JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.249.63.63

101.249.63.63 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 35%: ?

35%

ISP	CHINANET XIZANG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.249.63.63

Whois 101.249.63.63

IP Abuse Reports for 101.249.63.63:

This IP address has been reported a total of 40 times from 22 distinct sources. 101.249.63.63 was first reported on February 14th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Smel	2026-06-11 03:30:03 (2 days ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-10 05:18:22 (3 days ago)	Honeypot hit: HTTP/1.1 request on 18091 GET / Accept: /; 18091 [1] TCP Reported by: https://githu ... show more Honeypot hit: HTTP/1.1 request on 18091 GET / Accept: /; 18091 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇳🇱 BIV	2026-06-09 04:38:20 (4 days ago)	Honeypot multi-source hit. Sources: tpot:Fatt,tpot:P0f,tpot:Suricata. Ports: 995. Automated tiered ( ... show more Honeypot multi-source hit. Sources: tpot:Fatt,tpot:P0f,tpot:Suricata. Ports: 995. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇯🇵 mkaraki	2026-05-10 19:16:43 (1 month ago)	1778440596 # Service_probe # SIGNATURE_SEND # source_ip:101.249.63.63 # dst_port:50060 ...	Port Scan
🇷🇸 Scan	2026-04-26 01:36:05 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇦🇺 LiftUp Hosting	2026-04-22 15:58:01 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 10000 [1] TCP	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-22 08:45:39 (1 month ago)	Honeypot hit: HTTP/1.1 request on 3120 GET / Accept: /; 3120 [1] TCP	Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-19 02:34:16 (1 month ago)	Honeypot hit: HTTP/1.1 request on 14104 GET / Accept: /; 14104 [1] TCP	Web App Attack
🇵🇱 sefinek.net	2026-04-16 16:22:42 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /assets/GanjingAbout-0xqqgv2B.js \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Petre 21_ip	2026-04-15 21:31:26 (1 month ago)	2026-04-15T23:31:25.795467+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-04-15T23:31:25.795467+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=101.249.63.63 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=230 ID=62163 PROTO=TCP SPT=35023 DPT=467 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇨🇳 ThreatBook.io	2026-04-09 22:30:43 (2 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.63.63 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.63.63 2026-04-09 06:27:39 / show less	Web App Attack
🇯🇵 mkaraki	2026-03-23 01:32:33 (2 months ago)	1774229550 # Service_probe # SIGNATURE_SEND # source_ip:101.249.63.63 # dst_port:12334 ...	Port Scan
🇵🇱 sefinek.net	2026-03-18 02:19:39 (2 months ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 5566 [1] TCP Reported by: https://github.c ... show more Honeypot hit: Unauthorized traffic (16 bytes of payload); 5566 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 dispaisyenterprises	2026-02-24 20:08:45 (3 months ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 5672 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (243 bytes of payload); 5672 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 donarev419	2026-02-24 09:00:59 (3 months ago)	Connection to port 10250 with data transfer. Data preview:	Port Scan Hacking

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.174.244.15

🇵🇰 182.191.159.115

🇮🇳 182.95.27.67

🇺🇸 162.216.150.104

🇨🇳 112.28.234.157

🇺🇸 96.78.175.36

🇸🇬 45.194.17.43

🇪🇬 41.128.181.199

🇻🇪 38.248.175.42

🇮🇳 38.137.11.14

🇺🇸 35.196.33.153

🇬🇧 2a06:4880:8000::b0

🇮🇶 185.158.22.150

🇮🇳 182.95.27.186

🇨🇳 180.167.207.234

🇬🇧 178.128.32.203

🇫🇮 147.185.133.41

🇺🇬 102.218.89.110

🇩🇪 69.5.169.113

🇺🇸 18.221.179.104