IP address
Tags:
DSL
IP in hostname
Dynamic IP
Login attempts
- IP blacklists
Spamhaus PBL
220.160.33.220 is listed on the Spamhaus PBL blacklist.
Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed:
secondary (DNSBL) (
feed detail page)
Last checked at:
2026-03-16 03:16:30.458000
Was present on blacklist at:
2026-03-16 03:16
blocklist.de SSH
220.160.33.220 is listed on the blocklist.de SSH blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-17 17:05:00.363000
Was present on blacklist at:
2026-03-16 23:05,
2026-03-17 05:05,
2026-03-17 11:05,
2026-03-17 17:05
blocklist.de web-login
220.160.33.220 is listed on the blocklist.de web-login blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-19 17:05:00.209000
Was present on blacklist at:
2026-03-17 23:05,
2026-03-18 05:05,
2026-03-18 11:05,
2026-03-18 17:05,
2026-03-18 23:05,
2026-03-19 05:05,
2026-03-19 11:05,
2026-03-19 17:05
blocklist.de Apache
220.160.33.220 is listed on the blocklist.de Apache blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-19 17:05:00.283000
Was present on blacklist at:
2026-03-17 23:05,
2026-03-18 05:05,
2026-03-18 11:05,
2026-03-18 17:05,
2026-03-18 23:05,
2026-03-19 05:05,
2026-03-19 11:05,
2026-03-19 17:05
AbuseIPDB
220.160.33.220 is listed on the AbuseIPDB blacklist.
Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-18 05:00:00.760000
Was present on blacklist at:
2026-03-18 05:00
Threat categories
| TL | Role | Category | Details |
|---|
| 58 |
src |
login |
protocol: ssh
port: 22
|
| 50 |
src |
scan |
|
| 40 |
src |
— |
|
- Warden events (14)
- 2026-03-17
-
-
AttemptLogin (node.368407): 4
- 2026-03-16
-
-
AttemptLogin (node.368407): 9
-
IntrusionUserCompromise (node.40929a): 1
- DShield reports (IP summary, reports)
- 2026-03-16
- Number of reports: 14
- Distinct targets: 3
- Origin AS
- AS133776 - CHINATELECOM-Fujian-Quanzhou-IDC1
- BGP Prefix
- 220.160.32.0/20
- geo
-
China
- 🕑 Asia/Shanghai
- hostname
- 220.33.160.220.broad.xm.fj.dynamic.163data.com.cn
- hostname_class
- ['ip_in_hostname', 'dsl', 'dynamic']
- Address block ('inetnum' or 'NetRange' in whois database)
- 220.160.0.0 - 220.191.255.255
- last_activity
- 2026-03-17 07:43:25
- last_warden_event
- 2026-03-17 07:43:25
- rep
- 0.097265625
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 22, 111
- Tags: –
- CPEs: cpe:/a:openbsd:openssh:9.9
- ts_added
- 2026-03-16 03:16:30.053000
- ts_last_update
- 2026-03-22 03:16:40.222000
Warden event timeline
DShield event timeline
Presence on blacklists
