JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.154.2.2

220.154.2.2 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	China Telecom Group Corporation Qingdao Branch
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141679
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Tianjin, Tianjin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.154.2.2

Whois 220.154.2.2

IP Abuse Reports for 220.154.2.2:

This IP address has been reported a total of 32 times from 27 distinct sources. 220.154.2.2 was first reported on June 5th 2026, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 NordhTech	2026-06-05 22:30:23 (2 minutes ago)	More than 3 malicious connection attempts, trying port(s) 3389/tcp, then blocked from services ...	Port Scan Hacking
🇧🇾 StatsMe	2026-06-05 22:27:36 (5 minutes ago)	2026-06-05T16:39:36.155548+0300 ET DROP Spamhaus DROP Listed Traffic Inbound group 55	Spoofing Hacking Brute-Force Port Scan
🇫🇮 6kilowatti	2026-06-05 22:13:57 (19 minutes ago)	2026-06-06T01:13:56.547096+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-06T01:13:56.547096+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=220.154.2.2 DST=83.148.240.21 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=54321 PROTO=TCP SPT=50361 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 dsp	2026-06-05 22:04:12 (28 minutes ago)	Firewall (ufw): excessive port scanning on [3389]	Port Scan
🇺🇸 MPL	2026-06-05 21:49:15 (43 minutes ago)	tcp/3389	Port Scan
🇱🇹 NotACaptcha	2026-06-05 21:35:55 (57 minutes ago)	Unauthorised access (Jun 6 00:35) SRC=220.154.2.2 LEN=40 TTL=233 ID=54321 TCP DPT=3389 WINDOW=65535 ... show more Unauthorised access (Jun 6 00:35) SRC=220.154.2.2 LEN=40 TTL=233 ID=54321 TCP DPT=3389 WINDOW=65535 SYN show less	Port Scan
🇸🇬 celestialcity	2026-06-05 21:09:58 (1 hour ago)	Blocked by UFW on celestialcityas [3389/tcp] \| SPT: 33117 \| TTL: 228 \| LEN: 40 \| TOS: 0x00 • Reporte ... show more Blocked by UFW on celestialcityas [3389/tcp] \| SPT: 33117 \| TTL: 228 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 Petre 21_ip	2026-06-05 20:55:20 (1 hour ago)	2026-06-05T22:55:19.514822+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-05T22:55:19.514822+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=220.154.2.2 DST=155.133.26.57 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=54321 PROTO=TCP SPT=36588 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 Tamsweb	2026-06-05 20:37:05 (1 hour ago)	Unauthorized connection attempt or scan from 220.154.2.2 on port 3389 ...	Port Scan
🇺🇸 MPL	2026-06-05 19:27:20 (3 hours ago)	tcp/3389 (5 or more attempts)	Port Scan
🇪🇸 el-brujo	2026-06-05 19:09:22 (3 hours ago)	06/05/2026-21:09:22.096412 220.154.2.2 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server ... show more 06/05/2026-21:09:22.096412 220.154.2.2 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking
Anonymous	2026-06-05 18:56:50 (3 hours ago)	Drop from IP address 220.154.2.2 to tcp-port 3389	Port Scan
🇳🇵 radheykrishna.com.np	2026-06-05 17:49:07 (4 hours ago)	Jun 5 23:34:06 kernel: [4171556.426754] [UFW BLOCK] IN=ens160 OUT= SRC=220.154.2.2 LEN=40 TOS=0x00 ... show more Jun 5 23:34:06 kernel: [4171556.426754] [UFW BLOCK] IN=ens160 OUT= SRC=220.154.2.2 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=54321 PROTO=TCP SPT=47574 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇸🇪 SkyDancer	2026-06-05 17:02:47 (5 hours ago)	Multiple intrusion attempts via RDP. Attack automatically blocked by SkyDancer Ai(RDP-X).	Hacking Brute-Force
Anonymous	2026-06-05 16:21:41 (6 hours ago)	Unauthorized access (tcp/3389/rdp)	Port Scan

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.154.133.118

🇺🇸 205.210.31.79

🇹🇼 198.235.24.66

🇨🇳 180.76.202.69

🇮🇳 163.223.244.3

🇺🇸 143.42.1.52

🇺🇸 104.248.125.128

🇮🇩 103.122.34.142

🇺🇸 50.123.92.130

🇳🇱 45.148.10.183

🇩🇪 4.182.219.135

🇷🇴 2.57.121.25

🇬🇧 193.176.29.2

🇩🇪 152.70.18.38

🇨🇳 121.229.31.100

🇷🇴 103.75.71.22

🇳🇱 45.198.224.7

🇹🇳 41.224.62.206

🇵🇰 202.47.57.194

🇧🇷 189.20.181.138