JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.167.232.104

220.167.232.104 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 50%: ?

50%

ISP	CHINANET QINGHAI province network
Usage Type	Fixed Line ISP
ASN	AS140061
Domain Name	xn.qh.cn
Country	🇨🇳 China
City	Xining, Qinghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.167.232.104

Whois 220.167.232.104

IP Abuse Reports for 220.167.232.104:

This IP address has been reported a total of 163 times from 60 distinct sources. 220.167.232.104 was first reported on January 24th 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Scan	2026-06-17 00:44:24 (15 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Axel	2026-06-16 16:18:18 (23 hours ago)	Blocked by UFW on LAXHH [5280/tcp] \| SPT: 51759 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [5280/tcp] \| SPT: 51759 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇩 hermawan	2026-06-16 07:19:15 (1 day ago)	1781594346.303065 220.167.232.104 103.166.156.58 1024_2_1400_0 2026-06-16 14:19:06 WIB ...	Email Spam Hacking
🇺🇸 Axel	2026-06-15 23:36:30 (1 day ago)	Blocked by UFW on LAXHH [49670/tcp] \| SPT: 52781 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: git ... show more Blocked by UFW on LAXHH [49670/tcp] \| SPT: 52781 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-15 12:28:48 (2 days ago)	tcp/9295 (2 or more attempts)	Port Scan
🇺🇸 Axel	2026-06-13 16:05:21 (3 days ago)	Blocked by UFW on LAXHH [8084/tcp] \| SPT: 35099 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [8084/tcp] \| SPT: 35099 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-13 02:12:57 (4 days ago)	Blocked by UFW on LAXHH [9292/tcp] \| SPT: 37177 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9292/tcp] \| SPT: 37177 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-11 22:03:53 (5 days ago)	Blocked by UFW on LAXHH [5000/tcp] \| SPT: 49875 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [5000/tcp] \| SPT: 49875 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 21:03:13 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 02:39:05 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 11:41:53 (2 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇮🇹 Fusty	2026-05-24 20:21:51 (3 weeks ago)	Unauthorized attempt on (TCP on port 10445). Source port: 28219 TTL: 232 Packet length: 44 Timestamp ... show more Unauthorized attempt on (TCP on port 10445). Source port: 28219 TTL: 232 Packet length: 44 Timestamp: 2026-05-24 22:21:51 show less	Port Scan
🇺🇸 xmission.com	2026-05-20 08:13:11 (4 weeks ago)	Blocked by UFW (TCP on 49668) Source port: 61945 TTL: 239 Packet length: 44 TOS: 0x00 This report ( ... show more Blocked by UFW (TCP on 49668) Source port: 61945 TTL: 239 Packet length: 44 TOS: 0x00 This report (for 220.167.232.104) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-05-16 23:26:43 (1 month ago)	tcp/27017 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-05-16 18:31:59 (1 month ago)	tcp/18091	Port Scan

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.234.218.87

🇨🇳 123.14.122.220

🇨🇳 120.32.92.200

🇻🇳 103.60.242.169

🇺🇸 74.82.47.22

🇺🇸 66.132.172.105

🇨🇳 60.16.210.49

🇧🇷 45.190.144.104

🇧🇷 45.165.238.2

🇨🇳 36.33.167.165

🇺🇸 20.221.72.24

🇫🇷 2a10:4646:190::e5d4:7524

🇮🇩 180.247.59.226

🇩🇪 167.94.145.25

🇭🇰 152.32.214.226

🇵🇰 103.199.141.28

🇮🇳 103.83.2.240

🇺🇸 91.230.168.186

🇺🇸 91.230.168.139

🇳🇱 91.92.42.182