JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.166.22.73

223.166.22.73 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 52%: ?

52%

ISP	CHINA UNICOM Shanghai city network
Usage Type	Fixed Line ISP
ASN	AS17621
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.166.22.73

Whois 223.166.22.73

IP Abuse Reports for 223.166.22.73:

This IP address has been reported a total of 238 times from 55 distinct sources. 223.166.22.73 was first reported on August 19th 2022, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-04 00:13:43 (15 hours ago)	Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aara ... show more Honeypot detection: SMTP abuse / unauthorized email relay attempt on port 25. Severity: MEDIUM. Aaran.cloud show less	Email Spam
🇬🇧 PeravixGroup	2026-06-03 16:01:13 (23 hours ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-02 02:44:57 (2 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇧🇷 ICS Labs	2026-05-25 13:07:10 (1 week ago)	ICS Labs identified 223.166.22.73 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-23 12:29:39 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-23 08:49:03 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-22 23:25:17 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 12240 [1] TCP	Port Scan
🇩🇪 dispaisyenterprises	2026-05-18 19:39:44 (2 weeks ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 9091 GET / Accept: /; 9091 [1] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 9091 GET / Accept: /; 9091 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 MPL	2026-05-17 02:10:50 (2 weeks ago)	tcp/2582 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-13 16:20:22 (3 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇨🇳 ThreatBook.io	2026-05-13 00:57:22 (3 weeks ago)	ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/223.166.22.73 2026-0 ... show more ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/223.166.22.73 2026-05-12 23:05:21 http://www.wujieliulan.com/ show less	Web App Attack
🇬🇧 gbzret4d	2026-05-08 18:10:09 (3 weeks ago)	Honeypot [uk-production01]: Unauthorized traffic (16 bytes of payload); 6093 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-03 07:28:13 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 trentwiles.com	2026-04-27 23:34:02 (1 month ago)	Unauthorized connection attempt detected from IP address 223.166.22.73 to port 2087 [SYD]	Port Scan
🇺🇸 trentwiles.com	2026-04-27 15:00:00 (1 month ago)	Unauthorized connection attempt detected from IP address 223.166.22.73 to port 6103 [SFO]	Port Scan

Showing 1 to 15 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 68.235.37.251

🇺🇸 2604:a880:2:d1:0:1:51db:9001

🇺🇸 198.57.177.157

🇨🇳 171.15.131.165

🇹🇼 114.35.59.237

🇦🇪 95.182.89.91

🇪🇸 46.6.124.216

🇮🇶 185.206.82.200

🇳🇱 45.148.10.157

🇦🇪 2.50.100.245

🇬🇧 185.192.71.24

🇩🇪 172.104.152.234

🇨🇳 116.207.108.223

🇲🇾 115.135.233.75

🇯🇵 54.248.17.61

🇸🇬 23.97.62.115

🇮🇷 5.238.227.155

🇺🇸 2604:a880:2:d1:0:1:51e7:7001

🇦🇷 190.96.121.61

🇺🇸 162.216.149.229