JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.249.62.189

101.249.62.189 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 24%: ?

24%

ISP	CHINANET XIZANG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.249.62.189

Whois 101.249.62.189

IP Abuse Reports for 101.249.62.189:

This IP address has been reported a total of 36 times from 17 distinct sources. 101.249.62.189 was first reported on February 12th 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 23:38:40 (2 weeks ago)	Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: ... show more Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: MEDIUM. Aaran.cloud show less	Port Scan Brute-Force
🇬🇧 PeravixGroup	2026-06-08 06:44:55 (2 weeks ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-06 04:11:02 (2 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 femboy.cat	2026-06-03 12:15:39 (3 weeks ago)	Port scan to tcp/873 from 101.249.62.189	Brute-Force
🇦🇺 LiftUp Hosting	2026-05-24 17:27:59 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 27008 [1] TCP	Port Scan
🇺🇸 xmission.com	2026-05-22 14:22:11 (1 month ago)	Blocked by UFW (TCP on 3268) Source port: 36332 TTL: 238 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 3268) Source port: 36332 TTL: 238 Packet length: 44 TOS: 0x00 This report (for 101.249.62.189) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-11 19:48:59 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇵🇱 pshost.pl	2026-05-09 17:37:58 (1 month ago)	2026-05-09T17:37:58.616Z, an unauthorized access attempt was detected on port 22 (SSH) from source I ... show more 2026-05-09T17:37:58.616Z, an unauthorized access attempt was detected on port 22 (SSH) from source IP address 101.249.62.189. show less	Port Scan Brute-Force SSH
🇨🇳 ThreatBook.io	2026-04-25 00:15:33 (2 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.189 2 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.189 2026-04-24 01:22:58 //dnspod.qcloud.com:443 show less	Web App Attack
Anonymous	2026-04-19 10:22:22 (2 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-01 08:19:40 (3 months ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 5901 [1] TCP	Port Scan
Anonymous	2026-02-28 21:08:58 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 donarev419	2026-02-11 03:00:23 (4 months ago)	Connection to port 880 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:880 A ... show more Connection to port 880 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:880 Accept: / show less	Port Scan Hacking
🇷🇸 Smel	2026-01-26 08:15:03 (4 months ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
🇨🇳 ThreatBook.io	2026-01-22 01:26:10 (5 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.189 2 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.189 2026-01-21 14:53:53 / show less	Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.78.20.72

🇺🇸 205.210.31.71

🇺🇸 148.153.193.23

🇺🇸 142.251.153.1

🇨🇳 125.91.111.126

🇨🇳 124.113.249.10

🇮🇩 103.242.104.81

🇮🇩 103.78.104.7

🇧🇬 79.124.56.210

🇺🇸 66.132.172.233

🇨🇳 59.36.134.157

🇸🇬 54.254.183.247

🇯🇵 54.238.209.224

🇺🇸 54.153.58.131

🇫🇷 51.210.154.66

🇸🇬 47.128.68.84

🇧🇷 20.226.46.77

🇦🇺 13.239.4.8

🇺🇸 3.145.195.187

🇰🇷 3.34.255.44