JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 222.176.201.252

222.176.201.252 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 38%: ?

38%

ISP	CHINANET Chongqing province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	cta.cq.cn
Country	🇨🇳 China
City	Chongqing, Chongqing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 222.176.201.252

Whois 222.176.201.252

IP Abuse Reports for 222.176.201.252:

This IP address has been reported a total of 50 times from 33 distinct sources. 222.176.201.252 was first reported on January 5th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-07 20:46:45 (4 hours ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 gbzret4d	2026-05-31 21:57:55 (1 week ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 2376 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-31 04:00:28 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 15:47:03 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 19:17:08 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-24 15:39:52 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇩🇪 femboy.cat	2026-05-16 14:08:45 (3 weeks ago)	Port scan to tcp/3689 from 222.176.201.252	Brute-Force
🇫🇷 Petre 21_ip	2026-05-15 08:37:31 (3 weeks ago)	2026-05-15T10:37:31.139737+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-05-15T10:37:31.139737+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=222.176.201.252 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=233 ID=61445 PROTO=TCP SPT=46462 DPT=541 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 cybsecaoccol	2026-05-12 08:48:15 (3 weeks ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
🇨🇳 ThreatBook.io	2026-05-11 23:01:47 (3 weeks ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/222.176.201.252 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/222.176.201.252 2026-05-11 06:25:28 //www.voanews.com:443 show less	Web App Attack
🇦🇺 trentwiles.com	2026-04-28 23:50:23 (1 month ago)	Unauthorized connection attempt detected from IP address 222.176.201.252 to port 9109 [SYD]	Port Scan
Anonymous	2026-04-20 05:22:30 (1 month ago)	Unauthorized connection attempt. Port 8568	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-17 07:52:25 (1 month ago)	Honeypot hit: HTTP/1.1 request on 1096 GET / Accept: /; 1096 [1] TCP	Web App Attack
🇬🇧 gbzret4d	2026-04-14 21:04:36 (1 month ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 7520 [1] TCP	Port Scan
Anonymous	2026-04-10 19:47:52 (1 month ago)	2026-04-10 19:47:52 warning[2499621]: host [222.176.201.252]: unauthorized access attempte ... show more 2026-04-10 19:47:52 warning[2499621]: host [222.176.201.252]: unauthorized access attempted: / show less	Port Scan Brute-Force

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bfc:5001

🇳🇱 185.136.15.13

🇳🇱 176.65.139.43

🇻🇳 165.154.137.186

🇺🇸 146.88.240.103

🇰🇷 106.246.89.68

🇫🇷 82.102.18.180

🇧🇪 34.52.158.68

🇺🇸 20.65.195.25

🇸🇾 5.0.32.34

🇬🇧 195.96.139.250

🇷🇺 178.178.194.135

🇺🇸 172.110.223.97

🇺🇸 147.185.132.129

🇰🇷 121.179.93.147

🇺🇸 107.150.99.178

🇸🇾 93.113.164.108

🇵🇱 87.251.64.176

🇵🇱 77.73.129.46

🇩🇪 64.226.71.148