JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.24.16.148

1.24.16.148 was found in our database!

This IP was reported 379 times. Confidence of Abuse is 66%: ?

66%

ISP	China unicom InnerMongolia province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Hohhot, Inner Mongolia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.24.16.148

Whois 1.24.16.148

IP Abuse Reports for 1.24.16.148:

This IP address has been reported a total of 379 times from 92 distinct sources. 1.24.16.148 was first reported on January 10th 2024, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-06 09:21:43 (23 hours ago)	tcp/15001 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-05 16:32:30 (1 day ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-03 02:04:28 (4 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Justin F. \| AS204464	2026-06-02 05:41:13 (5 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 17007 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 17007 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 PeravixGroup	2026-06-01 20:44:48 (5 days ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 22:03:50 (1 week ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 MPL	2026-05-29 00:58:47 (1 week ago)	tcp/12349	Port Scan
🇬🇧 PeravixGroup	2026-05-28 10:38:33 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 donarev419	2026-05-26 07:41:11 (1 week ago)	Connection to port 2435 with data transfer. Data preview: �	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-25 16:34:26 (1 week ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
Anonymous	2026-05-22 09:33:02 (2 weeks ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇫🇷 EDSL	2026-05-20 03:01:17 (2 weeks ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-19 18:00:23 (2 weeks ago)	Honeypot hit: Empty payload (likely service probe); 1506 [1] TCP	Port Scan
🇨🇳 ThreatBook.io	2026-05-17 22:44:16 (2 weeks ago)	ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/1.24.16.148 2026-05-17 ... show more ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/1.24.16.148 2026-05-17 00:37:07 /favicon.ico show less	Web App Attack
🇧🇪 Saec	2026-05-17 16:05:51 (2 weeks ago)	Jarvis auto-ban: blocklist:cins	Port Scan Web App Attack

Showing 1 to 15 of 379 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.189.237.172

🇨🇳 171.36.6.53

🇺🇸 157.245.141.140

🇺🇸 44.242.179.127

🇺🇸 44.242.179.74

🇺🇸 44.242.179.48

🇺🇸 44.242.178.16

🇧🇪 34.62.169.37

🇺🇸 23.234.92.174

🇺🇸 23.234.91.77

🇧🇩 103.179.198.19

🇸🇬 47.82.52.10

🇩🇪 45.86.202.206

🇺🇸 23.234.91.149

🇺🇸 23.234.90.77

🇩🇪 213.209.159.56

🇨🇷 201.191.4.33

🇧🇷 191.54.36.37

🇰🇷 112.175.29.94

🇱🇹 77.90.185.80