JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 124.89.118.7

124.89.118.7 was found in our database!

This IP was reported 673 times. Confidence of Abuse is 85%: ?

85%

ISP	China Unicom Shannxi province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 124.89.118.7

Whois 124.89.118.7

IP Abuse Reports for 124.89.118.7:

This IP address has been reported a total of 673 times from 117 distinct sources. 124.89.118.7 was first reported on March 27th 2021, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Tamsweb	2026-06-26 02:32:10 (6 hours ago)	Unauthorized connection attempt or scan from 124.89.118.7 on port 9876 ...	Port Scan
🇺🇸 RAP	2026-06-23 13:41:19 (2 days ago)	2026-06-23 13:41:19 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇸🇪 NordhTech	2026-06-23 10:15:11 (2 days ago)	More than 3 malicious connection attempts, trying port(s) 7687/tcp, then blocked from services ...	Port Scan Hacking
🇫🇷 TheHoneyPotter	2026-06-22 00:29:03 (4 days ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 20031 [1] TCP Reported by: https://git ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 20031 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
Anonymous	2026-06-18 19:38:22 (1 week ago)	Unauthorized connection to SIP port 5060	Fraud VoIP Port Scan
🇺🇸 MPL	2026-06-18 00:25:19 (1 week ago)	tcp/5902	Port Scan
🇲🇹 neilcaruana	2026-06-17 13:47:19 (1 week ago)	Sentinel detected an attack on port [6068]	Hacking
🇩🇪 centurion	2026-06-16 14:43:27 (1 week ago)	Blocked by UFW on ns02 [2201/tcp] Source port: 22298 TTL: 237 Packet length: 44 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [2201/tcp] Source port: 22298 TTL: 237 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 drewf.ink	2026-06-16 07:06:06 (1 week ago)	[07:06] Port scanning. Port(s) scanned: TCP/20	Port Scan
🇬🇧 PeravixGroup	2026-06-15 03:05:26 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 [email protected]	2026-06-14 08:59:47 (1 week ago)	ASN: AS4837 CHINA UNICOM China169 Backbone. Country: CN. Ports: 10397. Proto: TCP. Observations: 1. ... show more ASN: AS4837 CHINA UNICOM China169 Backbone. Country: CN. Ports: 10397. Proto: TCP. Observations: 1. AbuseScore: 74/100 show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-14 04:58:40 (1 week ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 9443 GET / Accept: /; 9443 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 9443 GET / Accept: /; 9443 [1] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇳🇱 donarev419	2026-06-11 04:21:31 (2 weeks ago)	Connection to port 5000 with data transfer. Data preview: USER anonymous	Port Scan Hacking
🇳🇱 BIV	2026-06-10 12:27:03 (2 weeks ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 1443. Automated tiered ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 1443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-06-10 01:49:19 (2 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 673 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.140.214.29

🇬🇧 31.14.254.82

🇺🇸 198.2.182.222

🇭🇰 194.187.178.190

🇷🇺 176.112.128.143

🇳🇱 176.65.148.156

🇨🇳 175.178.58.190

🇭🇰 101.36.111.155

🇺🇸 54.89.101.141

🇪🇸 208.76.222.136

🇬🇧 195.140.214.25

🇺🇸 172.234.200.228

🇨🇳 157.156.242.184

🇺🇸 65.49.1.158

🇮🇳 45.10.194.247

🇸🇬 8.219.165.42

🇨🇿 194.145.183.60

🇲🇴 182.93.50.90

🇳🇱 176.65.148.197

🇺🇸 162.216.150.214