JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.202.112.158

220.202.112.158 was found in our database!

This IP was reported 75 times. Confidence of Abuse is 67%: ?

67%

ISP	China Unicom
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.202.112.158

Whois 220.202.112.158

IP Abuse Reports for 220.202.112.158:

This IP address has been reported a total of 75 times from 37 distinct sources. 220.202.112.158 was first reported on January 18th 2024, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sumnone	2026-06-12 19:29:28 (21 hours ago)	Port probing on unauthorized port 98	Port Scan Hacking Exploited Host
🇫🇷 TheHoneyPotter	2026-06-12 14:14:05 (1 day ago)	Honeypot [fc-honeypot]: Unauthorized traffic (16 bytes of payload); 32400 [1] TCP Reported by: https ... show more Honeypot [fc-honeypot]: Unauthorized traffic (16 bytes of payload); 32400 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-11 12:00:25 (2 days ago)	Honeypot hit: Large payload (1457 bytes); 1494 [1] TCP	Hacking
🇺🇸 Cyber Crusader	2026-06-11 11:29:35 (2 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-06-10 13:07:23 (3 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-09 23:10:26 (3 days ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-08 22:35:53 (4 days ago)	Blocked by UFW (TCP on 8010) Source port: 38578 TTL: 237 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 8010) Source port: 38578 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 220.202.112.158) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇵🇱 sefinek.net	2026-06-06 22:30:17 (6 days ago)	Honeypot hit: Empty payload (likely service probe); 8089 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 8089 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-06 14:52:55 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 gbzret4d	2026-06-06 07:33:54 (1 week ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 2157 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-06-04 14:15:19 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇮🇹 abuseiphack	2026-06-02 14:34:38 (1 week ago)	Automatic report for brute force attack	Web App Attack
Anonymous	2026-06-02 13:32:36 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 BIV	2026-05-30 13:25:19 (2 weeks ago)	Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 12178. Automated t ... show more Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 12178. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇺🇸 MPL	2026-05-30 05:57:24 (2 weeks ago)	tcp/2421	Port Scan

Showing 1 to 15 of 75 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.31

🇺🇸 147.185.132.47

🇰🇷 122.35.192.61

🇺🇸 40.124.175.52

🇬🇧 5.226.140.13

🇺🇸 65.49.1.110

🇨🇳 60.166.83.172

🇺🇸 57.141.20.56

🇺🇸 47.251.143.167

🇳🇱 45.148.10.157

🇬🇧 35.203.210.24

🇺🇸 20.29.78.145

🇷🇴 2.57.122.177

🇨🇳 221.0.10.169

🇳🇱 185.224.128.16

🇺🇸 172.234.192.12

🇸🇬 168.144.45.211

🇸🇬 103.13.206.100

🇺🇸 38.247.136.244

🇮🇪 3.253.61.154