JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.250.11.159

220.250.11.159 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 57%: ?

57%

ISP	Fuzhou city, fujian provincial network of CNCGROUP
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	wo.com.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.250.11.159

Whois 220.250.11.159

IP Abuse Reports for 220.250.11.159:

This IP address has been reported a total of 92 times from 24 distinct sources. 220.250.11.159 was first reported on February 6th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-17 20:57:55 (1 day ago)	Honeypot [uk-production01]: Unauthorized traffic (16 bytes of payload); 12380 [1] TCP	Port Scan
🇺🇸 sumnone	2026-06-15 23:06:16 (3 days ago)	Port probing on unauthorized port 18000	Port Scan Hacking Exploited Host
Anonymous	2026-06-13 09:20:22 (6 days ago)	PROTO=TCP DPT=3052	Port Scan Hacking
🇺🇸 RAP	2026-06-13 01:35:13 (6 days ago)	2026-06-13 01:35:13 UTC Unauthorized activity to TCP port 3306.	Port Scan
🇩🇪 femboy.cat	2026-06-12 03:04:10 (1 week ago)	Port scan to tcp/30001 from 220.250.11.159	Brute-Force
🇬🇧 PeravixGroup	2026-06-10 22:09:57 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-06-10 16:41:25 (1 week ago)	Blocked by UFW (TCP on 10080) Source port: 53391 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 10080) Source port: 53391 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 220.250.11.159) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-10 04:30:56 (1 week ago)	tcp/12202	Port Scan
🇺🇸 [email protected]	2026-05-22 04:04:47 (4 weeks ago)	Ports: 3390. Proto: TCP. Observations: 1	Port Scan
🇨🇳 ThreatBook.io	2026-05-17 22:20:29 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/220.250.11.159	SSH
🇬🇧 PeravixGroup	2026-05-14 10:09:50 (1 month ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 venus.launch.bz	2026-05-14 07:02:41 (1 month ago)	(gohttpua) Bad UA Go-http-client from 220.250.11.159 (CN/China/-)	Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-28 01:28:54 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 8504 [1] TCP	Port Scan
🇺🇸 sumnone	2026-04-27 07:59:31 (1 month ago)	Port probing on unauthorized port 2048	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-04-22 22:02:45 (1 month ago)	HoneyPot hit - Aaran.cloud \| Web Scan \| web exploitation \| USER anonymous	Web App Attack

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.48.33

🇭🇰 43.155.21.198

🇬🇧 195.96.139.197

🇳🇱 185.136.15.11

🇵🇭 180.232.227.11

🇨🇳 175.30.48.243

🇺🇸 162.216.149.188

🇨🇳 112.6.11.184

🇺🇸 107.150.105.153

🇧🇪 34.156.179.179

🇧🇷 20.226.32.175

🇺🇸 20.38.43.85

🇺🇸 205.210.31.33

🇳🇱 195.178.110.30

🇩🇪 172.217.34.26

🇺🇦 150.228.5.166

🇺🇸 147.185.132.104

🇵🇰 103.35.212.34

🇫🇷 91.196.152.17

🇷🇴 80.94.92.184