JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 124.117.192.158

124.117.192.158 was found in our database!

This IP was reported 84 times. Confidence of Abuse is 37%: ?

37%

ISP	CHINANET Xinjiang province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Urumqi, Xinjiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 124.117.192.158

Whois 124.117.192.158

IP Abuse Reports for 124.117.192.158:

This IP address has been reported a total of 84 times from 36 distinct sources. 124.117.192.158 was first reported on June 23rd 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-31 10:33:34 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 11:43:25 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 0x44	2026-05-24 21:41:08 (2 weeks ago)	Abusive host detected - Web probing for vulnerabilities	Web App Attack Hacking
🇫🇷 Petre 21_ip	2026-05-15 01:07:09 (3 weeks ago)	2026-05-15T03:07:09.083880+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-05-15T03:07:09.083880+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=124.117.192.158 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=37868 PROTO=TCP SPT=64718 DPT=6003 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 MPL	2026-05-13 16:05:57 (4 weeks ago)	tcp/502	Port Scan
🇷🇸 Scan	2026-05-11 03:49:47 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 Admins@FBN	2026-04-30 08:13:32 (1 month ago)	FW-PortScan: Traffic Blocked srcport=23021 dstport=28080	Port Scan
🇩🇪 dispaisyenterprises	2026-04-28 07:03:48 (1 month ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (16 bytes of payload); 9943 [1] TCP Reported by Dis ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (16 bytes of payload); 9943 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇧🇾 StatsMe	2026-04-27 22:11:51 (1 month ago)	2026-04-27T19:03:55.748940+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-22 16:20:08 (1 month ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 32780 [1] TCP	Port Scan
🇨🇳 ThreatBook.io	2026-04-20 22:31:12 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/124.117.192.158 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/124.117.192.158 2026-04-20 17:59:24 http://110.242.68.4/ show less	Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-20 16:45:41 (1 month ago)	Honeypot hit: HTTP/1.1 request on 2050 GET / Accept: /; 2050 [1] TCP	Web App Attack
🇵🇱 sefinek.net	2026-04-20 15:59:07 (1 month ago)	Honeypot hit: HTTP/1.1 request on 8086 GET / Accept: /; 8086 [1] TCP Reported by: https://github. ... show more Honeypot hit: HTTP/1.1 request on 8086 GET / Accept: /; 8086 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇷🇸 Smel	2026-04-19 15:38:09 (1 month ago)	SQL/MH Probe, Scan, Hack -	Port Scan Hacking SQL Injection
🇫🇷 security.rdmc.fr	2026-04-16 18:25:40 (1 month ago)	VoIP Attack proto:UDP src:46879 dst:5060	Port Scan Fraud VoIP

Showing 1 to 15 of 84 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.245

🇩🇪 192.109.200.204

🇫🇮 157.22.127.17

🇫🇮 147.185.133.163

🇳🇱 192.42.116.20

🇵🇪 181.224.231.52

🇺🇸 165.154.163.171

🇨🇳 119.249.100.113

🇨🇳 115.231.76.176

🇧🇷 45.205.1.246

🇬🇧 35.203.211.103

🇧🇷 20.226.31.51

🇨🇳 14.103.113.224

🇲🇽 187.189.92.79

🇦🇺 158.178.141.16

🇳🇱 158.94.210.171

🇳🇬 135.129.124.141

🇸🇬 129.227.75.98

🇮🇳 115.113.39.68

🇺🇸 107.151.200.129