JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.172.249.5

116.172.249.5 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 17%: ?

17%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.172.249.5

Whois 116.172.249.5

IP Abuse Reports for 116.172.249.5:

This IP address has been reported a total of 40 times from 12 distinct sources. 116.172.249.5 was first reported on April 28th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-22 04:28:46 (1 day ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-04 05:56:50 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 03:18:58 (3 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 LiftUp Hosting	2026-05-31 01:03:58 (3 weeks ago)	Honeypot hit: Empty payload (likely service probe); 8086 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-30 15:53:56 (3 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 10:35:59 (3 weeks ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-04-25 23:38:13 (1 month ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/116.172.249.5 2026-04- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/116.172.249.5 2026-04-25 08:52:05 /websync.exe show less	Web App Attack
🇺🇸 MPL	2026-04-23 08:16:22 (2 months ago)	tcp/111 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-04-23 05:12:32 (2 months ago)	HoneyPot hit - Aaran.cloud \| Rdp Brute Force \| credential attack \| USER anonymous	Brute-Force
🇬🇧 PeravixGroup	2026-04-22 21:10:51 (2 months ago)	HoneyPot hit - Aaran.cloud \| Php Fpm Probe \| web exploitation	Web App Attack
🇨🇳 ThreatBook.io	2026-04-20 00:20:36 (2 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/116.172.249.5	SSH
Anonymous	2026-04-18 04:36:54 (2 months ago)	Unauthorized connection attempt. Port 5006	Port Scan
🇩🇪 dispaisyenterprises	2026-02-22 18:08:43 (4 months ago)	Honeypot hit: Empty payload (likely service probe); 9027 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 9027 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
Anonymous	2026-01-15 19:23:30 (5 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-01-13 05:01:40 (5 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 150.109.198.102

🇺🇸 216.25.89.142

🇦🇷 190.114.122.17

🇮🇳 122.176.158.4

🇻🇳 117.2.123.19

🇰🇷 115.68.208.117

🇧🇷 4.228.83.28

🇺🇸 162.142.125.39

🇨🇳 124.223.78.215

🇨🇳 118.31.72.139

🇱🇻 81.30.98.44

🇩🇪 69.5.169.142

🇬🇧 35.203.210.239

🇧🇷 205.210.31.205

🇩🇪 194.88.98.116

🇬🇧 193.8.186.31

🇬🇧 185.216.145.171

🇺🇸 147.185.132.239

🇨🇳 106.75.251.149

🇷🇺 95.163.227.46