JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.184

223.166.22.184 was found in our database!

This IP was reported 241 times. Confidence of Abuse is 81%: ?

81%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.184

Whois 223.166.22.184

IP Abuse Reports for 223.166.22.184:

This IP address has been reported a total of 241 times from 65 distinct sources. 223.166.22.184 was first reported on August 19th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Scan	2026-06-05 02:44:24 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 ValtonTahiri	2026-06-04 15:43:19 (3 days ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=223.166.22.184; proto=TCP; source_port=20514; target_port=12326; flags=SYN show less	Port Scan
🇫🇮 6kilowatti	2026-06-03 14:53:22 (4 days ago)	2026-06-03T17:53:21.604650+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:2e:2 ... show more 2026-06-03T17:53:21.604650+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:2e:2d:5e:71:aa:73:08:00 SRC=223.166.22.184 DST=192.168.0.102 LEN=44 TOS=0x00 PREC=0x00 TTL=234 ID=25589 PROTO=TCP SPT=13294 DPT=1983 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 gbzret4d	2026-06-02 21:48:59 (4 days ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 12112 [1] TCP	Port Scan
🇩🇪 iNetWorker	2026-06-02 21:11:20 (4 days ago)	firewall-block, port(s): 49672/tcp	Port Scan
🇬🇧 PeravixGroup	2026-06-02 10:13:29 (5 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-02 04:41:31 (5 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-01 09:31:39 (6 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 05:11:55 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 23:35:49 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇵🇱 sefinek.net	2026-05-30 14:03:37 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 2166 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 2166 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 cazae	2026-05-26 15:20:32 (1 week ago)	Unauthorized attempt on debian [264/tcp] Source port: 21054 TTL: 235 Packet length: 44 TOS: 0x08 ht ... show more Unauthorized attempt on debian [264/tcp] Source port: 21054 TTL: 235 Packet length: 44 TOS: 0x08 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇸🇪 donarev419	2026-05-25 08:04:54 (1 week ago)	Connection to port 6379 with data transfer. Data preview: help	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-23 18:30:12 (2 weeks ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇬🇧 PeravixGroup	2026-05-23 13:04:50 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking

Showing 1 to 15 of 241 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 203.215.167.149

🇩🇪 185.242.3.226

🇭🇰 118.193.44.184

🇺🇸 103.143.231.24

🇺🇸 66.132.172.36

🇫🇷 62.210.38.102

🇺🇸 2604:a880:400:d1:0:4:8c02:9001

🇨🇳 220.250.52.75

🇨🇭 209.99.190.113

🇺🇸 136.117.153.84

🇮🇪 3.254.159.181

🇬🇧 195.96.139.167

🇺🇦 185.218.138.56

🇧🇷 170.80.65.140

🇻🇳 103.82.132.16

🇧🇬 91.191.209.46

🇪🇸 82.223.190.50

🇰🇿 37.151.47.27

🇸🇬 208.109.9.180

🇺🇸 137.184.228.138