JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.1.238.174

120.1.238.174 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 1%: ?

ISP	China Unicom Heibei Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Luancheng, Hebei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.1.238.174

Whois 120.1.238.174

IP Abuse Reports for 120.1.238.174:

This IP address has been reported a total of 20 times from 19 distinct sources. 120.1.238.174 was first reported on March 8th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 QSC-Sentinel	2026-05-20 17:32:47 (3 weeks ago)	Banned by fail2ban jail sshd on etlab-research	Brute-Force SSH
🇸🇬 Cloudkul Cloudkul	2026-03-09 10:50:25 (3 months ago)	Multiple unauthorized attempts to access web resources	Brute-Force Web App Attack
🇺🇸 RAP	2026-03-09 09:32:24 (3 months ago)	2026-03-09 09:32:24 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇩🇪 www.fransveldman.world	2026-03-09 09:13:58 (3 months ago)	Mar 9 09:13:10 fedi sshd[2936954]: Invalid user admin from 120.1.238.174 port 33930 Mar 9 09:13:58 ... show more Mar 9 09:13:10 fedi sshd[2936954]: Invalid user admin from 120.1.238.174 port 33930 Mar 9 09:13:58 fedi sshd[2937027]: Invalid user orangepi from 120.1.238.174 port 53084 ... show less	Brute-Force SSH
Anonymous	2026-03-09 09:13:18 (3 months ago)	ssh login attempt failed 5 times	Brute-Force SSH
🇺🇸 MPL	2026-03-09 09:04:28 (3 months ago)	tcp/2375 (6 or more attempts)	Port Scan
🇵🇱 skillhost.pl	2026-03-09 08:49:14 (3 months ago)	Automated SSH brute-force attack detected. The IP repeatedly attempted to authenticate to port 22 us ... show more Automated SSH brute-force attack detected. The IP repeatedly attempted to authenticate to port 22 using multiple usernames and password guesses within a short timeframe. show less	Brute-Force SSH
🇺🇸 NXTwoThou	2026-03-09 06:39:06 (3 months ago)	/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh	Web App Attack
🇺🇸 xmission.com	2026-03-09 05:59:28 (3 months ago)	Blocked by UFW (TCP on 22) Source port: 36471 TTL: 51 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 22) Source port: 36471 TTL: 51 Packet length: 40 TOS: 0x00 This report (for 120.1.238.174) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan SSH Brute-Force
🇩🇪 gcl046	2026-03-09 05:18:12 (3 months ago)	2026-03-09T06:13:04.893168+01:00 cu94u8qp sshd-session[1221076]: Invalid user admin from 120.1.238.1 ... show more 2026-03-09T06:13:04.893168+01:00 cu94u8qp sshd-session[1221076]: Invalid user admin from 120.1.238.174 port 52976 2026-03-09T06:13:05.976252+01:00 cu94u8qp sshd-session[1221076]: Connection closed by invalid user admin 120.1.238.174 port 52976 [preauth] 2026-03-09T06:13:48.780730+01:00 cu94u8qp sshd-session[1221094]: Invalid user orangepi from 120.1.238.174 port 47910 2026-03-09T06:13:50.061984+01:00 cu94u8qp sshd-session[1221094]: Connection closed by invalid user orangepi 120.1.238.174 port 47910 [preauth] 2026-03-09T06:14:34.659207+01:00 cu94u8qp sshd-session[1221107]: Connection closed by authenticating user root 120.1.238.174 port 32980 [preauth] ... show less	Brute-Force SSH
Anonymous	2026-03-09 03:04:02 (3 months ago)	IP & Port Scan.	SSH Port Scan Brute-Force
🇺🇸 Teknikal_Domain	2026-03-09 02:43:14 (3 months ago)	Mar 8 22:42:27 gen sshd[607803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ... show more Mar 8 22:42:27 gen sshd[607803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.1.238.174 Mar 8 22:42:29 gen sshd[607803]: Failed password for invalid user admin from 120.1.238.174 port 55550 ssh2 Mar 8 22:43:13 gen sshd[607806]: Invalid user orangepi from 120.1.238.174 port 33445 ... show less	Brute-Force SSH
🇬🇧 wiredalter	2026-03-09 01:27:08 (3 months ago)	Blocked by fail2ban on cVPS [443/tcp] Source Port: 39396 TTL: 53 Packet Length: 40 TOS: 0x00 Analyz ... show more Blocked by fail2ban on cVPS [443/tcp] Source Port: 39396 TTL: 53 Packet Length: 40 TOS: 0x00 Analyzed by https://ip.wiredalter.com show less	Brute-Force SSH
🇺🇸 infra-monitor	2026-03-09 01:00:14 (3 months ago)	Automated ban via infra-monitor: crowdsecurity/http-cve-2021-42013, crowdsecurity/http-cve-2021-4177 ... show more Automated ban via infra-monitor: crowdsecurity/http-cve-2021-42013, crowdsecurity/http-cve-2021-41773 show less	Hacking Web App Attack
🇹🇼 kk_it_man	2026-03-09 00:23:02 (3 months ago)	ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 ET EXPLOIT Apache HTTP ... show more ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt ET WEB_SERVER Generic PHP Remote File Include ET WEB_SERVER PHP tags in HTTP POST ET WEB_SERVER PHP.//Input in HTTP POST ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body ET WEB_SERVER ThinkPHP RCE Exploitation Attempt ET WEB_SERVER allow_url_include PHP config option in uri ET WEB_SERVER auto_prepend_file PHP config option in uri ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) GPL WEB_SERVER 403 Forbidden show less	Port Scan

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 207.219.221.101

🇫🇮 204.168.206.154

🇺🇸 193.56.116.243

🇦🇷 190.3.50.189

🇩🇪 167.94.146.56

🇺🇸 162.216.150.170

🇨🇳 112.111.150.127

🇫🇷 85.217.140.24

🇺🇸 64.62.197.160

🇺🇸 64.62.197.137

🇺🇸 50.112.151.48

🇺🇿 213.230.78.36

🇧🇪 198.235.24.234

🇳🇱 195.178.110.105

🇬🇧 193.163.125.142

🇨🇳 180.101.224.66

🇩🇪 167.94.145.23

🇺🇸 166.88.227.114

🇮🇹 151.115.166.245

🇵🇱 151.115.80.249