JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.250.11.106

220.250.11.106 was found in our database!

This IP was reported 220 times. Confidence of Abuse is 57%: ?

57%

ISP	Fuzhou city, fujian provincial network of CNCGROUP
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	wo.com.cn
Country	🇨🇳 China
City	Xiamen, Fujian

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.250.11.106

Whois 220.250.11.106

IP Abuse Reports for 220.250.11.106:

This IP address has been reported a total of 220 times from 56 distinct sources. 220.250.11.106 was first reported on February 18th 2022, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-29 00:29:34 (1 hour ago)	Drop from IP address 220.250.11.106 to tcp-port 1833	Port Scan
🇬🇧 PeravixGroup	2026-06-29 00:06:16 (1 hour ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇩🇪 Justin F. \| AS204464	2026-06-28 17:45:39 (7 hours ago)	Honeypot [nx-infrastructure]: Large payload (1457 bytes); 20033 [1] TCP Reported by: Justin F.	Bad Web Bot
🇺🇸 MPL	2026-06-27 13:58:58 (1 day ago)	tcp/8800	Port Scan
🇭🇰 sandra361	2026-06-26 15:45:22 (2 days ago)	Port scan detected: 7 attempts across 1 ports (2009). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=220.250 ... show more Port scan detected: 7 attempts across 1 ports (2009). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=220.250.11.106 LEN=60 TOS=0x14 PREC=0x00 TTL=45 ID=11065 DF PROTO=TCP SPT=18330 DPT=2009 WINDOW=29200 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 MPL	2026-06-22 05:59:55 (6 days ago)	tcp/2379	Port Scan
🇸🇪 NordhTech	2026-06-19 06:30:16 (1 week ago)	More than 3 malicious connection attempts, trying port(s) 2348/tcp, then blocked from services ...	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-10 20:08:41 (2 weeks ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇬🇧 PeravixGroup	2026-06-10 16:15:39 (2 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇺🇸 donarev419	2026-06-09 02:40:53 (2 weeks ago)	Connection to port 12150 with data transfer. Data preview: �	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-31 01:12:58 (4 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇩🇪 Justin F. \| AS204464	2026-05-28 17:40:30 (1 month ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 50007 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 50007 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 PeravixGroup	2026-05-23 04:12:09 (1 month ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 23:15:47 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 7922 [1] TCP	Port Scan
🇷🇸 Scan	2026-05-19 02:18:05 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 220 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.205.34.19

🇴🇲 206.167.33.157

🇩🇪 167.94.145.18

🇨🇳 139.227.161.25

🇭🇰 123.58.213.20

🇸🇬 112.140.184.197

🇳🇱 91.92.40.12

🇺🇸 66.132.224.20

🇰🇷 61.76.112.4

🇧🇷 187.93.51.46

🇺🇸 180.178.51.190

🇨🇳 175.10.88.177

🇺🇸 165.154.173.226

🇮🇳 152.52.51.202

🇯🇵 152.32.202.244

🇨🇦 104.221.5.225

🇺🇸 104.168.144.166

🇭🇰 103.243.24.124

🇺🇸 103.203.57.21

🇸🇬 94.231.206.15