JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.248.1.28

220.248.1.28 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 51%: ?

51%

ISP	China Unicom Shanghai province network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.248.1.28

Whois 220.248.1.28

IP Abuse Reports for 220.248.1.28:

This IP address has been reported a total of 44 times from 35 distinct sources. 220.248.1.28 was first reported on April 26th 2024, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Scan	2026-06-26 02:31:50 (19 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇷🇸 Smel	2026-06-26 02:23:10 (19 hours ago)	SQL/MH Probe, Scan, Hack -	Port Scan Hacking SQL Injection
🇺🇸 Cyber Crusader	2026-06-23 02:43:03 (3 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇩🇪 centurion	2026-06-22 00:57:05 (4 days ago)	Blocked by UFW on ns02 [1433/tcp] Source port: 61451 TTL: 112 Packet length: 52 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [1433/tcp] Source port: 61451 TTL: 112 Packet length: 52 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 StopAbuse	2026-06-15 08:44:47 (1 week ago)	tcp/1433	Port Scan
Anonymous	2026-06-09 10:11:01 (2 weeks ago)	ET SCAN Suspicious inbound to MSSQL port 1433	Port Scan
🇮🇹 Fusty	2026-05-26 07:48:29 (1 month ago)	Unauthorized attempt on (TCP on port 1433). Source port: 65179 TTL: 110 Packet length: 52 Timestamp: ... show more Unauthorized attempt on (TCP on port 1433). Source port: 65179 TTL: 110 Packet length: 52 Timestamp: 2026-05-26 09:48:28 show less	Port Scan
🇳🇱 donarev419	2026-05-23 05:20:43 (1 month ago)	Port scan detected on port 1433 (connection without data transfer)	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-15 02:36:41 (1 month ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 65533 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 65533 [1] TCP Reported by: Justin F. show less	Port Scan
🇳🇱 AS213449.net	2026-05-04 17:08:54 (1 month ago)	05/04/2026-19:08:51.396661 src=220.248.1.28 dst=5.175.170.11:1433 proto=6 msg=ET SCAN Suspicious inb ... show more 05/04/2026-19:08:51.396661 src=220.248.1.28 dst=5.175.170.11:1433 proto=6 msg=ET SCAN Suspicious inbound to MSSQL port 1433 show less	SQL Injection
🇧🇾 StatsMe	2026-05-03 21:26:45 (1 month ago)	2026-05-03T04:43:19.685389+0300 ET SCAN Suspicious inbound to MSSQL port 1433	Port Scan
🇩🇪 guldkage	2026-04-30 04:38:46 (1 month ago)	Unauthorized connection attempt detected from IP address 220.248.1.28 to port 1433 (ger-03) [o]	Brute-Force Exploited Host
🇩🇪 EinfxchFinn	2026-04-29 20:27:06 (1 month ago)	Unauthorized connection attempt to port 1433 from 220.248.1.28	Port Scan
🇩🇪 dispaisyenterprises	2026-04-16 04:15:11 (2 months ago)	Honeypot [fra-de-honeypot]: MSSQL traffic (on 1433) without login credentials Reported by DisPaisy E ... show more Honeypot [fra-de-honeypot]: MSSQL traffic (on 1433) without login credentials Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 sefinek.net	2026-04-07 03:03:21 (2 months ago)	Blocked by UFW on NY01 [1433/tcp] \| SPT: 54447 \| TTL: 113 \| LEN: 52 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on NY01 [1433/tcp] \| SPT: 54447 \| TTL: 113 \| LEN: 52 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.177.179.79

🇧🇷 177.221.171.150

🇧🇷 177.184.71.184

🇷🇺 82.147.85.62

🇬🇧 35.203.211.66

🇨🇭 20.203.129.163

🇺🇸 13.222.40.117

🇬🇧 5.226.140.70

🇰🇷 221.163.5.228

🇺🇸 212.87.218.197

🇿🇦 197.91.129.24

🇩🇪 178.20.101.93

🇵🇭 150.228.225.149

🇨🇳 101.96.192.45

🇧🇾 81.30.98.142

🇳🇱 64.34.87.185

🇰🇼 62.150.51.201

🇧🇷 45.229.91.34

🇬🇧 35.203.210.210

🇺🇸 193.3.53.5