JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.202.112.164

220.202.112.164 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 64%: ?

64%

ISP	China Unicom
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.202.112.164

Whois 220.202.112.164

IP Abuse Reports for 220.202.112.164:

This IP address has been reported a total of 70 times from 29 distinct sources. 220.202.112.164 was first reported on January 20th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-15 06:56:45 (8 hours ago)	Blocked by UFW (TCP on 10424) Source port: 41793 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 10424) Source port: 41793 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 220.202.112.164) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-13 18:40:59 (1 day ago)	tcp/7779 (2 or more attempts)	Port Scan
🇫🇷 TheHoneyPotter	2026-06-13 12:19:02 (2 days ago)	Honeypot [fc-honeypot]: Large payload (1457 bytes); 6588 [1] TCP Reported by: https://github.com/sef ... show more Honeypot [fc-honeypot]: Large payload (1457 bytes); 6588 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 ByeByte API	2026-06-12 20:46:25 (2 days ago)	Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 24442. Single burst at 20 ... show more Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 24442. Single burst at 2026-06-12 20:46 UTC. show less	Port Scan
🇩🇪 dispaisyenterprises	2026-06-11 23:51:49 (3 days ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 1720 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 1720 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-11 13:40:43 (4 days ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (16 bytes of payload); 1028 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (16 bytes of payload); 1028 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 PeravixGroup	2026-06-11 08:35:51 (4 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-06-10 17:38:43 (4 days ago)	tcp/1833 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-10 05:19:44 (5 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-08 23:31:10 (6 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-06-08 03:20:47 (1 week ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇵🇱 sefinek.net	2026-06-07 22:30:03 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 40001 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 40001 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-07 20:02:41 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-07 16:27:28 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 gbzret4d	2026-06-07 12:27:53 (1 week ago)	Honeypot [uk-production01]: Large payload (1457 bytes); 8545 [1] TCP	Bad Web Bot

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 183.171.41.105

🇲🇽 187.204.107.36

🇺🇸 184.105.247.247

🇺🇸 157.230.6.230

🇫🇷 91.231.89.157

🇩🇪 65.111.26.73

🇫🇷 51.178.31.138

🇺🇸 50.46.141.125

🇳🇱 31.57.196.229

🇦🇷 181.167.106.40

🇹🇭 119.63.90.163

🇨🇳 114.227.59.74

🇸🇬 101.47.156.170

🇲🇦 81.192.46.29

🇱🇹 77.90.185.87

🇩🇪 65.111.26.41

🇺🇸 65.49.1.202

🇸🇬 43.156.162.193

🇺🇸 35.252.149.101

🇿🇼 2605:59c1:36e3:4508:41f8:e208:5938:3280