JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.189.13.236

202.189.13.236 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 100%: ?

100%

ISP	Shandong eshinton Network Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS139180
Domain Name	cnnic.cn
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.189.13.236

Whois 202.189.13.236

IP Abuse Reports for 202.189.13.236:

This IP address has been reported a total of 127 times from 92 distinct sources. 202.189.13.236 was first reported on May 28th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 Luhte	2026-06-06 21:03:07 (1 week ago)	Unsolicited TCP connection from 202.189.13.236 to port 0 at 2026-06-06T21:03:07Z. Source IP complete ... show more Unsolicited TCP connection from 202.189.13.236 to port 0 at 2026-06-06T21:03:07Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇩🇪 phil2k	2026-06-06 19:41:41 (1 week ago)	Firewall: Within 2026-05-31 05:51:37 - 2026-06-04 03:45:26 CEST(+0200) identified: unallowed access ... show more Firewall: Within 2026-05-31 05:51:37 - 2026-06-04 03:45:26 CEST(+0200) identified: unallowed access from 202.189.13.236 on port 3306(<DB>) (1 trial) Fail2ban: Within 2026-05-31 05:51:37 - 2026-06-04 03:45:26 CEST(+0200) banned: 2 times by fail2ban[firewall] show less	Port Scan Brute-Force
🇫🇷 EDSL	2026-06-06 06:43:48 (1 week ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Database/Cache Attack)	Port Scan Hacking Brute-Force
🇺🇸 RAP	2026-06-06 06:01:44 (1 week ago)	2026-06-06 06:01:44 UTC Unauthorized activity to TCP port 3306.	Port Scan
🇫🇷 security.rdmc.fr	2026-06-06 05:53:11 (1 week ago)	Port Scan Attack proto:TCP src:45063 dst:3306	Port Scan
🇳🇱 EGP Abuse Dept	2026-06-06 00:39:03 (1 week ago)	Unauthorized connection to MySQL port 3306	Port Scan Hacking
🇦🇷 Bruno	2026-06-06 00:08:46 (1 week ago)	Port Scanner: 202.189.13.236	Port Scan
🇩🇪 KPS	2026-06-06 00:06:46 (1 week ago)	PortscanM	Port Scan
🇦🇹 Pingger Shikkoken	2026-06-05 14:14:44 (1 week ago)	2026-06-05T14:14:44+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-05T14:14:44+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=202.189.13.236 DST=10.1.1.8 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=43714 PROTO=TCP SPT=48880 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 show less	Hacking Brute-Force
🇯🇵 jay hung	2026-06-05 06:56:53 (1 week ago)	2026-06-05T06:56:52.129633+00:00 quarktech kernel: [477452.924391] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-05T06:56:52.129633+00:00 quarktech kernel: [477452.924391] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=202.189.13.236 DST=172.237.20.248 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=2381 PROTO=TCP SPT=42602 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇧🇷 diego	2026-06-05 01:18:26 (1 week ago)	[rede-164-29] 06/04/2026-22:18:25.760398, 202.189.13.236, Protocol: 6, ET SCAN Suspicious inbound to ... show more [rede-164-29] 06/04/2026-22:18:25.760398, 202.189.13.236, Protocol: 6, ET SCAN Suspicious inbound to mySQL port 3306 show less	Hacking
🇩🇪 guldkage	2026-06-04 23:54:30 (1 week ago)	Unauthorized connection attempt detected from IP address 202.189.13.236 to port 3306 (ger-03) [k]	Brute-Force Exploited Host
🇮🇱 spd.co.il	2026-06-04 23:04:29 (1 week ago)	Unauthorized access attempts on ports: 3306	Brute-Force
🇺🇸 Cyber Crusader	2026-06-04 20:44:10 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 thororen	2026-06-04 16:53:17 (1 week ago)	Blocked by UFW [3306/tcp] Source port: 51994 TTL: 241 Packet length: 40 TOS: 0x00 This report was g ... show more Blocked by UFW [3306/tcp] Source port: 51994 TTL: 241 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan SQL Injection

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.48.6

🇭🇰 150.5.154.160

🇺🇸 74.114.28.217

🇩🇪 178.20.214.28

🇻🇳 118.71.58.199

🇳🇱 93.123.109.114

🇺🇸 47.251.38.53

🇨🇳 8.138.106.198

🇬🇧 2a06:4884:9000::a1

🇮🇩 2001:448a:a071:3f9:1054:b79:a177:25a0

🇺🇸 172.172.157.213

🇺🇸 45.156.129.73

🇺🇸 20.55.8.69

🇨🇳 14.103.112.109

🇹🇼 198.235.24.74

🇨🇳 139.9.191.197

🇨🇳 110.244.6.238

🇬🇭 80.87.83.229

🇳🇱 45.148.10.183

🇺🇸 43.153.64.216