JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.248.108.42

43.248.108.42 was found in our database!

This IP was reported 227 times. Confidence of Abuse is 74%: ?

74%

ISP	UNICOM yunnan Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Kunming, Yunnan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.248.108.42

Whois 43.248.108.42

IP Abuse Reports for 43.248.108.42:

This IP address has been reported a total of 227 times from 68 distinct sources. 43.248.108.42 was first reported on August 23rd 2023, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Justin F. \| AS204464	2026-06-19 05:16:48 (13 hours ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 10162 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 10162 [1] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 sumnone	2026-06-18 11:59:33 (1 day ago)	Port probing on unauthorized port 8999	Port Scan Hacking Exploited Host
🇺🇸 Cyber Crusader	2026-06-18 07:07:41 (1 day ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 MPL	2026-06-18 00:28:26 (1 day ago)	tcp/8085 (2 or more attempts)	Port Scan
🇵🇱 sefinek.net	2026-06-17 15:57:37 (2 days ago)	Honeypot hit: Empty payload (likely service probe); 4000 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 4000 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 MPL	2026-06-16 12:28:10 (3 days ago)	tcp/8080 (2 or more attempts)	Port Scan
🇩🇪 _ArminS_	2026-06-16 05:55:49 (3 days ago)	SP-Scan 22695:9042 detected 2026.06.16 07:55:49 blocked until 2026.08.05 00:58:36	Port Scan
🇩🇪 anycast_ac	2026-06-15 03:51:31 (4 days ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/9200 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/9200 (generic). Commands captured: $ USER anonymous show less	DDoS Attack IoT Targeted Brute-Force
🇬🇧 PeravixGroup	2026-06-15 00:30:42 (4 days ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-06-11 03:01:18 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇸🇬 drewf.ink	2026-06-10 06:18:48 (1 week ago)	[06:18] Port scanning. Port(s) scanned: TCP/8000	Port Scan
🇬🇧 PeravixGroup	2026-06-09 23:55:35 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 MPL	2026-06-09 23:03:32 (1 week ago)	tcp/2087	Port Scan
🇬🇧 PeravixGroup	2026-06-08 12:41:54 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇯🇵 mkaraki	2026-06-08 00:47:18 (1 week ago)	1780879637 # Service_probe # SIGNATURE_SEND # source_ip:43.248.108.42 # dst_port:11210 ...	Port Scan

Showing 1 to 15 of 227 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 160.187.174.22

🇷🇼 196.216.81.126

🇮🇳 190.92.174.127

🇮🇹 185.56.219.209

🇨🇦 144.217.161.208

🇹🇷 131.222.247.239

🇧🇷 45.205.1.80

🇺🇸 44.74.82.192

🇲🇽 187.191.48.23

🇨🇳 183.197.173.228

🇺🇸 174.35.25.178

🇨🇦 138.197.164.175

🇰🇷 121.165.187.77

🇺🇸 98.159.37.223

🇳🇱 91.92.40.176

🇺🇸 72.180.148.13

🇫🇷 51.91.76.106

🇺🇸 44.78.198.182

🇺🇸 43.173.69.147

🇺🇸 205.210.31.80