JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.57

223.166.22.57 was found in our database!

This IP was reported 239 times. Confidence of Abuse is 63%: ?

63%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.57

Whois 223.166.22.57

IP Abuse Reports for 223.166.22.57:

This IP address has been reported a total of 239 times from 63 distinct sources. 223.166.22.57 was first reported on August 13th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-12 01:29:41 (1 day ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-11 09:38:56 (2 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 femboy.cat	2026-06-06 04:03:16 (1 week ago)	Port scan to tcp/10030 from 223.166.22.57	Brute-Force
🇺🇸 MPL	2026-06-02 05:01:34 (1 week ago)	tcp/4040	Port Scan
🇬🇧 PeravixGroup	2026-05-31 21:58:37 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 MPL	2026-05-31 13:33:19 (1 week ago)	tcp/10000 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-31 05:29:32 (1 week ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 08:00:06 (2 weeks ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
Anonymous	2026-05-29 01:59:10 (2 weeks ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 07:57:32 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-26 01:10:01 (2 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇬🇧 PeravixGroup	2026-05-25 19:40:07 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-24 15:59:54 (2 weeks ago)	tcp/5004	Port Scan
🇬🇧 PeravixGroup	2026-05-24 15:27:36 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇨🇭 4server	2026-05-23 23:18:28 (2 weeks ago)	[SunMay2401:18:22.8830722026][security2:error][pid426652:tid427449][client223.166.22.57:0]ModSecurit ... show more [SunMay2401:18:22.8830722026][security2:error][pid426652:tid427449][client223.166.22.57:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?i\)\(10\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\|192\\\\\\\\.168\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\|172\\\\\\\\.\(1[6-9]\\|2[0-9]\\|3[0-1]\)\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\|fe80::\)\"atREQUEST_HEADERS:X-Forwarded-For.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"24\"][id\"990004\"][msg\"SSRFattempttoprivate/internalnetworkdetected\"][hostname\"4server.biz\"][uri\"/\"][unique_id\"ahI1vuqwQAV2WR0K7Plb6gAAAQo\"]\,referer:https://github.com/ show less	Hacking Web App Attack

Showing 1 to 15 of 239 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 203.25.124.22

🇨🇭 104.244.74.84

🇩🇪 2a01:4f8:1c1e:6687::1

🇨🇾 213.7.6.185

🇬🇧 193.163.125.179

🇧🇷 187.51.208.158

🇷🇺 178.218.104.105

🇵🇱 87.251.64.158

🇮🇳 49.47.135.252

🇳🇱 45.148.10.141

🇺🇸 45.131.195.102

🇺🇸 35.199.159.155

🇺🇸 20.169.53.154

🇺🇸 20.168.5.245

🇺🇸 2a04:c603:409:94:9999::137

🇰🇷 222.239.251.12

🇸🇪 170.168.98.243

🇰🇷 119.195.102.159

🇨🇳 111.9.22.102

🇧🇬 91.191.209.118