JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.202.112.135

220.202.112.135 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 43%: ?

43%

ISP	China Unicom
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.202.112.135

Whois 220.202.112.135

IP Abuse Reports for 220.202.112.135:

This IP address has been reported a total of 68 times from 30 distinct sources. 220.202.112.135 was first reported on January 22nd 2024, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-12 00:21:34 (11 hours ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 donarev419	2026-06-09 03:03:50 (3 days ago)	Port scan detected on port 9001 (connection without data transfer)	Port Scan
🇬🇧 PeravixGroup	2026-06-08 19:59:25 (3 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-06-08 18:28:37 (3 days ago)	PROTO=TCP DPT=5903	Port Scan Hacking
🇺🇸 donarev419	2026-06-08 06:46:13 (4 days ago)	Connection to port 1352 with data transfer. Data preview: USER anonymous	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-08 05:20:25 (4 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇸🇪 donarev419	2026-06-06 06:38:37 (6 days ago)	Connection to port 6060 with data transfer. Data preview: OPTIONS sip:nm SIP/2.0 Via: SIP/2.0/TCP n ... show more Connection to port 6060 with data transfer. Data preview: OPTIONS sip:nm SIP/2.0 Via: SIP/2.0/TCP nm;branch=foo;rport From: <sip:nm@nm>;tag=root To: <sip:n show less	Port Scan Hacking
🇫🇷 Petre 21_ip	2026-06-06 04:14:08 (6 days ago)	2026-06-06T06:14:07.505416+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-06T06:14:07.505416+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=220.202.112.135 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=45896 PROTO=TCP SPT=60034 DPT=10003 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-06-05 10:44:45 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇩🇪 dispaisyenterprises	2026-06-04 14:16:59 (1 week ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 10031 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 10031 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 19:13:42 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-02 23:47:26 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇳🇱 BIV	2026-06-02 10:43:56 (1 week ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 16001. Automated tiere ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 16001. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-02 07:19:22 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 donarev419	2026-06-02 06:18:40 (1 week ago)	Connection to port 10329 with data transfer. Data preview: �	Port Scan Hacking

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇹 2803:1500:c00:81b7:ec17:5ee2:71be:9e6b

🇺🇸 195.184.76.92

🇧🇪 104.155.29.73

🇷🇴 92.84.130.90

🇳🇱 89.42.231.160

🇬🇧 35.203.211.135

🇵🇱 31.179.197.26

🇺🇸 3.19.71.27

🇺🇸 195.184.76.128

🇻🇳 171.231.181.81

🇺🇸 162.216.150.40

🇷🇸 77.105.37.221

🇨🇳 60.16.211.205

🇳🇱 45.148.10.183

🇺🇸 40.76.116.231

🇮🇳 4.240.82.91

🇩🇪 213.209.159.56

🇺🇸 207.90.244.19

🇧🇮 154.117.199.56

🇸🇬 104.248.150.191