JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.249.61.237

101.249.61.237 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 26%: ?

26%

ISP	CHINANET XIZANG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.249.61.237

Whois 101.249.61.237

IP Abuse Reports for 101.249.61.237:

This IP address has been reported a total of 28 times from 18 distinct sources. 101.249.61.237 was first reported on February 18th 2022, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-07 07:42:20 (5 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 14:48:04 (5 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-03 08:01:34 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-29 15:28:00 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 gbzret4d	2026-05-17 14:22:40 (3 weeks ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 5902 [1] TCP	Port Scan
🇦🇺 trentwiles.com	2026-04-22 12:02:43 (1 month ago)	Unauthorized connection attempt detected from IP address 101.249.61.237 to port 3385 [SYD]	Port Scan
🇨🇳 ThreatBook.io	2026-04-21 00:18:40 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.61.237 2 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.61.237 2026-04-20 05:50:56 /guard.html show less	Web App Attack
🇩🇪 dispaisyenterprises	2026-04-19 16:45:40 (1 month ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 25105 [1] TCP Reported by D ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 25105 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-19 14:37:25 (1 month ago)	Honeypot hit: HTTP/1.1 request on 16626 GET / Accept: /; 16626 [1] TCP	Web App Attack
Anonymous	2026-04-18 08:35:55 (1 month ago)	Unauthorized connection attempt. Port 9600	Port Scan
🇺🇸 Hobby Bob	2026-04-17 08:55:21 (1 month ago)	Apr 17 09:55:21 server dovecot: pop3-login: Disconnected: Connection closed (auth failed, 1 attempts ... show more Apr 17 09:55:21 server dovecot: pop3-login: Disconnected: Connection closed (auth failed, 1 attempts in 0 secs): user=, rip=101.249.61.237, lip=X.X.X.X session= show less	Port Scan Hacking
🇵🇱 sefinek.net	2026-03-14 19:55:34 (2 months ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 49672 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (16 bytes of payload); 49672 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇯🇵 VXG-NET	2026-02-25 08:35:08 (3 months ago)	port=22, indicator_type=info-leak	Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-02-18 05:20:48 (3 months ago)	Honeypot hit: Empty payload (likely service probe); 5257 [1] TCP	Port Scan
🇩🇪 ValtonTahiri	2026-02-04 18:26:12 (4 months ago)	Honeypot hit: Unauthorized traffic (243 bytes) Payload: ��Nd8}ۡ��m\|$:y�[�2͖a@ �Y�J sl��<8��2�m9g ... show more Honeypot hit: Unauthorized traffic (243 bytes) Payload: ��Nd8}ۡ��m\|$:y�[�2͖a@ �Y�J sl��<8��2�m9g��=kc��.��V�&�+�/�,�0̨̩� �� /5� { �+ 3&$ W��r�� s�ir��Z�f6/�;�X��EUG on 50001/TCP (1 attempt) show less	Port Scan

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.165.244.214

🇹🇭 110.49.6.37

🇺🇸 52.230.163.217

🇳🇱 45.148.10.152

🇺🇸 43.135.135.17

🇰🇿 37.99.122.66

🇭🇰 199.45.154.182

🇫🇮 147.185.133.144

🇺🇸 137.184.153.87

🇧🇬 79.124.40.126

🇺🇸 65.49.1.14

🇳🇱 45.198.224.5

🇮🇳 45.40.57.23

🇹🇿 41.93.28.23

🇨🇳 39.107.136.130

🇫🇮 2a09:bac1:2520:8::48e:4c

🇬🇧 217.146.80.100

🇹🇭 203.154.158.195

🇧🇷 187.5.244.49

🇬🇾 168.232.144.128