JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.249.63.84

101.249.63.84 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 45%: ?

45%

ISP	CHINANET XIZANG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.249.63.84

Whois 101.249.63.84

IP Abuse Reports for 101.249.63.84:

This IP address has been reported a total of 43 times from 21 distinct sources. 101.249.63.84 was first reported on February 19th 2022, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇾 StatsMe	2026-06-14 23:16:48 (18 hours ago)	2026-06-14T08:35:33.180028+0300 ET DROP Spamhaus DROP Listed Traffic Inbound group 15	Spoofing Hacking Brute-Force Port Scan
🇸🇪 donarev419	2026-06-14 04:42:23 (1 day ago)	Port scan detected on port 20 (connection without data transfer)	Port Scan
🇦🇺 LiftUp Hosting	2026-06-13 06:34:02 (2 days ago)	Honeypot hit: Large payload (1457 bytes); 8688 [1] TCP	Bad Web Bot
🇬🇧 PeravixGroup	2026-06-08 17:18:04 (1 week ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-05 21:51:21 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-03 00:38:18 (1 week ago)	Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aara ... show more Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aaran.cloud show less	Email Spam
🇬🇧 PeravixGroup	2026-06-02 10:58:26 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 www.winos.me	2026-05-19 02:17:36 (3 weeks ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
🇺🇸 drewf.ink	2026-05-18 19:59:40 (3 weeks ago)	[19:59] Port scanning. Port(s) scanned: TCP/5984	Port Scan
🇦🇺 LiftUp Hosting	2026-05-18 18:22:02 (3 weeks ago)	Honeypot hit: HTTP/1.1 request on 1337 GET / Accept: /; 1337 [1] TCP	Hacking Bad Web Bot
🇨🇳 ThreatBook.io	2026-05-05 22:49:16 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.63.84 20 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/101.249.63.84 2026-05-05 22:20:41 / show less	Web App Attack
🇦🇺 trentwiles.com	2026-04-25 09:06:43 (1 month ago)	Unauthorized connection attempt detected from IP address 101.249.63.84 to port 6631 [SYD]	Port Scan
🇺🇸 LSPCCU	2026-04-25 07:09:14 (1 month ago)	TSEC Honeypot Network report. Threat score: 65/100. Categories: Port Scan, Hacking, Web App Attack, ... show more TSEC Honeypot Network report. Threat score: 65/100. Categories: Port Scan, Hacking, Web App Attack, IoT Targeted. Honeypot: cowrie, ssh-telnet. Context: 101. show less	Port Scan Hacking Web App Attack IoT Targeted
🇬🇧 gbzret4d	2026-04-24 23:09:40 (1 month ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 5570 [1] TCP	Port Scan
🇸🇬 drewf.ink	2026-04-24 15:22:27 (1 month ago)	[15:22] Port scanning. Port(s) scanned: TCP/6001	Port Scan

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.135.165

🇺🇸 162.216.149.13

🇺🇸 129.146.181.168

🇨🇳 120.48.175.69

🇷🇺 92.255.196.185

🇯🇵 52.196.139.25

🇬🇧 35.203.211.75

🇺🇸 192.178.115.217

🇷🇺 178.65.206.24

🇳🇱 91.92.42.120

🇸🇦 79.72.3.119

🇵🇰 72.255.3.40

🇨🇦 51.222.95.131

🇬🇧 35.203.210.188

🇩🇪 31.70.67.141

🇮🇳 202.88.209.51

🇭🇰 116.48.143.166

🇨🇳 49.64.85.138

🇹🇷 5.11.141.74

🇮🇷 2.185.228.25