JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.178.128.199

116.178.128.199 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 46%: ?

46%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Hami, Xinjiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.178.128.199

Whois 116.178.128.199

IP Abuse Reports for 116.178.128.199:

This IP address has been reported a total of 43 times from 25 distinct sources. 116.178.128.199 was first reported on December 9th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-04 14:15:09 (3 hours ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇧🇷 chronos	2026-05-27 12:48:51 (1 week ago)	2026-05-27 09:42:58 UTC-3\|\|Unauthorized connection attempt detected for port scanning	Port Scan
🇸🇪 donarev419	2026-05-20 08:25:04 (2 weeks ago)	Connection to port 3422 with data transfer. Data preview: USER anonymous	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-19 20:51:55 (2 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇺🇸 sumnone	2026-05-19 20:07:56 (2 weeks ago)	Port probing on unauthorized port 2055	Port Scan Hacking Exploited Host
🇫🇮 6kilowatti	2026-05-19 12:51:52 (2 weeks ago)	2026-05-19T15:51:51.933863+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-05-19T15:51:51.933863+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=116.178.128.199 DST=83.148.240.21 LEN=44 TOS=0x00 PREC=0x00 TTL=228 ID=49620 PROTO=TCP SPT=45371 DPT=2223 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇧🇾 StatsMe	2026-05-18 21:57:19 (2 weeks ago)	2026-05-18T11:35:25.437991+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇬🇧 PeravixGroup	2026-05-14 17:35:34 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-11 20:38:44 (3 weeks ago)	Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aar ... show more Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇬🇧 PeravixGroup	2026-05-09 04:49:20 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇩🇪 Justin F. \| AS204464	2026-05-07 16:47:10 (4 weeks ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (243 bytes of payload); 8139 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (243 bytes of payload); 8139 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 PeravixGroup	2026-05-07 13:46:51 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-05-06 16:20:50 (4 weeks ago)	unsolicited connect TCP dport 18245 (sport 17546)	Hacking
🇮🇩 David Koswari	2026-05-04 05:52:00 (1 month ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇫🇷 centurion	2026-04-27 01:37:56 (1 month ago)	Unauthorized attempt on uptime [60000/tcp] Source port: 42966 TTL: 239 Packet length: 44 TOS: 0x00 h ... show more Unauthorized attempt on uptime [60000/tcp] Source port: 42966 TTL: 239 Packet length: 44 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 172.253.211.16

🇧🇷 170.244.102.2

🇬🇧 37.10.113.217

🇬🇧 35.203.210.54

🇨🇳 203.57.70.32

🇺🇸 166.62.33.9

🇺🇸 162.216.149.232

🇰🇷 115.93.19.12

🇨🇳 114.219.56.203

🇵🇰 110.38.199.247

🇹🇼 104.199.176.250

🇧🇩 103.136.200.241

🇫🇷 92.103.134.183

🇳🇱 89.248.168.227

🇹🇼 60.251.149.140

🇸🇬 47.237.104.43

🇺🇿 5.133.121.104

🇬🇧 195.250.23.247

🇭🇰 189.1.222.135

🇺🇸 104.154.147.248