JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 42.48.38.17

42.48.38.17 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 49%: ?

49%

ISP	China Unicom HuNan province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 42.48.38.17

Whois 42.48.38.17

IP Abuse Reports for 42.48.38.17:

This IP address has been reported a total of 134 times from 44 distinct sources. 42.48.38.17 was first reported on November 17th 2025, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-09 19:36:26 (23 hours ago)	ICS Labs identified 42.48.38.17 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇬🇧 PeravixGroup	2026-05-28 05:16:26 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 02:04:36 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇵🇱 sefinek.net	2026-05-22 22:06:15 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 17007 GET / Accept: /; 17007 [1] TCP Reported by: https://githu ... show more Honeypot hit: HTTP/1.1 request on 17007 GET / Accept: /; 17007 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-05-21 13:50:08 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 04:24:42 (3 weeks ago)	Honeypot hit: Empty payload (likely service probe); 2208 [1] TCP	Port Scan
🇺🇸 MPL	2026-05-16 11:52:23 (3 weeks ago)	tcp/2121	Port Scan
🇩🇪 dispaisyenterprises	2026-05-15 22:09:51 (3 weeks ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 7003 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 7003 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 xmission.com	2026-05-15 05:02:21 (3 weeks ago)	Blocked by UFW (TCP on 2105) Source port: 17085 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 2105) Source port: 17085 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 42.48.38.17) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-05-15 00:52:05 (3 weeks ago)	tcp/11210	Port Scan
🇬🇧 PeravixGroup	2026-05-14 05:32:16 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇧🇾 StatsMe	2026-05-12 22:51:14 (4 weeks ago)	2026-05-12T17:04:53.385524+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇬🇧 PeravixGroup	2026-05-10 15:30:06 (1 month ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-08 17:50:12 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇬🇧 PeravixGroup	2026-05-07 19:35:33 (1 month ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2601:3cb:601:b5a0:c584:937f:99d6:c5d6

🇩🇪 213.209.159.11

🇺🇸 195.184.76.36

🇮🇩 103.141.104.66

🇩🇪 103.75.196.199

🇺🇸 70.187.175.238

🇮🇶 65.20.166.171

🇧🇷 200.232.114.71

🇷🇺 188.19.44.167

🇮🇩 157.66.34.149

🇯🇵 104.198.116.30

🇮🇩 103.144.170.15

🇺🇸 38.123.149.185

🇷🇴 2.57.121.112

🇪🇹 196.189.51.246

🇭🇺 195.199.210.194

🇧🇩 103.213.238.91

🇺🇸 70.37.89.177

🇨🇱 34.176.151.233

🇨🇳 223.166.22.190