JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.163

223.166.22.163 was found in our database!

This IP was reported 232 times. Confidence of Abuse is 73%: ?

73%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.163

Whois 223.166.22.163

IP Abuse Reports for 223.166.22.163:

This IP address has been reported a total of 232 times from 52 distinct sources. 223.166.22.163 was first reported on August 14th 2022, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-06 06:55:36 (2 hours ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇵🇱 sefinek.net	2026-06-05 04:07:39 (1 day ago)	Blocked by UFW on PL02 [10000/tcp] \| SPT: 9667 \| TTL: 230 \| LEN: 44 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on PL02 [10000/tcp] \| SPT: 9667 \| TTL: 230 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-04 18:00:24 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 20880 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 20880 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 15:24:11 (2 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 donarev419	2026-05-31 07:03:14 (6 days ago)	Port scan detected on port 11210 (connection without data transfer)	Port Scan
🇬🇧 PeravixGroup	2026-05-31 03:05:57 (6 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 21:49:09 (6 days ago)	Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aara ... show more Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aaran.cloud show less	Email Spam
🇩🇪 dispaisyenterprises	2026-05-30 12:54:10 (6 days ago)	Honeypot [fra-de-honeypot]: Large payload (1457 bytes); 1953 [1] TCP Reported by DisPaisy Enterprise ... show more Honeypot [fra-de-honeypot]: Large payload (1457 bytes); 1953 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 PeravixGroup	2026-05-30 11:21:13 (6 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 Cyber Crusader	2026-05-30 10:16:34 (6 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-05-29 20:24:50 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-26 16:40:28 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-05-23 23:29:39 (1 week ago)	2026-05-24T00:29:38.982026+01:00 vps kernel: [41319156.277532] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-24T00:29:38.982026+01:00 vps kernel: [41319156.277532] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=223.166.22.163 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=16480 PROTO=TCP SPT=15012 DPT=2236 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇩🇪 Justin F. \| AS204464	2026-05-22 06:38:51 (2 weeks ago)	Honeypot [nx-infrastructure]: Large payload (1388 bytes); 5357 [1] TCP Reported by: Justin F.	Bad Web Bot
🇬🇧 PeravixGroup	2026-05-21 18:41:27 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking

Showing 1 to 15 of 232 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.127.197.249

🇵🇸 212.106.64.83

🇨🇳 119.249.100.111

🇲🇾 49.124.151.76

🇲🇾 49.124.149.204

🇬🇧 35.203.210.14

🇨🇳 182.43.22.64

🇺🇸 173.194.103.26

🇸🇬 114.119.152.155

🇰🇷 61.41.146.42

🇧🇿 45.227.254.152

🇹🇭 43.173.249.11

🇮🇳 38.137.11.14

🇷🇴 2.57.121.25

🇩🇪 217.234.92.249

🇺🇸 216.239.38.223

🇺🇸 216.180.246.109

🇵🇦 191.101.96.181

🇷🇺 188.72.107.204

🇬🇧 172.69.79.228