JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.131

223.166.22.131 was found in our database!

This IP was reported 292 times. Confidence of Abuse is 53%: ?

53%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.131

Whois 223.166.22.131

IP Abuse Reports for 223.166.22.131:

This IP address has been reported a total of 292 times from 56 distinct sources. 223.166.22.131 was first reported on August 6th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 security.rdmc.fr	2026-06-11 21:12:34 (1 day ago)	Port Scan Attack proto:TCP src:9380 dst:21	Port Scan
🇬🇧 PeravixGroup	2026-06-10 16:30:37 (2 days ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-06-10 03:27:10 (3 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-09 23:29:32 (3 days ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-09 17:37:36 (3 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 rscott.us	2026-06-07 20:00:07 (5 days ago)	Brute force SSH login attempts.	Brute-Force SSH
🇨🇭 pingusurmars	2026-06-07 16:28:30 (5 days ago)	Blocked by UFW on amperetwo [10626/tcp] Source port: 11023 TTL: 238 Packet length: 44 TOS: 0x00 Thi ... show more Blocked by UFW on amperetwo [10626/tcp] Source port: 11023 TTL: 238 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-03 02:46:23 (1 week ago)	tcp/9876	Port Scan
🇬🇧 PeravixGroup	2026-05-31 19:28:20 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 05:14:37 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-30 22:32:43 (1 week ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-30 10:43:51 (1 week ago)	Honeypot detection: Server-Side Template Injection (SSTI) attempt on port 6379. Severity: HIGH. Aara ... show more Honeypot detection: Server-Side Template Injection (SSTI) attempt on port 6379. Severity: HIGH. Aaran.cloud show less	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-05-28 06:43:16 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 MPL	2026-05-23 03:32:40 (3 weeks ago)	tcp/9042	Port Scan
🇬🇧 PeravixGroup	2026-05-22 15:34:24 (3 weeks ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking

Showing 1 to 15 of 292 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.78.60.105

🇨🇳 112.94.253.225

🇹🇼 104.199.144.26

🇮🇩 202.145.0.61

🇦🇿 185.146.112.202

🇧🇷 170.238.160.191

🇺🇸 162.254.36.150

🇨🇳 101.126.81.213

🇺🇦 77.120.129.7

🇺🇸 72.89.78.86

🇺🇸 65.49.1.209

🇺🇸 54.215.79.206

🇬🇧 51.89.166.236

🇩🇪 43.165.3.187

🇸🇬 43.156.162.193

🇺🇸 20.228.193.165

🇺🇦 185.157.121.237

🇨🇴 181.234.36.73

🇳🇱 162.159.113.94

🇳🇬 102.140.97.134