JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.202.112.72

220.202.112.72 was found in our database!

This IP was reported 91 times. Confidence of Abuse is 85%: ?

85%

ISP	China Unicom
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Changsha, Hunan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.202.112.72

Whois 220.202.112.72

IP Abuse Reports for 220.202.112.72:

This IP address has been reported a total of 91 times from 38 distinct sources. 220.202.112.72 was first reported on October 18th 2023, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 drewf.ink	2026-06-28 12:02:06 (8 hours ago)	[12:02] Port scanning. Port(s) scanned: TCP/2083	Port Scan
🇬🇧 PeravixGroup	2026-06-28 00:58:26 (19 hours ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
Anonymous	2026-06-26 15:36:50 (2 days ago)	220.202.112.72 - - [26/Jun/2026:17:36:49 +0200] "GET /theme/Bob-Theme-Argon/favicon.ico HTTP/1.1" 40 ... show more 220.202.112.72 - - [26/Jun/2026:17:36:49 +0200] "GET /theme/Bob-Theme-Argon/favicon.ico HTTP/1.1" 404 3138 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0" ... show less	Web App Attack
🇬🇧 PeravixGroup	2026-06-24 02:48:19 (4 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-23 03:10:23 (5 days ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
Anonymous	2026-06-23 02:13:34 (5 days ago)	2026-06-23T03:13:33.671328+01:00 vps kernel: [43920961.761835] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-23T03:13:33.671328+01:00 vps kernel: [43920961.761835] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=220.202.112.72 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=8744 PROTO=TCP SPT=43099 DPT=7778 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇸🇬 celestialcity	2026-06-23 01:53:20 (5 days ago)	Blocked by UFW on celestialcityas [9997/tcp] \| SPT: 61398 \| TTL: 226 \| LEN: 44 \| TOS: 0x00 • Reporte ... show more Blocked by UFW on celestialcityas [9997/tcp] \| SPT: 61398 \| TTL: 226 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 TheHoneyPotter	2026-06-22 16:06:04 (6 days ago)	Honeypot [fc-honeypot]: Large payload (1457 bytes); 12313 [1] TCP Reported by: https://github.com/se ... show more Honeypot [fc-honeypot]: Large payload (1457 bytes); 12313 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-22 08:48:34 (6 days ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
🇩🇪 dispaisyenterprises	2026-06-19 04:15:50 (1 week ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 9042 GET / Accept: /; 9042 [1] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 9042 GET / Accept: /; 9042 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇦🇹 urnilxfgbez	2026-06-18 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-17 21:16:56 (1 week ago)	2026-06-17 21:16:55 warning[4097561]: host unknown[220.202.112.72]: unauthorized access at ... show more 2026-06-17 21:16:55 warning[4097561]: host unknown[220.202.112.72]: unauthorized access attempted: tcp/8083 show less	Port Scan Brute-Force
🇩🇪 femboy.cat	2026-06-17 10:06:17 (1 week ago)	Port scan to tcp/5005 from 220.202.112.72	Brute-Force
🇺🇸 xmission.com	2026-06-17 07:51:07 (1 week ago)	Blocked by UFW (TCP on 2375) Source port: 27629 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 2375) Source port: 27629 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 220.202.112.72) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-16 01:59:49 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 91 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.195

🇺🇸 198.74.56.46

🇺🇸 164.92.94.204

🇪🇸 196.196.150.5

🇩🇪 193.124.20.252

🇸🇪 171.25.158.47

🇲🇴 125.31.4.70

🇲🇾 111.90.159.20

🇺🇸 52.44.174.136

🇸🇬 43.153.204.181

🇳🇱 34.178.21.247

🇫🇮 31.76.77.218

🇧🇪 198.235.24.169

🇩🇪 165.22.82.165

🇺🇸 147.182.235.189

🇳🇱 64.34.87.189

🇺🇸 216.244.66.227

🇮🇳 203.145.143.163

🇸🇬 173.44.34.25

🇺🇸 143.244.159.72