JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.106.166.252

36.106.166.252 was found in our database!

This IP was reported 261 times. Confidence of Abuse is 45%: ?

45%

ISP	CHINANET TIANJIN PROVINCE NETWORK
Usage Type	Commercial
ASN	AS17638
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Tianjin, Tianjin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.106.166.252

Whois 36.106.166.252

IP Abuse Reports for 36.106.166.252:

This IP address has been reported a total of 261 times from 70 distinct sources. 36.106.166.252 was first reported on April 7th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 _ArminS_	2026-06-06 20:28:16 (1 day ago)	SP-Scan 25364:16663 detected 2026.06.06 22:28:16 blocked until 2026.07.26 15:31:03	Port Scan
Anonymous	2026-06-06 09:36:19 (1 day ago)	36.106.166.252 - - [06/Jun/2026:11:36:18 +0200] "GET /assets/index/kuailian/image/favicon.ico HTTP/1 ... show more 36.106.166.252 - - [06/Jun/2026:11:36:18 +0200] "GET /assets/index/kuailian/image/favicon.ico HTTP/1.1" 404 528 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0" ... show less	Web App Attack
Anonymous	2026-06-06 03:48:12 (2 days ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 14265 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (16 bytes of payload); 14265 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-06 01:08:36 (2 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-06-05 07:16:08 (2 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-23 04:01:04 (2 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇩🇪 dispaisyenterprises	2026-05-23 02:21:46 (2 weeks ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 4433 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 4433 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-04-24 12:58:54 (1 month ago)	HoneyPot hit - Aaran.cloud \| Memcached Amplification \| amplification attack \| GET / HTTP/1.1 Host: 1 ... show more HoneyPot hit - Aaran.cloud \| Memcached Amplification \| amplification attack \| GET / HTTP/1.1 Host: 103.1.73.145:11211 Accept: / show less	Hacking
🇺🇸 MPL	2026-04-18 10:12:48 (1 month ago)	tcp/8273 (2 or more attempts)	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-18 00:59:01 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 12201 [1] TCP	Port Scan
🇺🇸 MPL	2026-04-17 19:12:37 (1 month ago)	tcp/3052 (2 or more attempts)	Port Scan
🇺🇸 RAP	2026-04-15 18:58:48 (1 month ago)	2026-04-15 18:58:48 UTC Unauthorized activity to TCP port 3306.	Port Scan
🇩🇪 banankicks	2026-04-15 12:36:27 (1 month ago)	Unauthorized connection attempt detected from IP address 36.106.166.252 to port 22 (banankicks-serve ... show more Unauthorized connection attempt detected from IP address 36.106.166.252 to port 22 (banankicks-server) [A] show less	Brute-Force Exploited Host
🇬🇧 gbzret4d	2026-04-14 19:34:39 (1 month ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 4911 [1] TCP	Port Scan
🇺🇸 MPL	2026-04-14 09:35:14 (1 month ago)	tcp/89 (2 or more attempts)	Port Scan

Showing 1 to 15 of 261 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 140.235.0.223

🇫🇮 45.82.110.150

🇨🇳 223.88.22.211

🇭🇰 199.45.154.177

🇦🇷 186.22.16.8

🇮🇷 185.126.200.110

🇩🇪 165.245.215.23

🇺🇸 154.83.197.83

🇺🇸 147.185.132.169

🇭🇰 118.26.39.178

🇨🇳 113.138.219.245

🇲🇲 103.105.174.246

🇺🇸 96.44.160.195

🇵🇱 95.214.53.157

🇺🇸 34.74.21.132

🇬🇧 31.14.254.15

🇯🇵 20.78.0.33

🇨🇳 14.103.112.179

🇳🇱 5.255.123.158

🇨🇳 218.85.78.113