JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.103.229.21

36.103.229.21 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET ningxia province network
Usage Type	Fixed Line ISP
ASN	AS134761
Domain Name	yc.nx.cn
Country	🇨🇳 China
City	Zhongwei, Ningxia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.103.229.21

Whois 36.103.229.21

IP Abuse Reports for 36.103.229.21:

This IP address has been reported a total of 24 times from 23 distinct sources. 36.103.229.21 was first reported on June 23rd 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 mkey	2026-06-27 07:15:01 (1 hour ago)	Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS ... show more Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS=22 \| HITS=2 \| IPSET=ADD \| FIRST=2026-06-27 09:12:43 \| LAST=2026-06-27 09:12:44. Last seen 2026-06-27 09:12:44. show less	Port Scan
🇧🇷 helix	2026-06-27 07:09:12 (1 hour ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇹🇷 Threat.live	2026-06-27 05:25:02 (2 hours ago)	Threat.live: Brute Force	Brute-Force
🇺🇸 cwytech	2026-06-27 05:20:18 (3 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-ssh-crit.	Brute-Force SSH
🇺🇸 donarev419	2026-06-27 03:04:24 (5 hours ago)	Port scan detected on port 2222 (connection without data transfer)	Port Scan
🇺🇸 Szymekk	2026-06-27 01:21:17 (6 hours ago)	Fail2Ban: SSH brute force attempt [srv05]	Brute-Force SSH
🇰🇷 2048	2026-06-26 23:01:26 (9 hours ago)	SSH brute-force detected on no5 Source IP: 36.103.229.21 Service: sshd Port: 22 Sample usernames: ro ... show more SSH brute-force detected on no5 Source IP: 36.103.229.21 Service: sshd Port: 22 Sample usernames: root show less	Brute-Force SSH
🇧🇬 MazenHost	2026-06-26 19:49:13 (12 hours ago)	1782503352 - 06/26/2026 22:49:12 Host: 36.103.229.21/36.103.229.21 Port: 2000 TCP Blocked ...	Port Scan
🇩🇪 senkodev	2026-06-26 18:43:06 (13 hours ago)	2026-06-26T20:43:04.822564+02:00 vm1386.de.snk.wtf sshd[747436]: pam_unix(sshd:auth): authentication ... show more 2026-06-26T20:43:04.822564+02:00 vm1386.de.snk.wtf sshd[747436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.229.21 user=root 2026-06-26T20:43:06.374425+02:00 vm1386.de.snk.wtf sshd[747436]: Failed password for root from 36.103.229.21 port 52878 ssh2 ... show less	Brute-Force SSH
🇺🇸 benjensen	2026-06-26 11:00:05 (21 hours ago)	SSH honeypot — automated credential stuffing and scanning detected by Cowrie honeypot	Brute-Force SSH
🇫🇮 FlamingMojo	2026-06-26 10:55:54 (21 hours ago)	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2026-06-26T10:55:54Z	Brute-Force SSH
🇦🇺 LiftUp Hosting	2026-06-26 03:51:56 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 50022 [1] TCP	Port Scan
🇳🇱 Slartibartfast	2026-06-25 20:53:46 (1 day ago)	2026-06-25T22:53:45.477305+02:00 meet sshd-session[202696]: Invalid user user from 36.103.229.21 por ... show more 2026-06-25T22:53:45.477305+02:00 meet sshd-session[202696]: Invalid user user from 36.103.229.21 port 56596 ... show less	Brute-Force SSH
🇩🇪 Freenex1911	2026-06-25 17:11:27 (1 day ago)	2026-06-25T19:11:23.484876+02:00 fusco sshd-session[3044650]: Failed password for root from 36.103.2 ... show more 2026-06-25T19:11:23.484876+02:00 fusco sshd-session[3044650]: Failed password for root from 36.103.229.21 port 36788 ssh2 2026-06-25T19:11:24.548224+02:00 fusco sshd-session[3044669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.229.21 user=root 2026-06-25T19:11:26.354855+02:00 fusco sshd-session[3044669]: Failed password for root from 36.103.229.21 port 39322 ssh2 ... show less	Brute-Force SSH
🇨🇦 oncyber.ca	2026-06-25 15:01:54 (1 day ago)	Jun 25 11:01:45 ip-172-31-26-87 sshd[1188389]: Invalid user user from 36.103.229.21 port 34384 Jun 2 ... show more Jun 25 11:01:45 ip-172-31-26-87 sshd[1188389]: Invalid user user from 36.103.229.21 port 34384 Jun 25 11:01:46 ip-172-31-26-87 sshd[1188391]: Invalid user user from 36.103.229.21 port 35330 Jun 25 11:01:48 ip-172-31-26-87 sshd[1188393]: Invalid user user from 36.103.229.21 port 36140 Jun 25 11:01:50 ip-172-31-26-87 sshd[1188395]: Invalid user user from 36.103.229.21 port 37078 Jun 25 11:01:53 ip-172-31-26-87 sshd[1188397]: Invalid user user from 36.103.229.21 port 38155 ... show less	Brute-Force SSH

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 201.186.40.250

🇺🇸 20.163.61.119

🇯🇵 240d:f:5a1:ca00:a052:fedb:ec26:2df7

🇺🇸 2001:470:1:fb5::221

🇩🇪 213.209.159.227

🇸🇪 213.102.87.237

🇪🇹 197.156.126.85

🇨🇳 183.230.155.13

🇬🇧 118.193.64.235

🇳🇬 102.88.137.213

🇨🇦 54.39.6.9

🇸🇬 52.187.9.8

🇳🇱 45.148.10.157

🇳🇱 45.148.10.151

🇬🇧 35.203.211.21

🇯🇵 8.216.13.122

🇸🇪 5.133.202.39

🇺🇸 216.25.89.72

🇺🇸 162.216.150.159

🇸🇬 159.223.42.97