City: unknown
Region: unknown
Country: China
Internet Service Provider: China Unicom
Hostname: unknown
Organization: unknown
Usage Type: unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '113.0.0.0 - 113.7.255.255'
% Abuse contact for '113.0.0.0 - 113.7.255.255' is 'zhaoyz3@chinaunicom.cn'
inetnum: 113.0.0.0 - 113.7.255.255
netname: UNICOM-HL
descr: China Unicom Heilongjiang Province Network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: BG63-AP
abuse-c: AC1718-AP
status: ALLOCATED PORTABLE
remarks: service provider
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HL
mnt-routes: MAINT-CNCGROUP-RR
mnt-irt: IRT-CU-CN
last-modified: 2023-10-21T03:28:45Z
source: APNIC
irt: IRT-CU-CN
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
e-mail: zhaoyz3@chinaunicom.cn
abuse-mailbox: zhaoyz3@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
remarks: zhaoyz3@chinaunicom.cn is invalid
mnt-by: MAINT-CNCGROUP
last-modified: 2025-10-03T06:12:01Z
source: APNIC
role: ABUSE CUCN
country: ZZ
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
phone: +000000000
e-mail: zhaoyz3@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
nic-hdl: AC1718-AP
remarks: Generated from irt object IRT-CU-CN
remarks: zhaoyz3@chinaunicom.cn is invalid
abuse-mailbox: zhaoyz3@chinaunicom.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-10T13:08:11Z
source: APNIC
person: Binghui Gao
nic-hdl: BG63-AP
e-mail: luanfuyu@vip.hl.cn
address: Shuniu Building,No.155 Zhongshan road,Harbin,Heilongjiang
phone: +86-451-82651467
fax-no: +86-451-82651464
country: CN
mnt-by: MAINT-CNCGROUP-HL
last-modified: 2010-03-10T01:38:01Z
source: APNIC
person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: hqs-ipabuse@chinaunicom.cn
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
mnt-by: MAINT-CNCGROUP
last-modified: 2017-08-17T06:13:16Z
source: APNIC
% Information related to '113.0.0.0/13AS4837'
route: 113.0.0.0/13
descr: CNC Group CHINA169 Heilongjiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-12-10T04:26:01Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.5.131.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29292
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;113.5.131.199. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100500 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 05 17:31:26 CST 2025
;; MSG SIZE rcvd: 106Host 199.131.5.113.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 199.131.5.113.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 1.11.201.18 | attackspambots | May 22 21:27:49 meumeu sshd[128370]: Invalid user rkc from 1.11.201.18 port 34970 May 22 21:27:49 meumeu sshd[128370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.11.201.18 May 22 21:27:49 meumeu sshd[128370]: Invalid user rkc from 1.11.201.18 port 34970 May 22 21:27:50 meumeu sshd[128370]: Failed password for invalid user rkc from 1.11.201.18 port 34970 ssh2 May 22 21:30:15 meumeu sshd[128909]: Invalid user omsagent from 1.11.201.18 port 43790 May 22 21:30:15 meumeu sshd[128909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.11.201.18 May 22 21:30:15 meumeu sshd[128909]: Invalid user omsagent from 1.11.201.18 port 43790 May 22 21:30:17 meumeu sshd[128909]: Failed password for invalid user omsagent from 1.11.201.18 port 43790 ssh2 May 22 21:32:38 meumeu sshd[129263]: Invalid user xoa from 1.11.201.18 port 52612 ... |
2020-05-23 03:37:59 |
| 185.151.242.165 | attackspambots | RDP brute force attack detected by fail2ban |
2020-05-23 03:48:55 |
| 106.12.55.39 | attack | May 22 21:24:43 h2779839 sshd[12662]: Invalid user xwx from 106.12.55.39 port 37480 May 22 21:24:43 h2779839 sshd[12662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 May 22 21:24:43 h2779839 sshd[12662]: Invalid user xwx from 106.12.55.39 port 37480 May 22 21:24:45 h2779839 sshd[12662]: Failed password for invalid user xwx from 106.12.55.39 port 37480 ssh2 May 22 21:28:29 h2779839 sshd[12767]: Invalid user wj from 106.12.55.39 port 37962 May 22 21:28:29 h2779839 sshd[12767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.39 May 22 21:28:29 h2779839 sshd[12767]: Invalid user wj from 106.12.55.39 port 37962 May 22 21:28:31 h2779839 sshd[12767]: Failed password for invalid user wj from 106.12.55.39 port 37962 ssh2 May 22 21:32:12 h2779839 sshd[12827]: Invalid user ptn from 106.12.55.39 port 38566 ... |
2020-05-23 03:41:24 |
| 185.142.239.16 | attack | Unauthorized connection attempt detected from IP address 185.142.239.16 to port 113 |
2020-05-23 03:51:11 |
| 223.240.65.149 | attack | May 22 20:35:19 icinga sshd[37644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.65.149 May 22 20:35:21 icinga sshd[37644]: Failed password for invalid user els from 223.240.65.149 port 38722 ssh2 May 22 20:40:11 icinga sshd[48312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.65.149 ... |
2020-05-23 04:01:43 |
| 183.131.3.196 | attackspambots | SIP/5060 Probe, BF, Hack - |
2020-05-23 04:01:25 |
| 51.255.172.198 | attack | 5x Failed Password |
2020-05-23 03:44:03 |
| 20.188.39.139 | attackspam | 20.188.39.139 - - [22/May/2020:18:48:53 +0200] "POST //wp-login.php HTTP/1.1" 200 5637 "https://idpi.univ-lyon3.fr//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 20.188.39.139 - - [22/May/2020:18:48:53 +0200] "POST //wp-login.php HTTP/1.1" 200 5637 "https://idpi.univ-lyon3.fr//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 20.188.39.139 - - [22/May/2020:18:48:53 +0200] "POST //wp-login.php HTTP/1.1" 200 5637 "https://idpi.univ-lyon3.fr//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 20.188.39.139 - - [22/May/2020:18:48:54 +0200] "POST //wp-login.php HTTP/1.1" 200 5637 "https://idpi.univ-lyon3.fr//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 20.188.3 ... |
2020-05-23 03:39:21 |
| 159.65.91.105 | attackspam | $f2bV_matches |
2020-05-23 03:46:48 |
| 5.135.164.227 | attackspam | $f2bV_matches |
2020-05-23 03:36:26 |
| 185.153.199.211 | attack | SmallBizIT.US 2 packets to tcp(3389) |
2020-05-23 03:40:54 |
| 118.89.164.156 | attack | May 22 18:28:43 l03 sshd[12344]: Invalid user tfa from 118.89.164.156 port 54420 ... |
2020-05-23 04:11:54 |
| 104.140.211.133 | attack | (From schmidt.hilda@msn.com) Good day The Lockdown Formula is a breakthrough system that allows you to learn how to quickly make money online using affiliate marketing and using a simple-to-set-up system with basic squeeze pages that take people to an offer. Especially, it also offers you full traffic generation training. MORE INFO HERE=> https://bit.ly/2L8vqCq |
2020-05-23 03:45:29 |
| 195.54.166.26 | attackbots | Port scan on 4 port(s): 64769 64846 64917 64919 |
2020-05-23 03:58:48 |
| 61.7.235.211 | attack | May 22 22:02:34 lnxmail61 sshd[22062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.7.235.211 |
2020-05-23 04:07:26 |