JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.248.109.230

43.248.109.230 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 49%: ?

49%

ISP	UNICOM yunnan Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Kunming, Yunnan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.248.109.230

Whois 43.248.109.230

IP Abuse Reports for 43.248.109.230:

This IP address has been reported a total of 120 times from 37 distinct sources. 43.248.109.230 was first reported on November 22nd 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-01 08:12:03 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇷🇸 Scan	2026-06-01 07:35:30 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-31 01:41:15 (2 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇺🇸 shabi	2026-05-29 22:47:31 (2 weeks ago)	UFW Blocked [1521/TCP] Source: 43.248.109.230:57551 TTL: 236 Lenth: 44 TOS: 0x00	Port Scan
🇺🇸 donarev419	2026-05-28 01:36:10 (2 weeks ago)	Connection to port 9997 with data transfer. Data preview: USER anonymous	Port Scan Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-27 17:37:47 (2 weeks ago)	Honeypot hit: Empty payload (likely service probe); 3524 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-23 09:23:50 (3 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-22 12:31:02 (3 weeks ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇦🇺 LiftUp Hosting	2026-05-21 00:26:56 (3 weeks ago)	Honeypot hit: Unauthorized traffic (126 bytes of payload); 8333 [1] TCP	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 05:38:31 (3 weeks ago)	Honeypot hit: Large payload (1388 bytes); 2782 [1] TCP	Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-19 16:27:20 (3 weeks ago)	Honeypot hit: Large payload (1457 bytes); 1270 [1] TCP	Hacking
🇵🇱 sefinek.net	2026-05-18 19:26:36 (4 weeks ago)	Honeypot hit: HTTP/1.1 request on 9334 GET / Accept: /; 9334 [1] TCP Reported by: https://github. ... show more Honeypot hit: HTTP/1.1 request on 9334 GET / Accept: /; 9334 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇩🇪 Justin F. \| AS204464	2026-05-18 09:17:12 (4 weeks ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (25 bytes of payload); 9000 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (25 bytes of payload); 9000 [1] TCP Reported by: Justin F. show less	Port Scan
🇨🇳 ThreatBook.io	2026-05-16 22:06:33 (4 weeks ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/43.248.109.230	SSH
🇬🇧 PeravixGroup	2026-05-16 10:26:33 (4 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force

Showing 1 to 15 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4002:c03::128

🇵🇱 194.180.49.104

🇺🇦 188.191.19.38

🇷🇺 83.171.89.209

🇰🇷 59.21.37.60

🇲🇾 47.250.131.218

🇺🇸 40.90.235.65

🇸🇦 37.242.39.127

🇰🇷 211.62.96.42

🇬🇧 185.216.145.187

🇺🇸 165.154.134.203

🇫🇮 147.185.133.81

🇮🇩 140.213.190.182

🇲🇾 118.101.250.197

🇫🇷 85.217.140.53

🇮🇸 82.221.131.71

🇮🇳 49.204.74.149

🇿🇦 41.123.198.224

🇻🇳 14.177.234.24

🇰🇷 222.112.192.170