JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.223.112.207

159.223.112.207 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 82%: ?

82%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	North Bergen, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.223.112.207

Whois 159.223.112.207

IP Abuse Reports for 159.223.112.207:

This IP address has been reported a total of 19 times from 17 distinct sources. 159.223.112.207 was first reported on June 22nd 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 excill	2026-06-06 03:11:05 (13 hours ago)	Honeypot mesh observed 400 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇺🇸 drewf.ink	2026-06-06 03:07:36 (13 hours ago)	[03:07] Port scanning. Port(s) scanned: TCP/11211	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-05 22:35:02 (18 hours ago)	Honeypot hit: Empty payload (likely service probe); 2181 [15] TCP	Port Scan
🇩🇪 Mailguard-FRD	2026-06-05 15:58:16 (1 day ago)	1780675095 - 06/05/2026 17:58:15 Host: 159.223.112.207/159.223.112.207 Port: 1433 TCP Blocked ...	Port Scan
🇹🇷 Squearex	2026-06-05 15:19:33 (1 day ago)	Automated ban by SCUMUnified Shield. Honeypot Trap Triggered (Decoy Port 9200)	Brute-Force SSH
Anonymous	2026-06-05 12:12:10 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 5984 [31] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 5984 [31] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇦🇪 abusiveIntelligence	2026-06-05 04:10:00 (1 day ago)	RDP connect attempt: Nmap Scanner	Brute-Force
🇬🇧 gbzret4d	2026-06-05 03:57:51 (1 day ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 27019 [14] TCP	Port Scan
🇩🇪 _ArminS_	2026-06-04 17:12:10 (1 day ago)	SP-Scan 53937:29092 detected 2026.06.04 19:12:10 blocked until 2026.07.24 12:14:57	Port Scan
Anonymous	2026-06-04 13:00:13 (2 days ago)	Honeypot hit: Empty payload (likely service probe); 8883 [8] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 8883 [8] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇧🇷 somosbr	2026-06-04 08:38:47 (2 days ago)	[2026-06-04T08:38:47Z] Unsolicited scan from 159.223.112.207 to port 200/tcp	Port Scan
🇩🇪 guldkage	2026-06-04 08:12:31 (2 days ago)	Unauthorized connection attempt detected from IP address 159.223.112.207 to port 3306 (ger-03) [Z]	Brute-Force Exploited Host
🇵🇱 sefinek.net	2026-06-04 05:52:33 (2 days ago)	Honeypot hit: MSSQL traffic (on 1433) without login credentials Reported by: https://github.com/sefi ... show more Honeypot hit: MSSQL traffic (on 1433) without login credentials Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 femboy.cat	2026-06-04 00:54:05 (2 days ago)	Port scan to tcp/27019 from 159.223.112.207	Brute-Force
🇦🇪 abusiveIntelligence	2026-06-03 22:20:00 (2 days ago)	RDP connect attempt: Nmap Scanner	Brute-Force

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.94.206.205

🇷🇺 172.69.50.239

🇨🇳 116.205.116.126

🇺🇸 66.132.195.64

🇦🇷 64.145.79.75

🇸🇬 47.128.18.135

🇯🇵 47.74.22.38

🇳🇱 45.198.224.141

🇲🇽 189.203.163.10

🇧🇷 177.200.41.104

🇮🇹 151.47.73.236

🇻🇳 118.70.182.193

🇮🇪 98.71.8.129

🇭🇰 65.181.88.245

🇳🇱 45.142.193.8

🇻🇳 14.225.217.138

🇧🇩 2a09:bac1:b40:518::4d5:5

🇺🇸 172.172.196.177

🇻🇳 152.32.250.188

🇺🇸 20.127.185.37