JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.167.233.157

220.167.233.157 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 57%: ?

57%

ISP	CHINANET QINGHAI province network
Usage Type	Fixed Line ISP
ASN	AS140061
Domain Name	xn.qh.cn
Country	🇨🇳 China
City	Xining, Qinghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.167.233.157

Whois 220.167.233.157

IP Abuse Reports for 220.167.233.157:

This IP address has been reported a total of 155 times from 56 distinct sources. 220.167.233.157 was first reported on January 24th 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-15 03:51:09 (4 hours ago)	Blocked by UFW on LAXHH [9012/tcp] \| SPT: 39126 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9012/tcp] \| SPT: 39126 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-14 15:11:05 (17 hours ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (16 bytes of payload); 8085 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (16 bytes of payload); 8085 [1] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 Axel	2026-06-14 01:08:08 (1 day ago)	Blocked by UFW on LAXHH [465/tcp] \| SPT: 65038 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on LAXHH [465/tcp] \| SPT: 65038 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Email Spam
Anonymous	2026-06-11 18:22:23 (3 days ago)	Honeypot hit: Empty payload (likely service probe); 10034 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 10034 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-10 13:09:17 (4 days ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-06 18:43:15 (1 week ago)	Honeypot hit: HTTP/1.1 request on 5566 GET / Accept: /; 5566 [1] TCP	Web App Attack
🇩🇪 femboy.cat	2026-06-04 07:17:51 (1 week ago)	Port scan to tcp/60002 from 220.167.233.157	Brute-Force
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 PeravixGroup	2026-06-03 20:45:19 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 CrystalMaker	2026-05-31 05:23:51 (2 weeks ago)	Vulnerability scan - GET /ipfs/bafkreicyqcbhpicbos7ev4mrxofwqx6hvvge7pahpta6xuspr44crai5by	Hacking
🇬🇧 PeravixGroup	2026-05-20 20:03:11 (3 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇨🇳 ThreatBook.io	2026-05-13 01:34:13 (1 month ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/220.167.233.157 2026-0 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/220.167.233.157 2026-05-12 08:55:20 / show less	Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-28 19:54:52 (1 month ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 50011 [1] TCP	Port Scan
🇫🇮 6kilowatti	2026-04-27 00:22:20 (1 month ago)	2026-04-27T03:22:20.305612+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-04-27T03:22:20.305612+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=220.167.233.157 DST=5.61.88.83 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=58035 PROTO=TCP SPT=47027 DPT=7547 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-27 00:18:36 (1 month ago)	Honeypot hit: HTTP/1.1 request on 8026 GET / Accept: /; 8026 [1] TCP	Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.178.253.58

🇮🇳 103.98.209.63

🇧🇬 78.128.114.102

🇫🇷 62.84.186.183

🇫🇷 2001:41d0:33d:9200::40b

🇰🇷 211.46.188.16

🇨🇳 202.46.62.38

🇳🇱 193.176.31.155

🇮🇩 163.7.8.79

🇪🇪 109.206.241.199

🇻🇳 103.172.236.15

🇵🇱 31.179.197.26

🇶🇦 20.173.116.24

🇺🇸 20.163.14.140

🇰🇷 14.63.198.239

🇩🇪 2a05:d014:fb0:c801:ab6b:852c:f175:9def

🇺🇸 216.73.216.52

🇹🇳 197.26.142.111

🇺🇦 194.183.173.32

🇷🇺 185.40.30.168