JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.195.54.53

120.195.54.53 was found in our database!

This IP was reported 511 times. Confidence of Abuse is 83%: ?

83%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56046
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.195.54.53

Whois 120.195.54.53

IP Abuse Reports for 120.195.54.53:

This IP address has been reported a total of 511 times from 113 distinct sources. 120.195.54.53 was first reported on June 4th 2021, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-27 12:22:31 (6 hours ago)	tcp/6664 (2 or more attempts)	Port Scan
🇳🇱 BIV	2026-06-26 17:51:33 (1 day ago)	Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 30023. Automated tiered (T-Pot+DS ... show more Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 30023. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Brute-Force SSH
🇩🇪 Luhte	2026-06-24 17:06:01 (3 days ago)	Unsolicited TCP connection from 120.195.54.53 to port 0 at 2026-06-24T17:06:01Z. Source IP completed ... show more Unsolicited TCP connection from 120.195.54.53 to port 0 at 2026-06-24T17:06:01Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇵🇱 sefinek.net	2026-06-24 04:39:37 (3 days ago)	Honeypot hit: Large payload (1457 bytes); 22222 [1] TCP Reported by: https://github.com/sefinek/T-Po ... show more Honeypot hit: Large payload (1457 bytes); 22222 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 donarev419	2026-06-23 02:04:01 (4 days ago)	Port scan detected on port 1506 (connection without data transfer)	Port Scan
🇺🇸 MPL	2026-06-22 07:43:02 (5 days ago)	tcp/8334 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-22 02:49:02 (5 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
Anonymous	2026-06-20 12:11:47 (1 week ago)	2026-06-20T13:11:46.598916+01:00 vps kernel: [43697657.391897] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-20T13:11:46.598916+01:00 vps kernel: [43697657.391897] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=120.195.54.53 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=226 ID=61582 PROTO=TCP SPT=57323 DPT=6433 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇬🇧 PeravixGroup	2026-06-19 03:31:55 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 dispaisyenterprises	2026-06-18 00:33:52 (1 week ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 1880 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 1880 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 femboy.cat	2026-06-17 05:34:55 (1 week ago)	Port scan to tcp/3052 from 120.195.54.53	Brute-Force
🇩🇪 dispaisyenterprises	2026-06-15 12:15:50 (1 week ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 32080 GET / Accept: /; 32080 [1] TCP Reported by ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 32080 GET / Accept: /; 32080 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-06-14 02:54:06 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-12 17:31:24 (2 weeks ago)	Honeypot hit: Large payload (1457 bytes); 6510 [1] TCP Reported by: https://github.com/sefinek/T-Pot ... show more Honeypot hit: Large payload (1457 bytes); 6510 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 TheHoneyPotter	2026-06-12 04:04:03 (2 weeks ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 16012 [1] TCP Reported by: https://git ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 16012 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan

Showing 1 to 15 of 511 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 35.203.211.248

🇺🇸 3.142.97.232

🇪🇸 217.160.226.51

🇹🇷 185.226.92.110

🇺🇸 172.238.188.122

🇺🇸 168.196.237.162

🇻🇳 112.137.143.2

🇳🇱 91.92.40.41

🇧🇪 34.14.122.221

🇲🇻 202.153.80.51

🇰🇷 112.216.129.27

🇿🇦 105.247.89.210

🇳🇱 104.28.217.139

🇱🇻 81.30.98.49

🇭🇰 43.154.195.142

🇨🇳 1.193.71.236

🇸🇬 2001:19f0:4400:7250:5400:3ff:fe93:28e2

🇩🇪 178.128.194.134

🇯🇵 40.74.68.248

🇬🇧 35.203.211.6