JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.106.166.106

36.106.166.106 was found in our database!

This IP was reported 317 times. Confidence of Abuse is 62%: ?

62%

ISP	CHINANET TIANJIN PROVINCE NETWORK
Usage Type	Commercial
ASN	AS17638
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Tianjin, Tianjin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.106.166.106

Whois 36.106.166.106

IP Abuse Reports for 36.106.166.106:

This IP address has been reported a total of 317 times from 73 distinct sources. 36.106.166.106 was first reported on March 13th 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-28 15:05:36 (1 hour ago)	tcp/5236	Port Scan
🇺🇸 Axel	2026-06-28 05:34:47 (11 hours ago)	Blocked by UFW on LAXHH [9009/tcp] \| SPT: 59412 \| TTL: 236 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9009/tcp] \| SPT: 59412 \| TTL: 236 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-27 05:00:53 (1 day ago)	Blocked by UFW (TCP on 2971) Source port: 65161 TTL: 239 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 2971) Source port: 65161 TTL: 239 Packet length: 44 TOS: 0x00 This report (for 36.106.166.106) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 rscott.us	2026-06-25 11:00:06 (3 days ago)	Brute force SSH login attempts.	Brute-Force SSH
🇺🇸 MPL	2026-06-24 20:02:48 (3 days ago)	tcp/12150	Port Scan
🇨🇭 4server	2026-06-24 09:30:51 (4 days ago)	[WedJun2411:30:46.2345512026][security2:error][pid2261038:tid2261050][client36.106.166.106:0]ModSecu ... show more [WedJun2411:30:46.2345512026][security2:error][pid2261038:tid2261050][client36.106.166.106:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.4host.biz\"][uri\"/theme/default/assets/umi.js\"][unique_id\"ajujxmKwVDMeCAAgziN6IgAAAUo\"] show less	Hacking Web App Attack
🇺🇸 donarev419	2026-06-22 02:29:48 (6 days ago)	Port scan detected on port 808 (connection without data transfer)	Port Scan
🇺🇸 MPL	2026-06-11 19:24:26 (2 weeks ago)	tcp/10255 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-10 02:55:48 (2 weeks ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-08 00:30:19 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 7272 GET / Accept: /; 7272 [1] TCP Reported by: https://github. ... show more Honeypot hit: HTTP/1.1 request on 7272 GET / Accept: /; 7272 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-06-07 23:46:33 (2 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
Anonymous	2026-06-07 11:50:48 (3 weeks ago)	2026-06-07T12:50:47.343860+01:00 vps kernel: [42573210.729478] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-07T12:50:47.343860+01:00 vps kernel: [42573210.729478] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=36.106.166.106 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=232 ID=11532 PROTO=TCP SPT=52447 DPT=60443 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇬🇧 PeravixGroup	2026-06-07 09:19:18 (3 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-06-06 14:52:28 (3 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 Cyber Crusader	2026-06-04 11:38:16 (3 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force

Showing 1 to 15 of 317 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.11.187.230

🇧🇷 177.11.187.23

🇺🇸 172.185.24.228

🇩🇪 172.105.87.13

🇮🇹 151.70.15.219

🇱🇦 103.43.76.220

🇸🇬 103.26.8.146

🇬🇧 86.147.19.208

🇱🇺 64.89.161.91

🇧🇷 45.164.251.106

🇳🇱 45.148.10.152

🇳🇱 23.109.176.23

🇷🇴 2.57.121.112

🇬🇧 2a06:4880:2000::30

🇺🇸 192.155.88.231

🇧🇷 177.106.237.44

🇧🇷 177.11.187.228

🇧🇷 177.11.187.227

🇫🇷 176.156.156.24

🇻🇳 171.244.143.209