JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.48.4.164

120.48.4.164 was found in our database!

This IP was reported 306 times. Confidence of Abuse is 79%: ?

79%

ISP	Beijing Baidu Netcom Science and Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS38365
Domain Name	baidu.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.48.4.164

Whois 120.48.4.164

IP Abuse Reports for 120.48.4.164:

This IP address has been reported a total of 306 times from 23 distinct sources. 120.48.4.164 was first reported on April 10th 2026, and the most recent report was 13 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 ValtonTahiri	2026-05-21 06:51:58 (1 week ago)	Windows IPBan blocked brute-force / failed login activity. Source=RDP; Username=6; Count=; LogonType ... show more Windows IPBan blocked brute-force / failed login activity. Source=RDP; Username=6; Count=; LogonType=3; SourcePort=0; Status=0xc000006d; SubStatus=0xc000006a; Auth=NTLM show less	Port Scan Brute-Force
🇩🇪 Freenex1911	2026-05-21 03:54:15 (1 week ago)	2026-05-21T03:54:14Z - RDP login from 120.48.4.164 failed multiple times.	Brute-Force
🇯🇵 knock	2026-05-21 03:01:09 (1 week ago)	Knock-Knock honeypot brute-force: RDP (137 total hits)	Brute-Force
🇺🇸 Neosmith20	2026-05-21 02:12:18 (1 week ago)	Knock-Knock honeypot brute-force: RDP (60 total hits)	Brute-Force
🇺🇸 ShadowWhisperer	2026-05-21 01:01:04 (1 week ago)	intrusion - rdp [remote]	Brute-Force Hacking
🇫🇷 ✨	2026-05-21 00:31:08 (1 week ago)	Rule : RDP Rule: RDP Event: RDP UserAccount : Administrator S-1-0-0 - - 0x0 S-1-0-0 Administrator ... show more Rule : RDP Rule: RDP Event: RDP UserAccount : Administrator S-1-0-0 - - 0x0 S-1-0-0 Administrator - 0xc000006d %#13 0xc000006a 3 NtLmSsp NTLM workstation - - 0 0x0 - 120.48.4.164 0 show less	SSH Brute-Force
🇨🇭 TOCE	2026-05-20 22:58:22 (2 weeks ago)	30 hits seen on 2026-05-20, ports 3389 (RDP) on a honeypot from www.toce.ch	Brute-Force
🇺🇸 ShadowWhisperer	2026-05-20 20:50:07 (2 weeks ago)	intrusion - remote [vnc, remote]	Brute-Force Hacking
🇳🇱 knock	2026-05-20 13:02:50 (2 weeks ago)	Knock-Knock honeypot brute-force: RDP (163 total hits)	Brute-Force
🇺🇸 Neosmith20	2026-05-20 02:54:33 (2 weeks ago)	Knock-Knock honeypot brute-force: RDP (55 total hits)	Brute-Force
🇯🇵 knock	2026-05-20 02:27:43 (2 weeks ago)	Knock-Knock honeypot brute-force: RDP (132 total hits)	Brute-Force
🇳🇱 knock	2026-05-19 22:16:38 (2 weeks ago)	Knock-Knock honeypot brute-force: RDP (161 total hits)	Brute-Force
🇨🇭 TOCE	2026-05-19 20:39:34 (2 weeks ago)	28 hits seen on 2026-05-19, ports 3389 (RDP) on a honeypot from www.toce.ch	Brute-Force
🇺🇸 ShadowWhisperer	2026-05-19 20:35:16 (2 weeks ago)	intrusion - remote [vnc, remote]	Brute-Force Hacking
🇺🇸 cwytech	2026-05-19 12:56:19 (2 weeks ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/global-exclusion-high.	Port Scan Brute-Force SSH

Showing 121 to 135 of 306 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.3.196.157

🇨🇦 144.217.74.127

🇻🇳 116.118.44.131

🇨🇳 106.12.241.195

🇷🇴 92.118.39.62

🇺🇸 71.6.199.65

🇳🇱 45.156.87.204

🇫🇷 91.196.152.29

🇺🇸 66.228.38.149

🇺🇸 66.132.172.109

🇬🇧 35.203.210.182

🇬🇧 35.203.210.57

🇺🇸 147.185.132.184

🇨🇳 106.12.74.119

🇱🇹 81.30.98.44

🇺🇸 50.116.72.139

🇬🇧 45.137.126.24

🇭🇰 152.32.172.177

🇳🇱 141.11.0.200

🇩🇪 116.203.204.171