JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 106.63.26.13

106.63.26.13 was found in our database!

This IP was reported 262 times. Confidence of Abuse is 100%: ?

100%

ISP	Chinatelecom Cloudy company Tianjin network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141679
Domain Name	189.cn
Country	🇨🇳 China
City	Tianjin, Tianjin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 106.63.26.13

Whois 106.63.26.13

IP Abuse Reports for 106.63.26.13:

This IP address has been reported a total of 262 times from 125 distinct sources. 106.63.26.13 was first reported on July 14th 2024, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mawan	2026-04-14 09:39:04 (1 month ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇺🇸 abenage	2026-04-14 09:21:00 (1 month ago)	106.63.26.13 - - [14/Apr/2026:03:20:59 -0600] "GET /config.json HTTP/1.1" 404 564 "-" "Mozilla/5.0 ( ... show more 106.63.26.13 - - [14/Apr/2026:03:20:59 -0600] "GET /config.json HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11" show less	Bad Web Bot Web App Attack
🇬🇧 Shadymint	2026-04-14 05:54:47 (1 month ago)	url probing from IP marked as abusive	Web App Attack
🇩🇪 london2038.com	2026-04-14 05:47:13 (1 month ago)	Malformed or malicious web request 106.63.26.13 - - [14/Apr/2026:07:47:07 +0200] "\x16\x03\x01\x01\x ... show more Malformed or malicious web request 106.63.26.13 - - [14/Apr/2026:07:47:07 +0200] "\x16\x03\x01\x01\x19\x01\x00\x01\x15\x03\x03\xBA1\xBE_Gf\xDF\xDC\xF2*\xE3]8\xBF\xF3\xF8z\xE6\xB3[\xF3\xD1\xB32/\xAD\xF2l\xA3\x16\xFE] \xC9\xB7" 400 157 "-" "-" show less	Hacking Web App Attack
🇫🇷 GoodOldTOS	2026-04-14 02:57:00 (1 month ago)	Highly suspect IP	Hacking Web App Attack
🇺🇸 CBJ	2026-04-14 02:11:37 (1 month ago)	fail2ban: apache-random-recon ...	Web App Attack
🇧🇬 Stoyko Stoykov	2026-04-13 22:26:08 (1 month ago)	106.63.26.13 - - [14/Apr/2026:01:26:07 +0300] "\x16\x03\x01\x01\x16\x01\x00\x01\x12\x03\x03\xFBFQ\x8 ... show more 106.63.26.13 - - [14/Apr/2026:01:26:07 +0300] "\x16\x03\x01\x01\x16\x01\x00\x01\x12\x03\x03\xFBFQ\x85'Q\xB6\xA7\xB4\x14\xE2DO\x0F\x975t\xE0#\xDEH\xB4\x0F]\x98'\x08\x86\x9D\x0B;3 E\xB406~e_\x12\x95\xEC\xAA:\xA7\x88Z\xCD_r\x8Ek\xF9\x98\xAFZ\xD2&\xCC8Wy\x8F" 400 150 "-" "-" ... show less	Hacking Web App Attack
🇫🇮 kumiko	2026-04-13 21:10:47 (1 month ago)	[2026-04-14 00:10:36] Probing for exploits [1 requests] "\x16\x03\x01\x01\x12\x01" 301	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2026-04-11 13:22:02 (1 month ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇫🇷 masterguru	2026-04-11 09:52:29 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 106.63.26.13 (CN/China/-): 2 in the l ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 106.63.26.13 (CN/China/-): 2 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 GoodOldTOS	2026-04-11 04:50:10 (1 month ago)	Highly suspect IP	Hacking Web App Attack
🇫🇷 Murazaki	2026-04-10 22:58:06 (1 month ago)	106.63.26.13 - - [10/Apr/2026:13:38:08 +0200] "\x16\x03\x01\x01\x13\x01\x00\x01\x0F\x03\x03\xE2\x0E\ ... show more 106.63.26.13 - - [10/Apr/2026:13:38:08 +0200] "\x16\x03\x01\x01\x13\x01\x00\x01\x0F\x03\x03\xE2\x0E\x01\xFB\x80S\x03!\xCD:\xB7\x5C/\x82JS\x18g\xB9\x05\xD0n\xC1s\xEF" 500 170 "-" "-" "-" ... show less	Hacking
🇫🇷 ELYAZ	2026-04-10 19:43:09 (1 month ago)	(y3) Failed access -byebye- from 106.63.26.13 (CN/China/-): (CF_ENABLE)	Hacking
🇵🇱 sefinek.net	2026-04-10 11:28:18 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇷🇸 Smel	2026-04-10 10:07:01 (1 month ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack

Showing 196 to 210 of 262 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 103.237.144.204

🇳🇱 77.83.39.147

🇮🇳 49.207.40.162

🇮🇳 49.43.7.5

🇱🇹 45.227.254.170

🇧🇷 186.248.197.77

🇯🇵 165.154.231.236

🇮🇳 122.165.91.5

🇫🇷 91.231.89.231

🇺🇸 66.132.172.206

🇫🇷 62.210.89.150

🇧🇷 45.205.1.73

🇩🇪 213.209.159.228

🇩🇪 213.209.159.108

🇸🇷 190.98.110.71

🇩🇪 172.71.172.193

🇸🇬 159.223.36.55

🇸🇬 118.194.235.105

🇯🇵 111.238.174.6

🇲🇲 103.154.241.61