JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.170

223.166.22.170 was found in our database!

This IP was reported 288 times. Confidence of Abuse is 55%: ?

55%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.170

Whois 223.166.22.170

IP Abuse Reports for 223.166.22.170:

This IP address has been reported a total of 288 times from 67 distinct sources. 223.166.22.170 was first reported on August 17th 2022, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-30 14:18:34 (6 hours ago)	ICS Labs identified 223.166.22.170 as a malicious indicator from threat intelligence.	DDoS Attack Port Scan Hacking Brute-Force Exploited Host
🇺🇸 micropedro	2026-06-12 02:31:13 (2 weeks ago)	11 incidents: port scanning. First: 2026-02-17 11:24, Last: 2026-06-11 22:31 UTC. Triggers: firewall ... show more 11 incidents: port scanning. First: 2026-02-17 11:24, Last: 2026-06-11 22:31 UTC. Triggers: firewall-tcp,ufw-repeater,ufw-repeater. show less	Port Scan
🇦🇹 urnilxfgbez	2026-06-11 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 TheHoneyPotter	2026-06-10 11:25:02 (2 weeks ago)	Honeypot [fc-honeypot]: HTTP/1.1 request on 7687 GET / Accept: /; 7687 [1] TCP Reported by: https ... show more Honeypot [fc-honeypot]: HTTP/1.1 request on 7687 GET / Accept: /; 7687 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 xmission.com	2026-06-10 07:39:53 (2 weeks ago)	Blocked by UFW (TCP on 5600) Source port: 22266 TTL: 238 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 5600) Source port: 22266 TTL: 238 Packet length: 44 TOS: 0x08 This report (for 223.166.22.170) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-09 10:37:22 (3 weeks ago)	Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aar ... show more Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇳🇱 BIV	2026-06-04 04:38:43 (3 weeks ago)	Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 6590. Automated ti ... show more Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 6590. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-02 01:21:34 (4 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-01 22:50:18 (4 weeks ago)	Blocked by UFW (TCP on 9092) Source port: 19122 TTL: 239 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 9092) Source port: 19122 TTL: 239 Packet length: 44 TOS: 0x08 This report (for 223.166.22.170) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-01 04:47:48 (4 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-01 01:47:09 (4 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇷🇺 SeMPaI	2026-05-31 23:12:49 (4 weeks ago)	[[hidden by err]] Honeypot attempt CN from 223.166.22.170 to port 2022, with banner b'\x16\x03\x01\x ... show more [[hidden by err]] Honeypot attempt CN from 223.166.22.170 to port 2022, with banner b'\x16\x03\x01\x05\xac\x01\x00\x05\xa8\x03\x03[\x8bl\xbc\xca\xad[-\x9e-(^\xe6A\x8f\x93c\x91\x7f<!\x18\xe3\xc1\xbc\xf2I\xef\xad\x97\xdc\x81 5\xb3\x91\xe8\x96\x03\xc0\xc1w\xfe\x0fR\xde(\x9e\xe3pS\x03%Qk\xa7\xe6*\x1d_%\x07\xd0\xc8\xfd\x00\x1a\xc0+\xc0/\xc0,\xc00\xcc\xa9\xcc\xa8' show less	Port Scan
🇬🇧 PeravixGroup	2026-05-30 02:44:12 (1 month ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇯🇵 mkaraki	2026-05-29 20:58:16 (1 month ago)	1780088295 # Service_probe # SIGNATURE_SEND # source_ip:223.166.22.170 # dst_port:5598 ...	Port Scan
🇬🇧 PeravixGroup	2026-05-29 19:22:06 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 288 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 161.132.54.218

🇭🇰 23.91.97.170

🇨🇴 190.242.54.29

🇿🇦 185.132.186.72

🇺🇸 104.232.79.58

🇯🇵 8.216.8.34

🇺🇸 2607:fb91:4d81:4e16:dfa:95a8:2e47:f3cb

🇻🇳 222.255.180.246

🇳🇱 195.178.110.227

🇦🇱 188.93.112.20

🇧🇷 179.191.82.115

🇨🇳 157.0.0.10

🇫🇮 147.185.133.85

🇺🇸 71.6.199.23

🇺🇸 64.98.83.243

🇵🇱 31.179.197.26

🇷🇺 31.173.4.22

🇺🇸 2620:171:e2:f007:9999::248

🇳🇱 204.76.203.213

🇵🇰 154.208.54.212