This IP address has been reported a total of
120
times from
44 distinct
sources.
118.212.120.20 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Blocked by UFW (TCP on 2598)
Source port: 56543
TTL: 237
Packet length: 44
TOS: 0x08
This report (f ...
show moreBlocked by UFW (TCP on 2598)
Source port: 56543
TTL: 237
Packet length: 44
TOS: 0x08
This report (for 118.212.120.20) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Honeypot [fra-de-honeypot]: HTTP/1.1 request on 10000
GET /
User-Agent: NTRIP GNSSInternetRadio
Acc ...
show moreHoneypot [fra-de-honeypot]: HTTP/1.1 request on 10000
GET /
User-Agent: NTRIP GNSSInternetRadio
Accept: */*; 10000 [1] TCP
Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ...
show moreHoneypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud
show less
Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ...
show moreHoneypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud
show less
Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ...
show moreHoneypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud
show less
Unsolicited Minecraft server-list ping (handshake/status) to TCP/25565 across 0 address(es); protoco ...
show moreUnsolicited Minecraft server-list ping (handshake/status) to TCP/25565 across 0 address(es); protocol Legacy. Automated port scan detected by a Velocity proxy.
show less
Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ...
show moreHoneypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud
show less
Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ...
show moreHoneypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud
show less
UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ...
show moreUFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=118.212.120.20; proto=TCP; source_port=32257; target_port=995; flags=SYN
show less
Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ...
show moreHoneypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud
show less
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/118.212.120.20
2026-05 ...
show moreThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/118.212.120.20
2026-05-12 22:48:54 /
show less
Web App Attack
Showing 1 to
15
of 120 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ