City: unknown
Region: unknown
Country: China
Internet Service Provider: China Unicom
Hostname: unknown
Organization: unknown
Usage Type: unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '112.64.205.252 - 112.64.205.255'
% Abuse contact for '112.64.205.252 - 112.64.205.255' is 'zhaoyz3@chinaunicom.cn'
inetnum: 112.64.205.252 - 112.64.205.255
netname: haorong
descr: Shanghai DIA Dedicated Internet Access
country: cn
admin-c: YR194-AP
tech-c: YR194-AP
abuse-c: AC1718-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNCGROUP-SH
mnt-irt: IRT-CU-CN
last-modified: 2025-01-22T13:14:38Z
source: APNIC
irt: IRT-CU-CN
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
e-mail: zhaoyz3@chinaunicom.cn
abuse-mailbox: zhaoyz3@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
remarks: zhaoyz3@chinaunicom.cn was validated on 2025-10-17
mnt-by: MAINT-CNCGROUP
last-modified: 2025-11-18T00:26:20Z
source: APNIC
role: ABUSE CUCN
country: ZZ
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
phone: +000000000
e-mail: zhaoyz3@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
nic-hdl: AC1718-AP
remarks: Generated from irt object IRT-CU-CN
remarks: zhaoyz3@chinaunicom.cn was validated on 2025-10-17
abuse-mailbox: zhaoyz3@chinaunicom.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-10-17T02:26:56Z
source: APNIC
person: yanling ruan
nic-hdl: YR194-AP
e-mail: sh-ipmaster@chinaunicom.cn
address: No.900,Pudong Avenue,ShangHai,China
phone: +086-021-61201616
fax-no: +086-021-61201616
country: cn
mnt-by: MAINT-CNCGROUP-SH
last-modified: 2008-12-15T08:05:03Z
source: APNIC
% Information related to '112.64.0.0/15AS17621'
route: 112.64.0.0/15
descr: China Unicom CHINA169 Shanghai Province Network
descr: Addresses from APNIC
country: CN
origin: AS17621
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-12-29T02:45:31Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.64.205.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31594
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;112.64.205.254. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026042802 1800 900 604800 86400
;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 29 07:59:25 CST 2026
;; MSG SIZE rcvd: 107Host 254.205.64.112.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 254.205.64.112.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 80.82.64.127 | attackspam | 10/15/2019-10:32:51.679338 80.82.64.127 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82 |
2019-10-15 23:16:21 |
| 103.112.215.14 | attackspambots | 2019-10-15T13:18:31.740671abusebot-7.cloudsearch.cf sshd\[30412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.112.215.14 user=root |
2019-10-15 22:59:24 |
| 185.90.116.10 | attack | 10/15/2019-09:09:57.794343 185.90.116.10 Protocol: 6 ET SCAN Potential SSH Scan |
2019-10-15 23:00:54 |
| 106.12.28.10 | attackspam | 2019-10-15T15:23:46.396635abusebot-5.cloudsearch.cf sshd\[7439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.10 user=root |
2019-10-15 23:28:59 |
| 121.67.246.141 | attackbotsspam | (sshd) Failed SSH login from 121.67.246.141 (KR/South Korea/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 15 11:26:47 andromeda sshd[9018]: Invalid user tss3 from 121.67.246.141 port 34230 Oct 15 11:26:49 andromeda sshd[9018]: Failed password for invalid user tss3 from 121.67.246.141 port 34230 ssh2 Oct 15 11:42:36 andromeda sshd[10676]: Invalid user Sofia from 121.67.246.141 port 47494 |
2019-10-15 23:01:27 |
| 200.11.150.238 | attackbotsspam | Oct 15 10:21:29 debian sshd\[19018\]: Invalid user ubuntu from 200.11.150.238 port 44209 Oct 15 10:21:29 debian sshd\[19018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.150.238 Oct 15 10:21:31 debian sshd\[19018\]: Failed password for invalid user ubuntu from 200.11.150.238 port 44209 ssh2 ... |
2019-10-15 23:26:41 |
| 155.4.32.16 | attack | Oct 15 13:54:10 vps691689 sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.4.32.16 Oct 15 13:54:13 vps691689 sshd[10333]: Failed password for invalid user vali from 155.4.32.16 port 55219 ssh2 Oct 15 13:58:17 vps691689 sshd[10382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.4.32.16 ... |
2019-10-15 23:23:59 |
| 158.69.241.207 | attackbotsspam | \[2019-10-15 10:33:38\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-15T10:33:38.603-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="009441923937030",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.241.207/62864",ACLName="no_extension_match" \[2019-10-15 10:36:23\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-15T10:36:23.190-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="700441923937030",SessionID="0x7fc3acfa7958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.241.207/61472",ACLName="no_extension_match" \[2019-10-15 10:39:08\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-15T10:39:08.535-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441923937030",SessionID="0x7fc3acfa7958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.241.207/58788",ACLName="no_e |
2019-10-15 22:52:12 |
| 183.230.201.65 | attackspam | Port 1433 Scan |
2019-10-15 23:08:02 |
| 93.149.79.247 | attack | Oct 15 10:06:55 TORMINT sshd\[1723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.79.247 user=root Oct 15 10:06:56 TORMINT sshd\[1723\]: Failed password for root from 93.149.79.247 port 59736 ssh2 Oct 15 10:14:11 TORMINT sshd\[4554\]: Invalid user natasha from 93.149.79.247 Oct 15 10:14:11 TORMINT sshd\[4554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.79.247 ... |
2019-10-15 23:27:24 |
| 203.110.179.26 | attackspam | Oct 15 14:35:05 dedicated sshd[31258]: Invalid user ali from 203.110.179.26 port 59818 |
2019-10-15 23:12:26 |
| 50.63.185.234 | attack | /cgi-bin/test.cgi |
2019-10-15 23:05:05 |
| 194.61.26.34 | attack | 2019-10-15T14:19:31.269736abusebot-6.cloudsearch.cf sshd\[28439\]: Invalid user admin from 194.61.26.34 port 48873 |
2019-10-15 22:53:52 |
| 27.50.162.82 | attackbots | 2019-10-15 13:41:20,386 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 14:13:23,458 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 14:54:07,531 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 15:37:26,022 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 16:10:34,449 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 ... |
2019-10-15 23:20:40 |
| 157.230.249.220 | attackspambots | Oct 14 15:28:55 myhostname sshd[15863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.249.220 user=r.r Oct 14 15:28:57 myhostname sshd[15863]: Failed password for r.r from 157.230.249.220 port 60542 ssh2 Oct 14 15:28:57 myhostname sshd[15863]: Received disconnect from 157.230.249.220 port 60542:11: Bye Bye [preauth] Oct 14 15:28:57 myhostname sshd[15863]: Disconnected from 157.230.249.220 port 60542 [preauth] Oct 14 15:40:46 myhostname sshd[15915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.249.220 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.230.249.220 |
2019-10-15 23:22:08 |