JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.138.159.67

36.138.159.67 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 100%: ?

100%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS9808
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Hohhot, Inner Mongolia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.138.159.67

Whois 36.138.159.67

IP Abuse Reports for 36.138.159.67:

This IP address has been reported a total of 40 times from 32 distinct sources. 36.138.159.67 was first reported on June 22nd 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 phil2k	2026-06-28 12:37:17 (4 hours ago)	portscan on multiple TCP ports : Firewall: Within 2026-06-22 05:23:39 - 2026-06-28 05:59:53 CEST(+02 ... show more portscan on multiple TCP ports : Firewall: Within 2026-06-22 05:23:39 - 2026-06-28 05:59:53 CEST(+0200) identified: unallowed access from 36.138.159.67/32 on port 6379(redis) (1 trial) Fail2ban: Within 2026-06-22 05:23:39 - 2026-06-28 05:59:53 CEST(+0200) banned: 4 times by fail2ban[firewall] show less	Port Scan
Anonymous	2026-06-28 05:33:38 (11 hours ago)	2026-06-28T06:33:37.831238+01:00 vps kernel: [44364960.479445] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-28T06:33:37.831238+01:00 vps kernel: [44364960.479445] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=36.138.159.67 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=36 ID=16815 DF PROTO=TCP SPT=47240 DPT=6379 WINDOW=14600 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇩🇪 SMi-Web	2026-06-27 23:28:16 (18 hours ago)	Blocked by firewall on hugin [6379/tcp] \| Rule: AbuseIPDB \| SPT: 43810 \| TTL: 44 \| LEN: 60 \| TOS: 0x ... show more Blocked by firewall on hugin [6379/tcp] \| Rule: AbuseIPDB \| SPT: 43810 \| TTL: 44 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 VXG-NET	2026-06-27 20:30:50 (20 hours ago)	port=6379, indicator_type=scan	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-27 14:59:52 (1 day ago)	[DS-BLKS-PROD01] Blocked by SysWarden Firewall (Database/Cache Attack)	Brute-Force Port Scan Hacking
Anonymous	2026-06-27 05:16:53 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇦🇹 Pingger Shikkoken	2026-06-27 03:28:42 (1 day ago)	2026-06-27T03:28:42+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-06-27T03:28:42+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=36.138.159.67 DST=152.53.50.28 LEN=60 TOS=0x04 PREC=0x00 TTL=42 ID=20657 DF PROTO=TCP SPT=54168 DPT=6379 WINDOW=14600 RES=0x00 SYN URGP=0 show less	Hacking
🇦🇹 centurion	2026-06-27 03:28:41 (1 day ago)	Unauthorized attempt on coresecret [6379/tcp] Source port: 38594 TTL: 42 Packet length: 60 TOS: 0x00 ... show more Unauthorized attempt on coresecret [6379/tcp] Source port: 38594 TTL: 42 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 ByeByte API	2026-06-26 20:51:14 (1 day ago)	byebyte.space auth: TCP packet to port 6379 (Redis) at 2026-06-26T20:51:14Z. Source port 54466. TCP ... show more byebyte.space auth: TCP packet to port 6379 (Redis) at 2026-06-26T20:51:14Z. Source port 54466. TCP flags: SYN. Packet: 60B, TTL 36, window 14600, IP id 62862. Single packet, dropped at firewall. p0f: OS Linux 3.1-3.10 (exact match), 28 hops, link Ethernet or modem. show less	Port Scan
🇳🇱 ByeByte API	2026-06-26 20:51:14 (1 day ago)	Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 6379. Activity window: 20 ... show more Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 6379. Activity window: 2026-06-26 10:54 UTC to 2026-06-26 20:51 UTC. show less	Port Scan
🇮🇩 hermawan	2026-06-26 11:27:55 (2 days ago)	1782473266.811111 36.138.159.67 103.166.156.58 14600_2-4-8-1-3_1460_7 2026-06-26 18:27:46 WIB ...	Email Spam Hacking
🇩🇪 centurion	2026-06-26 10:55:51 (2 days ago)	Blocked by UFW on ns02 [6379/tcp] Source port: 56139 TTL: 43 Packet length: 60 TOS: 0x00 This repor ... show more Blocked by UFW on ns02 [6379/tcp] Source port: 56139 TTL: 43 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 VMHeaven.io	2026-06-26 10:54:58 (2 days ago)	Blocked by UFW [6379/tcp] Source port: 44052 TTL: 36 Packet length: 60	Port Scan
🇳🇱 ByeByte API	2026-06-26 10:54:58 (2 days ago)	byebyte.space auth: TCP packet to port 6379 (Redis) at 2026-06-26T10:54:58Z. Source port 60505. TCP ... show more byebyte.space auth: TCP packet to port 6379 (Redis) at 2026-06-26T10:54:58Z. Source port 60505. TCP flags: SYN. Packet: 60B, TTL 36, window 14600, IP id 37389. Single packet, dropped at firewall. p0f: OS Linux 3.1-3.10 (exact match), 28 hops, link Ethernet or modem. show less	Port Scan
🇹🇷 Squearex	2026-06-26 10:20:20 (2 days ago)	Automated ban by SCUMUnified Shield. Honeypot Trap Triggered (Decoy Port 6379)	Brute-Force SSH

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.204

🇺🇸 35.245.165.234

🇺🇸 207.90.244.26

🇹🇭 159.192.132.36

🇫🇷 146.70.194.222

🇺🇸 104.243.35.104

🇿🇦 102.213.26.189

🇧🇬 95.87.213.16

🇺🇸 66.132.195.114

🇧🇷 45.233.207.175

🇨🇳 218.78.46.81

🇩🇪 185.220.101.21

🇺🇸 45.56.174.85

🇺🇸 167.99.148.102

🇧🇷 149.19.175.65

🇺🇸 135.237.125.137

🇨🇦 104.239.40.203

🇬🇧 104.143.232.143

🇮🇳 103.38.219.22

🇬🇪 2.57.217.229