JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.202.112.229

220.202.112.229 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 74%: ?

74%

ISP	China Unicom
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.202.112.229

Whois 220.202.112.229

IP Abuse Reports for 220.202.112.229:

This IP address has been reported a total of 81 times from 34 distinct sources. 220.202.112.229 was first reported on January 24th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 jay hung	2026-06-20 00:33:58 (1 day ago)	2026-06-20T00:33:57.954409+00:00 quarktech kernel: [560291.163511] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-20T00:33:57.954409+00:00 quarktech kernel: [560291.163511] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=220.202.112.229 DST=172.237.20.248 LEN=44 TOS=0x00 PREC=0x00 TTL=232 ID=3056 PROTO=TCP SPT=49354 DPT=43 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 centurion	2026-06-19 15:41:32 (2 days ago)	Blocked by UFW on ns02 [10089/tcp] Source port: 12427 TTL: 237 Packet length: 44 TOS: 0x00 This rep ... show more Blocked by UFW on ns02 [10089/tcp] Source port: 12427 TTL: 237 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-18 13:22:59 (3 days ago)	Blocked by UFW (TCP on 30444) Source port: 34425 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 30444) Source port: 34425 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 220.202.112.229) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇺 paulshipley.com.au	2026-06-18 11:32:51 (3 days ago)	levellapromotions.com.au:443 220.202.112.229 - - [18/Jun/2026:21:32:44 +1000] "GET /ipfs/bafkreicyqc ... show more levellapromotions.com.au:443 220.202.112.229 - - [18/Jun/2026:21:32:44 +1000] "GET /ipfs/bafkreicyqcbhpicbos7ev4mrxofwqx6hvvge7pahpta6xuspr44crai5by HTTP/1.1" 404 155780 "-" "Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36" ... show less	Web App Attack
🇫🇮 sonot	2026-06-16 13:50:30 (5 days ago)	Blocked by UFW on mail [9443/tcp] \| SPT: 34197 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on mail [9443/tcp] \| SPT: 34197 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇵🇱 nfsec.pl	2026-06-16 00:28:10 (5 days ago)	Detected: TCP scan on port: 82 with flags: SYN	Port Scan
🇬🇧 PeravixGroup	2026-06-15 01:42:02 (6 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-12 07:16:25 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 2856 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 2856 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 MPL	2026-06-11 17:39:01 (1 week ago)	tcp/2202 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-11 11:30:30 (1 week ago)	tcp/8032	Port Scan
Anonymous	2026-06-11 07:16:24 (1 week ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 10003 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (16 bytes of payload); 10003 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-11 04:52:41 (1 week ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2323 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2323 [1] TCP Reported by: Justin F. show less	Port Scan
🇩🇪 dispaisyenterprises	2026-06-10 10:45:53 (1 week ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 20547 GET / Accept: /; 20547 [1] TCP Reported by ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 20547 GET / Accept: /; 20547 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 xmission.com	2026-06-09 12:37:01 (1 week ago)	Blocked by UFW (TCP on 7443) Source port: 15334 TTL: 237 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 7443) Source port: 15334 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 220.202.112.229) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-09 10:26:16 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking

Showing 1 to 15 of 81 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 161.35.188.231

🇩🇪 104.207.63.49

🇨🇳 58.221.60.25

🇳🇱 45.148.10.141

🇷🇺 45.143.203.220

🇧🇪 198.235.24.184

🇦🇷 186.5.180.176

🇺🇸 152.32.151.128

🇺🇸 147.182.246.240

🇩🇪 139.59.208.49

🇨🇳 125.44.182.15

🇸🇬 103.250.11.176

🇺🇸 103.203.57.28

🇺🇸 74.94.234.151

🇧🇷 186.235.193.170

🇸🇬 178.128.56.88

🇧🇷 177.104.171.149

🇫🇷 143.14.66.8

🇨🇳 123.144.31.140

🇺🇸 85.208.96.203