City: Shanghai
Region: Shanghai
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '101.80.0.0 - 101.95.255.255'
% Abuse contact for '101.80.0.0 - 101.95.255.255' is 'anti-spam@chinatelecom.cn'
inetnum: 101.80.0.0 - 101.95.255.255
netname: CHINANET-SH
descr: CHINANET SHANGHAI PROVINCE NETWORK
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: WWQ4-AP
tech-c: WWQ4-AP
abuse-c: AC1573-AP
status: ALLOCATED PORTABLE
remarks: service provider
notify: ip-admin@mail.online.sh.cn
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-SH
mnt-routes: MAINT-CHINANET-SH
mnt-irt: IRT-CHINANET-CN
last-modified: 2021-06-15T08:06:18Z
source: APNIC
irt: IRT-CHINANET-CN
address: No.31 ,jingrong street,beijing
address: 100032
e-mail: anti-spam@chinatelecom.cn
abuse-mailbox: anti-spam@chinatelecom.cn
admin-c: CH93-AP
tech-c: CH93-AP
auth: # Filtered
remarks: anti-spam@chinatelecom.cn was validated on 2025-04-24
mnt-by: MAINT-CHINANET
last-modified: 2025-09-04T00:59:42Z
source: APNIC
role: ABUSE CHINANETCN
country: ZZ
address: No.31 ,jingrong street,beijing
address: 100032
phone: +000000000
e-mail: anti-spam@chinatelecom.cn
admin-c: CH93-AP
tech-c: CH93-AP
nic-hdl: AC1573-AP
remarks: Generated from irt object IRT-CHINANET-CN
remarks: anti-spam@chinatelecom.cn was validated on 2025-04-24
abuse-mailbox: anti-spam@chinatelecom.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-04-24T03:21:54Z
source: APNIC
person: Weng Wen Qian
address: Room 2405,357 Songlin Road,Shanghai 200122
country: CN
phone: +86-21-68405784
fax-no: +86-21-50623458
e-mail: shizhiming.sh@chinatelecom.cn
nic-hdl: WWQ4-AP
mnt-by: MAINT-CHINANET-SH
last-modified: 2023-02-07T08:25:17Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.34 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 101.91.148.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20117
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;101.91.148.219. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100102 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 02 10:01:07 CST 2025
;; MSG SIZE rcvd: 107Host 219.148.91.101.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 219.148.91.101.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 170.244.227.235 | attack | Unauthorized connection attempt from IP address 170.244.227.235 on Port 445(SMB) |
2020-10-11 10:08:33 |
| 122.61.62.26 | attackbotsspam | SSH Bruteforce Attempt on Honeypot |
2020-10-11 09:45:49 |
| 179.144.140.183 | attack | prod6 ... |
2020-10-11 10:03:38 |
| 185.220.101.202 | attackspambots | 21 attempts against mh-misbehave-ban on sonic |
2020-10-11 09:51:16 |
| 85.208.96.65 | attack | Automatic report - Banned IP Access |
2020-10-11 09:56:48 |
| 139.59.141.196 | attackspambots | 139.59.141.196 - - [10/Oct/2020:22:54:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2375 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [10/Oct/2020:22:54:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-11 10:04:07 |
| 190.90.191.45 | attackspambots | Unauthorized connection attempt from IP address 190.90.191.45 on Port 445(SMB) |
2020-10-11 09:37:59 |
| 37.151.32.27 | attack | Unauthorized connection attempt from IP address 37.151.32.27 on Port 445(SMB) |
2020-10-11 09:51:40 |
| 180.76.248.85 | attack | Failed password for invalid user teacher from 180.76.248.85 port 58092 ssh2 |
2020-10-11 10:07:59 |
| 51.210.40.91 | attack | DATE:2020-10-10 22:52:45,IP:51.210.40.91,MATCHES:10,PORT:ssh |
2020-10-11 10:11:48 |
| 106.12.46.179 | attack | (sshd) Failed SSH login from 106.12.46.179 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 19:37:33 atlas sshd[29029]: Invalid user tomcat from 106.12.46.179 port 43730 Oct 10 19:37:35 atlas sshd[29029]: Failed password for invalid user tomcat from 106.12.46.179 port 43730 ssh2 Oct 10 19:45:27 atlas sshd[30708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.46.179 user=root Oct 10 19:45:29 atlas sshd[30708]: Failed password for root from 106.12.46.179 port 48532 ssh2 Oct 10 19:49:17 atlas sshd[31459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.46.179 user=root |
2020-10-11 09:42:00 |
| 161.10.141.202 | attackspam | Unauthorized connection attempt from IP address 161.10.141.202 on Port 445(SMB) |
2020-10-11 09:57:08 |
| 119.196.116.211 | attackbots | Port Scan: TCP/443 |
2020-10-11 10:09:38 |
| 5.188.86.174 | attackspam | Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-10T20:45:36Z |
2020-10-11 09:47:35 |
| 164.90.226.53 | attack | DATE:2020-10-11 02:24:45, IP:164.90.226.53, PORT:ssh SSH brute force auth (docker-dc) |
2020-10-11 10:00:20 |