JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.162.216.223

116.162.216.223 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 88%: ?

88%

ISP	China United Network Communications Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.162.216.223

Whois 116.162.216.223

IP Abuse Reports for 116.162.216.223:

This IP address has been reported a total of 52 times from 47 distinct sources. 116.162.216.223 was first reported on March 30th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 03:59:30 (1 day ago)	SSH brute force attempt. User: root, Pass: [REDACTED]	Brute-Force SSH
🇩🇪 Justin F. \| AS204464	2026-06-08 11:32:28 (3 days ago)	Honeypot [nx-infrastructure]: Brute-force attack detected on 22/SSH • Credential used: root:undefine ... show more Honeypot [nx-infrastructure]: Brute-force attack detected on 22/SSH • Credential used: root:undefined • Number of login attempts: 1 • 1 command(s) were executed during the session • Client: SSH-2.0-makiko • SSH key fingerprints: 08:7f:9f:39:72:34:9e:c3:66:17:5b:f0:a8:7c:50:08 Reported by: Justin F. show less	SSH Hacking
🇫🇷 EDSL	2026-06-08 10:52:24 (3 days ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Database/Cache Attack)	Brute-Force Port Scan Hacking
🇺🇸 Bankbook8585	2026-06-07 20:41:06 (4 days ago)	T-Pot honeypot \| Cowrie SSH/Telnet honeypot: cowrie.command.input \| Cowrie SSH/Telnet honeypot: cowr ... show more T-Pot honeypot \| Cowrie SSH/Telnet honeypot: cowrie.command.input \| Cowrie SSH/Telnet honeypot: cowrie.login.success user=root show less	Brute-Force SSH
🇩🇪 iNetWorker	2026-06-04 18:40:29 (1 week ago)	firewall-block, port(s): 6379/tcp	Port Scan
🇵🇱 mkey	2026-06-04 01:55:01 (1 week ago)	Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS ... show more Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS=6379 \| HITS=2 \| IPSET=ADD \| FIRST=2026-06-04 03:52:46 \| LAST=2026-06-04 03:52:46. Last seen 2026-06-04 03:52:46. show less	Port Scan
🇳🇱 BellFix	2026-05-29 11:12:30 (1 week ago)	Fail2ban reported 116.162.216.223 for sshd	SSH Brute-Force
🇳🇱 BIV	2026-05-27 00:25:44 (2 weeks ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 6379. Automated tiered ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 6379. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇺🇸 RAP	2026-05-26 18:51:06 (2 weeks ago)	2026-05-26 18:51:06 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇧🇷 helix	2026-05-25 12:39:38 (2 weeks ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇩🇪 anycast_ac	2026-05-21 05:03:51 (3 weeks ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/6379 (redis). Commands captured ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/6379 (redis). Commands captured: $ info server show less	DDoS Attack IoT Targeted Brute-Force
🇺🇸 Luhte	2026-05-20 21:54:59 (3 weeks ago)	Unsolicited TCP connection from 116.162.216.223 to port 0 at 2026-05-20T21:54:59Z. Source IP complet ... show more Unsolicited TCP connection from 116.162.216.223 to port 0 at 2026-05-20T21:54:59Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇨🇿 lp	2026-05-20 03:21:44 (3 weeks ago)	anomaly: tcp_port_scan, 501 > threshold 500, repeats 3576 times	Port Scan
🇸🇬 drewf.ink	2026-05-18 05:01:29 (3 weeks ago)	[05:01] Port scanning. Port(s) scanned: TCP/6379	Port Scan
🇩🇪 onlyops.app	2026-05-17 11:00:09 (3 weeks ago)	Brute-force login attempts on SSH \| detected by Fail2Ban (ssh jail) \| onlyops.app	Brute-Force

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.220

🇺🇸 173.225.111.167

🇺🇸 157.245.245.246

🇺🇸 135.237.127.172

🇧🇷 131.100.63.30

🇨🇳 121.29.85.197

🇨🇳 113.125.165.132

🇩🇪 82.115.21.205

🇺🇸 65.49.1.195

🇲🇾 47.250.158.21

🇩🇪 8.211.46.83

🇧🇷 205.210.31.223

🇮🇩 202.10.41.114

🇧🇪 198.235.24.198

🇩🇪 195.63.19.132

🇧🇷 168.195.0.52

🇺🇸 159.203.109.218

🇸🇬 159.89.206.204

🇵🇭 136.158.66.127

🇲🇾 124.13.114.248