JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.4

223.166.22.4 was found in our database!

This IP was reported 243 times. Confidence of Abuse is 58%: ?

58%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.4

Whois 223.166.22.4

IP Abuse Reports for 223.166.22.4:

This IP address has been reported a total of 243 times from 51 distinct sources. 223.166.22.4 was first reported on August 19th 2022, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-09 15:28:59 (11 hours ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇯🇵 mkaraki	2026-06-06 19:44:55 (3 days ago)	1780775093 # Service_probe # SIGNATURE_SEND # source_ip:223.166.22.4 # dst_port:443 ...	Port Scan
🇳🇱 BIV	2026-06-05 01:21:18 (5 days ago)	Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 10257. Automated t ... show more Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 10257. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇺🇸 xmission.com	2026-06-01 19:50:18 (1 week ago)	Blocked by UFW (TCP on 1443) Source port: 18497 TTL: 237 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 1443) Source port: 18497 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 223.166.22.4) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-01 14:20:31 (1 week ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇬🇧 PeravixGroup	2026-05-31 16:01:02 (1 week ago)	Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aar ... show more Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇺🇸 MPL	2026-05-30 04:53:13 (1 week ago)	tcp/2444	Port Scan
🇬🇧 PeravixGroup	2026-05-29 17:14:03 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 03:33:04 (1 week ago)	Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aar ... show more Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇩🇪 femboy.cat	2026-05-29 03:24:51 (1 week ago)	Port scan to tcp/8080 from 223.166.22.4	Brute-Force
🇬🇧 PeravixGroup	2026-05-28 14:34:45 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-27 23:02:41 (1 week ago)	tcp/10000 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-27 21:26:10 (1 week ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-05-26 08:26:25 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-23 12:23:16 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking

Showing 1 to 15 of 243 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 34.39.233.17

🇯🇵 163.44.101.215

🇹🇭 150.95.26.141

🇺🇸 143.198.123.23

🇫🇮 109.107.190.31

🇫🇷 51.15.160.8

🇳🇱 45.148.10.152

🇹🇼 35.229.176.208

🇧🇷 35.199.127.165

🇪🇸 34.175.173.37

🇧🇪 34.156.86.83

🇺🇸 34.86.233.245

🇧🇪 34.78.43.229

🇺🇸 34.20.143.17

🇩🇪 8.211.13.19

🇨🇳 8.155.7.182

🇺🇸 216.73.217.79

🇩🇪 152.53.191.128

🇰🇷 112.216.129.27

🇦🇹 109.70.100.2