JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.249.246.82

45.249.246.82 was found in our database!

This IP was reported 680 times. Confidence of Abuse is 100%: ?

100%

ISP	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.249.246.82

Whois 45.249.246.82

IP Abuse Reports for 45.249.246.82:

This IP address has been reported a total of 680 times from 228 distinct sources. 45.249.246.82 was first reported on January 7th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Xarcotic	2026-06-07 02:09:04 (18 hours ago)	SSH login on honeypot.	Brute-Force SSH
🇩🇪 Justin F. \| AS204464	2026-06-06 21:22:38 (23 hours ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (247 bytes of payload); 8450 [5] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (247 bytes of payload); 8450 [5] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 sandra361	2026-06-06 13:31:02 (1 day ago)	Port scan detected: 23 attempts across 1 ports (8447). \| Evidence: GHOST_SCAN:IN=enp1s0f0 OUT= SRC=4 ... show more Port scan detected: 23 attempts across 1 ports (8447). \| Evidence: GHOST_SCAN:IN=enp1s0f0 OUT= SRC=45.249.246.82 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=60790 DF PROTO=TCP SPT=25236 DPT=8447 WINDOW=1412 RES=0x00 SYN URGP=0 show less	Port Scan
🇧🇷 diego	2026-06-06 08:25:50 (1 day ago)	[probe-68-69] 2026-06-06 08:09:25, Client: 45.249.246.82, Protocol: 6, Unauthorized activity to HTTP ... show more [probe-68-69] 2026-06-06 08:09:25, Client: 45.249.246.82, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇺🇸 xxkodedxx	2026-06-06 06:42:53 (1 day ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 23× edge-block in 1 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 23× edge-block in 10m window. Origin: HK / AS135377 UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED Active: 06:41:54→06:42:15 UTC Volume: 25 HTTP req Probed: /, icap://icap-server.net/server?arg=87, /v1, /version Status mix: 444×19 400×6 Vhost fishing: 67.217.240.72 UA: "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇺🇸 withfallback.com	2026-06-05 21:23:43 (1 day ago)	sends \r\n\r\n and waits; probably looking for telnet	Port Scan
Anonymous	2026-06-05 20:35:22 (2 days ago)	$f2bV_matches	Brute-Force SSH
🇯🇵 mkaraki	2026-06-05 10:54:59 (2 days ago)	1780656897 # Service_probe # SIGNATURE_SEND # source_ip:45.249.246.82 # dst_port:8083 ...	Port Scan
🇧🇬 MazenHost	2026-06-04 20:10:39 (3 days ago)	1780603838 - 06/04/2026 22:10:38 Host: 45.249.246.82/45.249.246.82 Port: 111 TCP Blocked ...	Port Scan
🇩🇪 femboy.cat	2026-06-04 10:22:57 (3 days ago)	Port scan to tcp/9020 from 45.249.246.82	Brute-Force
🇫🇮 Luhte	2026-06-04 08:57:30 (3 days ago)	Unauthorised SSH/Telnet login attempt with user "GET / HTTP/1.1" at 2026-06-04T08:57:30Z	Brute-Force SSH
🇩🇪 dispaisyenterprises	2026-06-04 08:20:26 (3 days ago)	Honeypot [fra-de-honeypot]: Brute-force attack detected on 23/TELNET • Credentials: GET / HTTP/1.1:H ... show more Honeypot [fra-de-honeypot]: Brute-force attack detected on 23/TELNET • Credentials: GET / HTTP/1.1:Host: [SOME-IP]:23, Accept: /: • Number of login attempts: 2 Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Brute-Force Hacking
🇬🇧 skocherhan	2026-06-04 06:46:45 (3 days ago)	Honeypot: Aggressive scanning detected on port 23. Threshold met.	Port Scan Brute-Force
🇲🇹 neilcaruana	2026-06-03 22:53:58 (3 days ago)	Sentinel detected an attack on port [5601]	Hacking
🇩🇪 kreativstrecke	2026-06-03 18:24:06 (4 days ago)	2026-06-03T20:23:55.539489+02:00 mailtwo postfix/submission/smtpd[1088507]: improper command pipelin ... show more 2026-06-03T20:23:55.539489+02:00 mailtwo postfix/submission/smtpd[1088507]: improper command pipelining after CONNECT from unknown[45.249.246.82]: \377\000\000\000\000\000\000\000\000\177\003\001NULL\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000 2026-06-03T20:24:03.738032+02:00 mailtwo postfix/submission/smtpd[1088507]: lost connection after CONNECT from unknown[45.249.246.82] 2026-06-03T20:24:05.182792+02:00 mailtwo postfix/submission/smtpd[1088507]: improper command pipelining after CONNECT from unknown[45.249.246.82]: \377\000\000\000\000\000\000\000\000\177\003\001NULL\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000 ... show less	Brute-Force

Showing 1 to 15 of 680 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.37

🇩🇪 185.242.3.173

🇲🇾 180.75.74.88

🇮🇷 178.131.146.90

🇧🇷 168.205.220.142

🇫🇮 147.185.133.130

🇱🇹 45.227.254.170

🇨🇳 221.202.231.198

🇩🇪 213.209.159.231

🇹🇼 198.235.24.104

🇮🇶 185.166.25.150

🇨🇳 180.76.239.185

🇸🇬 101.47.159.125

🇬🇧 87.106.35.227

🇺🇸 18.119.209.50

🇺🇸 3.93.211.16

🇺🇸 2604:a880:400:d1:0:4:8bf8:8001

🇩🇪 167.94.146.41

🇹🇭 150.95.81.238

🇱🇹 141.98.10.162