JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 222.176.201.195

222.176.201.195 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 55%: ?

55%

ISP	CHINANET Chongqing province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	cta.cq.cn
Country	🇨🇳 China
City	Chongqing, Chongqing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 222.176.201.195

Whois 222.176.201.195

IP Abuse Reports for 222.176.201.195:

This IP address has been reported a total of 74 times from 31 distinct sources. 222.176.201.195 was first reported on December 26th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-11 01:58:57 (1 hour ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-05 23:59:41 (5 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 AS213449.net	2026-06-05 04:36:17 (5 days ago)	06/05/2026-06:36:08.300902 src=222.176.201.195 dst=89.144.63.119:3306 proto=6 msg=ET SCAN Suspicious ... show more 06/05/2026-06:36:08.300902 src=222.176.201.195 dst=89.144.63.119:3306 proto=6 msg=ET SCAN Suspicious inbound to mySQL port 3306 show less	SQL Injection
🇬🇧 PeravixGroup	2026-06-05 01:01:09 (6 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-06-03 00:55:36 (1 week ago)	tcp/6601	Port Scan
🇸🇪 NordhTech	2026-06-02 22:45:13 (1 week ago)	More than 3 malicious connection attempts, trying port(s) 7500/tcp, then blocked from services ...	Port Scan Hacking
🇺🇸 Cyber Crusader	2026-06-01 21:20:47 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-06-01 20:43:53 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 17:47:34 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-05-23 05:59:36 (2 weeks ago)	2026-05-23T06:59:35.426031+01:00 vps kernel: [41256153.419187] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-23T06:59:35.426031+01:00 vps kernel: [41256153.419187] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=222.176.201.195 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=232 ID=27025 PROTO=TCP SPT=37203 DPT=2147 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇺🇸 MPL	2026-05-21 13:22:59 (2 weeks ago)	tcp/10217	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-21 08:18:11 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 9927 GET / Accept: /; 9927 [1] TCP	Web App Attack
🇦🇺 LiftUp Hosting	2026-05-16 13:16:04 (3 weeks ago)	Honeypot hit: Empty payload (likely service probe); 12350 [1] TCP	Port Scan
🇺🇸 MPL	2026-05-16 12:00:57 (3 weeks ago)	tcp/49671	Port Scan
🇺🇸 sumnone	2026-05-14 16:36:16 (3 weeks ago)	Port probing on unauthorized port 12240	Port Scan Hacking Exploited Host

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇲🇾 180.75.126.172

🇯🇵 107.155.15.8

🇧🇬 79.124.49.194

🇺🇸 73.22.118.43

🇳🇱 34.7.11.78

🇸🇬 2a09:bac1:6540:8::2e4:7e

🇵🇰 223.123.38.98

🇺🇸 192.3.64.210

🇧🇷 179.42.108.240

🇷🇺 178.207.73.106

🇷🇴 80.94.92.177

🇧🇩 58.147.171.11

🇧🇷 45.205.1.196

🇸🇬 34.21.232.171

🇺🇸 165.154.162.142

🇮🇳 103.54.101.248

🇩🇪 69.5.169.143

🇩🇪 45.135.141.22

🇬🇧 35.203.210.113