JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.250.11.3

220.250.11.3 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 46%: ?

46%

ISP	Fuzhou city, fujian provincial network of CNCGROUP
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	wo.com.cn
Country	🇨🇳 China
City	Xiamen, Fujian

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.250.11.3

Whois 220.250.11.3

IP Abuse Reports for 220.250.11.3:

This IP address has been reported a total of 135 times from 44 distinct sources. 220.250.11.3 was first reported on May 29th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-23 02:58:37 (3 days ago)	Honeypot hit: HTTP/1.1 request on 1024 GET / Accept: /; 1024 [1] TCP Reported by: https://github. ... show more Honeypot hit: HTTP/1.1 request on 1024 GET / Accept: /; 1024 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇨🇭 pingusurmars	2026-06-23 02:23:05 (3 days ago)	Blocked by UFW on ampereone [2526/tcp] Source port: 13512 TTL: 238 Packet length: 44 TOS: 0x00 This ... show more Blocked by UFW on ampereone [2526/tcp] Source port: 13512 TTL: 238 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-20 03:38:42 (6 days ago)	Blocked by UFW (TCP on 20) Source port: 42690 TTL: 237 Packet length: 44 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 20) Source port: 42690 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 220.250.11.3) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-20 01:57:47 (1 week ago)	tcp/5985	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-15 17:33:43 (1 week ago)	[DS-BLKS-PROD01] Blocked by SysWarden Firewall (Traffic from Blocked Country (GeoIP))	Port Scan
🇺🇸 MPL	2026-06-09 06:24:47 (2 weeks ago)	tcp/20 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-31 11:44:07 (3 weeks ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 18:04:30 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 6113 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-20 00:28:53 (1 month ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 Cyber Crusader	2026-05-19 11:43:02 (1 month ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-19 10:11:45 (1 month ago)	Honeypot hit: Large payload (1457 bytes); 10419 [1] TCP	Hacking
🇬🇧 PeravixGroup	2026-05-19 05:31:30 (1 month ago)	Honeypot detection: OS command injection in HTTP parameters on port 8443. Severity: MEDIUM. Aaran.cl ... show more Honeypot detection: OS command injection in HTTP parameters on port 8443. Severity: MEDIUM. Aaran.cloud show less	Hacking Web App Attack
🇩🇪 Justin F. \| AS204464	2026-05-15 18:21:10 (1 month ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 16073 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 16073 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 PeravixGroup	2026-05-11 04:39:39 (1 month ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 donarev419	2026-05-10 04:28:22 (1 month ago)	Connection to port 1521 with data transfer. Data preview: GET / HTTP/1.1 Host: 67.215.244.172:1521 ... show more Connection to port 1521 with data transfer. Data preview: GET / HTTP/1.1 Host: 67.215.244.172:1521 Accept: / show less	Port Scan Hacking

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 2604:3d09:5489:6d00:783d:7b2:daac:7b1b

🇫🇷 85.217.140.34

🇩🇪 37.221.195.225

🇩🇪 172.252.8.31

🇺🇸 162.216.149.32

🇩🇪 159.69.248.113

🇸🇬 129.212.237.153

🇨🇳 115.54.98.147

🇺🇸 93.152.208.42

🇳🇬 62.173.38.229

🇨🇳 49.65.152.195

🇳🇱 45.148.10.240

🇩🇪 45.135.193.193

🇬🇧 45.82.76.107

🇳🇱 37.49.226.83

🇧🇪 34.14.49.91

🇳🇱 2.58.56.23

🇵🇱 195.116.145.127

🇨🇭 188.63.162.64

🇩🇴 186.7.39.78