36.106.166.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): Tianjin

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
36.106.166.191	attackspambots	$f2bV_matches	2020-04-22 17:38:18
36.106.166.20	attackbots	Aug 31 23:44:08 ovpn sshd\[16528\]: Invalid user admin from 36.106.166.20 Aug 31 23:44:08 ovpn sshd\[16528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.106.166.20 Aug 31 23:44:09 ovpn sshd\[16528\]: Failed password for invalid user admin from 36.106.166.20 port 53020 ssh2 Aug 31 23:44:12 ovpn sshd\[16528\]: Failed password for invalid user admin from 36.106.166.20 port 53020 ssh2 Aug 31 23:44:15 ovpn sshd\[16528\]: Failed password for invalid user admin from 36.106.166.20 port 53020 ssh2	2019-09-01 13:17:11

类型

评论内容

时间

36.106.166.191

attackspambots

$f2bV_matches

2020-04-22 17:38:18

36.106.166.20

attackbots

Aug 31 23:44:08 ovpn sshd\[16528\]: Invalid user admin from 36.106.166.20
Aug 31 23:44:08 ovpn sshd\[16528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.106.166.20
Aug 31 23:44:09 ovpn sshd\[16528\]: Failed password for invalid user admin from 36.106.166.20 port 53020 ssh2
Aug 31 23:44:12 ovpn sshd\[16528\]: Failed password for invalid user admin from 36.106.166.20 port 53020 ssh2
Aug 31 23:44:15 ovpn sshd\[16528\]: Failed password for invalid user admin from 36.106.166.20 port 53020 ssh2

2019-09-01 13:17:11

WHOIS信息:

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '36.106.0.0 - 36.106.255.255'

% Abuse contact for '36.106.0.0 - 36.106.255.255' is 'anti-spam@chinatelecom.cn'

inetnum:        36.106.0.0 - 36.106.255.255
netname:        CHINANET-TJ
descr:          CHINANET TIANJIN PROVINCE NETWORK
country:        CN
admin-c:        CH93-AP
tech-c:         AT370-AP
abuse-c:        AC1573-AP
status:         ALLOCATED NON-PORTABLE
remarks:        service provider
notify:         tjipadmin@163.com
mnt-by:         MAINT-CHINANET
mnt-lower:      MAINT-CHINANET-TJ
mnt-routes:     MAINT-CHINANET-TJ
mnt-irt:        IRT-CHINANET-CN
last-modified:  2021-06-15T08:06:09Z
source:         APNIC

irt:            IRT-CHINANET-CN
address:        No.31 ,jingrong street,beijing
address:        100032
e-mail:         anti-spam@chinatelecom.cn
abuse-mailbox:  anti-spam@chinatelecom.cn
admin-c:        CH93-AP
tech-c:         CH93-AP
auth:           # Filtered
remarks:        anti-spam@chinatelecom.cn was validated on 2025-11-13
mnt-by:         MAINT-CHINANET
last-modified:  2026-03-13T07:12:20Z
source:         APNIC

role:           ABUSE CHINANETCN
country:        ZZ
address:        No.31 ,jingrong street,beijing
address:        100032
phone:          +000000000
e-mail:         anti-spam@chinatelecom.cn
admin-c:        CH93-AP
tech-c:         CH93-AP
nic-hdl:        AC1573-AP
remarks:        Generated from irt object IRT-CHINANET-CN
remarks:        anti-spam@chinatelecom.cn was validated on 2025-11-13
abuse-mailbox:  anti-spam@chinatelecom.cn
mnt-by:         APNIC-ABUSE
last-modified:  2025-11-13T14:15:15Z
source:         APNIC

person:         admin tjtele
nic-hdl:        AT370-AP
e-mail:         tjipback@yahoo.com
address:        No.11 LIUJING ROAD ,HEDONG ,TIANJIN,CHINA
phone:          +86-22-85580499
fax-no:         +86-22-85580970
country:        CN
mnt-by:         MAINT-CHINANET-TJ
last-modified:  2014-04-01T03:31:13Z
source:         APNIC

person:         Chinanet Hostmaster
nic-hdl:        CH93-AP
e-mail:         anti-spam@chinatelecom.cn
address:        No.31 ,jingrong street,beijing
address:        100032
phone:          +86-10-58501724
fax-no:         +86-10-58501724
country:        CN
mnt-by:         MAINT-CHINANET
last-modified:  2022-02-28T06:53:44Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.47 (WHOIS-AU4)

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 36.106.166.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14787
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;36.106.166.48.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026031700 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 21:00:36 CST 2026
;; MSG SIZE  rcvd: 106

HOST信息:

Host 48.166.106.36.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.166.106.36.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
109.123.117.252	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-09 03:06:29
93.142.251.70	attackspambots	93.142.251.70 - - [08/Oct/2020:02:26:46 +0000] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "-" 93.142.251.70 - - [08/Oct/2020:02:28:06 +0000] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "-" 93.142.251.70 - - [08/Oct/2020:02:30:21 +0000] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "-" 93.142.251.70 - - [08/Oct/2020:02:31:29 +0000] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "-" 93.142.251.70 - - [08/Oct/2020:02:33:46 +0000] "POST /xmlrpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "-"	2020-10-09 02:58:44
106.12.93.25	attackspambots	(sshd) Failed SSH login from 106.12.93.25 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 8 12:44:24 server sshd[3869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root Oct 8 12:44:26 server sshd[3869]: Failed password for root from 106.12.93.25 port 55910 ssh2 Oct 8 12:53:20 server sshd[6265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root Oct 8 12:53:22 server sshd[6265]: Failed password for root from 106.12.93.25 port 46842 ssh2 Oct 8 12:55:59 server sshd[6918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.25 user=root	2020-10-09 03:21:08
196.251.238.47	attack	Brute forcing email accounts	2020-10-09 03:23:27
112.85.42.13	attack	Triggered by Fail2Ban at Ares web server	2020-10-09 03:08:26
178.32.72.55	attackbots	445/tcp 445/tcp 445/tcp [2020-08-15/10-07]3pkt	2020-10-09 02:54:54
106.52.199.130	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-08T15:49:39Z and 2020-10-08T15:52:29Z	2020-10-09 03:11:23
191.101.200.6	attackbotsspam	SpamScore above: 10.0	2020-10-09 02:48:47
157.230.24.226	attackspambots	Oct 8 20:33:46 ns382633 sshd\[31043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.24.226 user=root Oct 8 20:33:48 ns382633 sshd\[31043\]: Failed password for root from 157.230.24.226 port 41448 ssh2 Oct 8 20:37:23 ns382633 sshd\[31635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.24.226 user=root Oct 8 20:37:25 ns382633 sshd\[31635\]: Failed password for root from 157.230.24.226 port 40054 ssh2 Oct 8 20:39:26 ns382633 sshd\[32139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.24.226 user=root	2020-10-09 03:04:43
42.236.10.71	attack	Automatic report - Banned IP Access	2020-10-09 03:18:28
88.99.76.109	attack	88.99.76.109 (DE/Germany/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 8 04:12:49 jbs1 sshd[21934]: Failed password for root from 88.99.76.109 port 53490 ssh2 Oct 8 04:15:24 jbs1 sshd[23583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.230.44 user=root Oct 8 04:14:41 jbs1 sshd[23095]: Failed password for root from 154.83.16.242 port 49448 ssh2 Oct 8 04:14:48 jbs1 sshd[23185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.32.37.130 user=root Oct 8 04:14:49 jbs1 sshd[23185]: Failed password for root from 12.32.37.130 port 61210 ssh2 Oct 8 04:14:39 jbs1 sshd[23095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.16.242 user=root IP Addresses Blocked:	2020-10-09 03:17:23
51.210.151.242	attackbotsspam	Invalid user suresh from 51.210.151.242 port 58036	2020-10-09 02:56:16
103.40.187.34	attackspambots	445/tcp 1433/tcp [2020-09-25/10-07]2pkt	2020-10-09 03:04:58
128.199.84.201	attackspam	Oct 8 18:21:33 v22019038103785759 sshd\[32546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.84.201 user=root Oct 8 18:21:35 v22019038103785759 sshd\[32546\]: Failed password for root from 128.199.84.201 port 53806 ssh2 Oct 8 18:25:42 v22019038103785759 sshd\[470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.84.201 user=root Oct 8 18:25:44 v22019038103785759 sshd\[470\]: Failed password for root from 128.199.84.201 port 55326 ssh2 Oct 8 18:29:41 v22019038103785759 sshd\[804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.84.201 user=root ...	2020-10-09 03:20:20
45.119.84.149	attackbots	probing for vulnerabilities, found a honeypot	2020-10-09 03:07:28

最近上报的IP列表

47.253.180.227	43.164.2.152	83.125.81.207	74.91.133.41
60.221.9.178	218.12.30.14	47.254.234.203	91.231.89.44
91.219.9.12	171.78.165.97	249.124.156.43	247.226.11.200
20.168.127.149	129.212.237.17	233.64.20.225	64.226.71.148
217.248.239.119	124.220.47.47	206.189.3.223	18.191.118.41