JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.28

223.166.22.28 was found in our database!

This IP was reported 281 times. Confidence of Abuse is 87%: ?

87%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.28

Whois 223.166.22.28

IP Abuse Reports for 223.166.22.28:

This IP address has been reported a total of 281 times from 67 distinct sources. 223.166.22.28 was first reported on August 20th 2022, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 12:40:32 (2 hours ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-06-08 07:04:10 (7 hours ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-07 23:55:56 (15 hours ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇬🇧 PeravixGroup	2026-06-07 20:36:41 (18 hours ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-06-06 21:56:42 (1 day ago)	tcp/8123	Port Scan
🇬🇧 PeravixGroup	2026-06-06 19:14:44 (1 day ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-06 11:59:25 (2 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-06 05:45:29 (2 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-04 20:38:24 (3 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-04 04:19:54 (4 days ago)	Blocked by UFW (TCP on 10196) Source port: 2433 TTL: 237 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 10196) Source port: 2433 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 223.166.22.28) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-03 16:09:25 (4 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-03 07:14:09 (5 days ago)	Honeypot hit: HTTP/1.1 request on 1443 GET / Accept: /; 1443 [1] TCP Reported by: https://github. ... show more Honeypot hit: HTTP/1.1 request on 1443 GET / Accept: /; 1443 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇲🇹 neilcaruana	2026-06-03 00:28:19 (5 days ago)	Sentinel detected an attack on port [1521]	Hacking
🇬🇧 PeravixGroup	2026-06-03 00:02:44 (5 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (5 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 281 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.78.57

🇺🇸 208.84.101.25

🇺🇸 192.227.182.188

🇹🇷 188.132.153.93

🇱🇹 185.169.4.119

🇺🇿 185.139.138.71

🇸🇬 157.245.51.186

🇺🇸 142.252.106.90

🇯🇵 141.101.87.6

🇩🇪 130.162.216.106

🇵🇭 120.29.69.177

🇮🇳 103.167.95.242

🇩🇪 94.159.96.62

🇪🇸 91.245.204.148

🇫🇷 85.204.70.118

🇫🇷 84.17.60.236

🇺🇸 76.33.149.188

🇵🇰 59.103.221.168

🇨🇳 49.64.85.138

🇻🇳 42.114.213.245