.239

🇲🇾 183.171.41.89

🇦🇷 181.95.23.53

🇨🇱 160.19.203.252

🇨🇳 120.48.90.166

🇺🇸 97.213.181.250

🇵🇱 94.75.78.160