36.249.225.108

Basic Info

City: Xiamen

Region: Fujian

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '36.249.192.0 - 36.249.255.255'

% Abuse contact for '36.249.192.0 - 36.249.255.255' is 'zhaoyz3@chinaunicom.cn'

inetnum:        36.249.192.0 - 36.249.255.255
netname:        UNICOM-FJ-ZHANGZHOU-MAN
descr:          Zhangzhou city, fujian provincial network of UNICOM
country:        CN
admin-c:        ZZ733-AP
tech-c:         ZZ733-AP
abuse-c:        AC1718-AP
status:         ALLOCATED NON-PORTABLE
mnt-by:         MAINT-CNCGROUP-FJ
mnt-lower:      MAINT-CN-ZZ28
mnt-irt:        IRT-CU-CN
last-modified:  2023-10-21T03:33:11Z
source:         APNIC

irt:            IRT-CU-CN
address:        No.21,Financial Street
address:        Beijing,100033
address:        P.R.China
e-mail:         zhaoyz3@chinaunicom.cn
abuse-mailbox:  zhaoyz3@chinaunicom.cn
admin-c:        CH1302-AP
tech-c:         CH1302-AP
auth:           # Filtered
remarks:        zhaoyz3@chinaunicom.cn was validated on 2026-05-08
mnt-by:         MAINT-CNCGROUP
last-modified:  2026-05-09T04:50:16Z
source:         APNIC

role:           ABUSE CUCN
country:        ZZ
address:        No.21,Financial Street
address:        Beijing,100033
address:        P.R.China
phone:          +000000000
e-mail:         zhaoyz3@chinaunicom.cn
admin-c:        CH1302-AP
tech-c:         CH1302-AP
nic-hdl:        AC1718-AP
remarks:        Generated from irt object IRT-CU-CN
remarks:        zhaoyz3@chinaunicom.cn was validated on 2026-05-08
abuse-mailbox:  zhaoyz3@chinaunicom.cn
mnt-by:         APNIC-ABUSE
last-modified:  2026-05-08T01:31:32Z
source:         APNIC

person:         ZHANG ZHOU
nic-hdl:        ZZ733-AP
e-mail:         chenruicong@chinaunicom.cn
address:        Zhangzhou city, Fujian province, China
phone:          +86-596-6102189
fax-no:         +86-596-6102606
country:        cn
mnt-by:         MAINT-CNCGROUP-FJ
last-modified:  2009-11-06T01:33:42Z
source:         APNIC

% Information related to '36.248.0.0/14AS4837'

route:          36.248.0.0/14
descr:          China Unicom Fujian Province Network
country:        CN
origin:         AS4837
mnt-by:         MAINT-CNCGROUP-RR
last-modified:  2011-03-02T05:24:03Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 36.249.225.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37953
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;36.249.225.108.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026052101 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 21 21:01:35 CST 2026
;; MSG SIZE  rcvd: 107

Host info

Host 108.225.249.36.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 108.225.249.36.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.37.74	attack	Sep 25 08:48:35 mc1 kernel: \[680558.612953\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=57524 PROTO=TCP SPT=46525 DPT=18901 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 08:49:01 mc1 kernel: \[680584.062273\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=29069 PROTO=TCP SPT=46525 DPT=58577 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 08:52:04 mc1 kernel: \[680766.973397\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=13502 PROTO=TCP SPT=46525 DPT=65346 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-25 14:54:58
51.68.227.49	attack	Sep 25 05:31:22 anodpoucpklekan sshd[12064]: Invalid user team from 51.68.227.49 port 45402 ...	2019-09-25 15:25:00
223.111.150.149	attackbots	2019-09-25T03:01:36.6178011495-001 sshd\[34009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.150.149 user=root 2019-09-25T03:01:38.8731451495-001 sshd\[34009\]: Failed password for root from 223.111.150.149 port 28685 ssh2 2019-09-25T03:01:41.1756141495-001 sshd\[34009\]: Failed password for root from 223.111.150.149 port 28685 ssh2 2019-09-25T03:01:47.6320941495-001 sshd\[34009\]: Failed password for root from 223.111.150.149 port 28685 ssh2 2019-09-25T03:01:47.6325291495-001 sshd\[34009\]: error: maximum authentication attempts exceeded for root from 223.111.150.149 port 28685 ssh2 \[preauth\] 2019-09-25T03:02:01.1210381495-001 sshd\[34027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.150.149 user=root ...	2019-09-25 15:26:01
157.50.9.124	attackbots	C1,WP GET /wp-login.php	2019-09-25 15:01:09
221.150.17.93	attackbots	Sep 25 06:06:56 sshgateway sshd\[12040\]: Invalid user openfire from 221.150.17.93 Sep 25 06:06:56 sshgateway sshd\[12040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.150.17.93 Sep 25 06:06:59 sshgateway sshd\[12040\]: Failed password for invalid user openfire from 221.150.17.93 port 41434 ssh2	2019-09-25 14:53:37
195.170.168.40	attack	Scanning and Vuln Attempts	2019-09-25 15:28:21
122.225.200.114	attackbotsspam	Sep 25 02:49:32 web1 postfix/smtpd[26065]: warning: unknown[122.225.200.114]: SASL LOGIN authentication failed: authentication failure ...	2019-09-25 14:53:54
125.45.90.28	attackbotsspam	Sep 23 07:20:33 ACSRAD auth.info sshd[21951]: Invalid user kc from 125.45.90.28 port 39048 Sep 23 07:20:33 ACSRAD auth.info sshd[21951]: Failed password for invalid user kc from 125.45.90.28 port 39048 ssh2 Sep 23 07:20:34 ACSRAD auth.info sshd[21951]: Received disconnect from 125.45.90.28 port 39048:11: Bye Bye [preauth] Sep 23 07:20:34 ACSRAD auth.info sshd[21951]: Disconnected from 125.45.90.28 port 39048 [preauth] Sep 23 07:20:34 ACSRAD auth.notice sshguard[30767]: Attack from "125.45.90.28" on service 100 whostnameh danger 10. Sep 23 07:20:34 ACSRAD auth.notice sshguard[30767]: Attack from "125.45.90.28" on service 100 whostnameh danger 10. Sep 23 07:20:34 ACSRAD auth.notice sshguard[30767]: Attack from "125.45.90.28" on service 100 whostnameh danger 10. Sep 23 07:20:34 ACSRAD auth.warn sshguard[30767]: Blocking "125.45.90.28/32" for 120 secs (3 attacks in 0 secs, after 1 abuses over 0 secs.) Sep 23 07:25:13 ACSRAD auth.info sshd[24533]: Invalid user loverd from 125........ ------------------------------	2019-09-25 14:49:07
77.85.169.149	attackbotsspam	2019-09-25T05:52:42.695507MailD postfix/smtpd[22668]: NOQUEUE: reject: RCPT from 77-85-169-149.ip.btc-net.bg[77.85.169.149]: 554 5.7.1 Service unavailable; Client host [77.85.169.149] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?77.85.169.149; from= to= proto=ESMTP helo=<77-85-169-149.ip.btc-net.bg> 2019-09-25T05:52:43.152737MailD postfix/smtpd[22668]: NOQUEUE: reject: RCPT from 77-85-169-149.ip.btc-net.bg[77.85.169.149]: 554 5.7.1 Service unavailable; Client host [77.85.169.149] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?77.85.169.149; from= to= proto=ESMTP helo=<77-85-169-149.ip.btc-net.bg> 2019-09-25T05:52:43.502459MailD postfix/smtpd[22668]: NOQUEUE: reject: RCPT from 77-85-169-149.ip.btc-net.bg[77.85.169.149]: 554 5.7.1 Service unavailable; Client host [77.85.169.149] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.n	2019-09-25 15:07:22
51.68.178.85	attackbots	Sep 25 09:09:28 localhost sshd\[28134\]: Invalid user apache from 51.68.178.85 port 34646 Sep 25 09:09:28 localhost sshd\[28134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.178.85 Sep 25 09:09:30 localhost sshd\[28134\]: Failed password for invalid user apache from 51.68.178.85 port 34646 ssh2	2019-09-25 15:10:21
164.160.34.111	attackspambots	Sep 24 20:41:57 lcdev sshd\[18953\]: Invalid user user from 164.160.34.111 Sep 24 20:41:57 lcdev sshd\[18953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.160.34.111 Sep 24 20:41:58 lcdev sshd\[18953\]: Failed password for invalid user user from 164.160.34.111 port 51226 ssh2 Sep 24 20:46:49 lcdev sshd\[19384\]: Invalid user weblogic from 164.160.34.111 Sep 24 20:46:49 lcdev sshd\[19384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.160.34.111	2019-09-25 14:52:17
123.123.4.240	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/123.123.4.240/ CN - 1H : (2085) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4808 IP : 123.123.4.240 CIDR : 123.123.0.0/18 PREFIX COUNT : 1972 UNIQUE IP COUNT : 6728192 WYKRYTE ATAKI Z ASN4808 : 1H - 3 3H - 5 6H - 11 12H - 14 24H - 34 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-25 15:16:41
211.97.19.8	attack	Unauthorised access (Sep 25) SRC=211.97.19.8 LEN=40 TTL=49 ID=1438 TCP DPT=8080 WINDOW=14996 SYN	2019-09-25 14:54:41
209.17.97.10	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-25 15:19:42
79.137.33.20	attackbotsspam	Sep 25 06:50:21 xeon sshd[23195]: Failed password for invalid user intermec from 79.137.33.20 port 41927 ssh2	2019-09-25 15:09:56

Recently Reported IPs

27.210.227.40	27.10.106.9	182.51.86.62	175.155.239.95
112.92.129.95	111.85.239.242	111.208.79.78	110.17.84.222
134.35.157.102	3.87.31.169	2606:4700:10::6816:3332	110.78.153.77
111.208.78.115	111.208.80.115	66.132.172.197	42.48.38.47
195.96.139.15	171.105.76.96	2606:4700:10::ac43:1959	10.101.111.112