JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.249.62.80

101.249.62.80 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 28%: ?

28%

ISP	CHINANET XIZANG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.249.62.80

Whois 101.249.62.80

IP Abuse Reports for 101.249.62.80:

This IP address has been reported a total of 35 times from 14 distinct sources. 101.249.62.80 was first reported on February 4th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-04 17:45:29 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 23:26:03 (2 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 18:17:31 (2 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 femboy.cat	2026-05-28 17:24:38 (2 weeks ago)	Port scan to tcp/5236 from 101.249.62.80	Brute-Force
🇬🇧 PeravixGroup	2026-05-24 07:10:48 (3 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-21 00:36:05 (3 weeks ago)	Honeypot hit: Empty payload (likely service probe); 8306 [1] TCP	Port Scan
🇩🇪 dispaisyenterprises	2026-05-12 20:20:51 (1 month ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 12240 GET / Accept: /; 12240 [1] TCP Reported by ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 12240 GET / Accept: /; 12240 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇨🇳 ThreatBook.io	2026-05-12 00:27:20 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.80 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.80 2026-05-11 10:55:53 / show less	Web App Attack
🇬🇧 gbzret4d	2026-05-05 11:04:37 (1 month ago)	Honeypot [uk-production01]: Unauthorized traffic (243 bytes of payload); 50318 [1] TCP	Port Scan
🇨🇳 ThreatBook.io	2026-04-23 23:58:11 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.62.80	SSH
🇬🇧 PeravixGroup	2026-04-23 05:09:21 (1 month ago)	HoneyPot hit - Aaran.cloud \| Tls Probe \| reconnaissance \| [TLS Handshake/SNI Probe] a`^q/tug3A#&Bk 1 ... show more HoneyPot hit - Aaran.cloud \| Tls Probe \| reconnaissance \| [TLS Handshake/SNI Probe] a`^q/tug3A#&Bk 1>!Csr{PZf Z&+/,0 /5 { + 3&$ *^ :\)!gFfLx=ID show less	Brute-Force
🇬🇧 PeravixGroup	2026-04-22 12:29:12 (1 month ago)	HoneyPot hit - Aaran.cloud - [TLS Handshake/SNI Probe] Hn(G]]L3]6QE A;.'qVxZjiH[J>Ok;1`&+/,0 /5 { + ... show more HoneyPot hit - Aaran.cloud - [TLS Handshake/SNI Probe] Hn(G]]L3]6QE A;.'qVxZjiH[J>Ok;1`&+/,0 /5 { + 3&$ \|sGN W4A.ma3 show less	Web App Attack
🇺🇸 donarev419	2026-04-19 01:07:04 (1 month ago)	Connection to port 5006 with data transfer. Data preview:	Port Scan Hacking
🇩🇪 guldkage	2026-04-05 08:56:30 (2 months ago)	Unauthorized connection attempt detected from IP address 101.249.62.80 to port 21 (ger-02) [FTP]	Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-27 12:39:15 (2 months ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 10131 [1] TCP	Port Scan

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.32.162.83

🇩🇪 165.154.164.21

🇸🇬 103.189.234.85

🇬🇧 2a06:4880::1a

🇺🇸 209.141.46.157

🇨🇳 175.12.108.55

🇨🇳 120.48.155.60

🇨🇳 120.48.95.246

🇮🇳 106.215.170.98

🇻🇳 103.97.135.244

🇺🇸 65.49.1.108

🇧🇷 45.178.227.0

🇸🇬 43.160.252.181

🇨🇳 27.21.31.143

🇺🇸 20.127.155.221

🇷🇺 5.167.67.226

🇩🇪 213.209.159.56

🇺🇦 178.137.16.232

🇳🇱 172.253.82.211

🇮🇶 150.228.104.145