JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.172.248.246

116.172.248.246 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 30%: ?

30%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Chengguan Qu, Tibet

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.172.248.246

Whois 116.172.248.246

IP Abuse Reports for 116.172.248.246:

This IP address has been reported a total of 46 times from 19 distinct sources. 116.172.248.246 was first reported on April 29th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-06 16:31:00 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 xmission.com	2026-06-04 13:38:31 (1 week ago)	Blocked by UFW (TCP on 3389) Source port: 57126 TTL: 237 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 3389) Source port: 57126 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 116.172.248.246) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-06-02 00:14:44 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 07:06:25 (2 weeks ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇺🇸 donarev419	2026-05-27 05:34:30 (2 weeks ago)	Connection to port 9042 with data transfer. Data preview: �	Port Scan Hacking
🇬🇧 PeravixGroup	2026-04-24 15:33:05 (1 month ago)	HoneyPot hit - Aaran.cloud \| Tls Probe \| reconnaissance \| [TLS Handshake/SNI Probe] P }h<c=w )!N"t"j ... show more HoneyPot hit - Aaran.cloud \| Tls Probe \| reconnaissance \| [TLS Handshake/SNI Probe] P }h<c=w )!N"t"j=^0/&+/,0 /5 { + 3&$ .;ER`J_@ybq" yS show less	Hacking Web App Attack
🇵🇱 sefinek.net	2026-04-24 14:45:32 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 9182 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 9182 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-24 02:12:33 (1 month ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 51413 [1] TCP	Port Scan
🇨🇳 ThreatBook.io	2026-04-23 00:26:18 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/116.172.248.246 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/116.172.248.246 2026-04-22 03:58:21 http://dongtaiwang.com/ show less	Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-22 07:09:48 (1 month ago)	Honeypot hit: HTTP/1.1 request on 3095 GET / Accept: /; 3095 [1] TCP	Web App Attack
🇷🇸 Scan	2026-04-19 02:49:31 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-04-09 03:36:28 (2 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-04-08 23:40:30 (2 months ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/116.172.248.246	SSH
🇺🇸 LSPCCU	2026-03-29 18:12:11 (2 months ago)	TSEC Honeypot Network report. Threat score: 60/100. Categories: Hacking. Honeypot: cowrie, ssh-telne ... show more TSEC Honeypot Network report. Threat score: 60/100. Categories: Hacking. Honeypot: cowrie, ssh-telnet. Context: 116. show less	Hacking
🇨🇳 ThreatBook.io	2026-03-12 01:21:17 (3 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/116.172.248.246 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/116.172.248.246 2026-03-11 03:10:24 //www.baidu.com:443 show less	Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇮🇩 103.31.39.224

🇫🇷 91.231.89.167

🇰🇷 222.232.176.7

🇺🇬 196.0.34.106

🇩🇪 195.7.5.110

🇳🇱 176.65.149.212

🇩🇪 172.71.160.80

🇺🇸 162.216.149.48

🇺🇸 162.216.150.66

🇩🇪 130.61.83.26

🇳🇱 88.151.33.229

🇩🇪 213.209.159.56

🇷🇴 151.242.30.224

🇫🇮 147.185.133.59

🇸🇬 114.119.156.134

🇭🇰 103.158.29.100

🇬🇧 45.82.76.114

🇺🇸 192.101.65.13

🇬🇧 185.127.71.85