120.238.85.131

Basic Info

City: Guangzhou

Region: Guangdong

Country: China

Internet Service Provider: China Mobile

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '120.192.0.0 - 120.255.255.255'

% Abuse contact for '120.192.0.0 - 120.255.255.255' is 'abuse@chinamobile.com'

inetnum:        120.192.0.0 - 120.255.255.255
netname:        CMNET
descr:          China Mobile Communications Corporation
descr:          Mobile Communications Network Operator in China
descr:          Internet Service Provider in China
country:        CN
org:            ORG-CM1-AP
admin-c:        ct74-AP
tech-c:         HL1318-AP
abuse-c:        AC2006-AP
status:         ALLOCATED PORTABLE
remarks:        service provider
remarks:        --------------------------------------------------------
remarks:        To report network abuse, please contact mnt-irt
remarks:        For troubleshooting, please contact tech-c and admin-c
remarks:        Report invalid contact via www.apnic.net/invalidcontact
remarks:        --------------------------------------------------------
mnt-by:         APNIC-HM
mnt-lower:      MAINT-CN-CMCC
mnt-routes:     MAINT-CN-CMCC
mnt-irt:        IRT-CHINAMOBILE-CN
last-modified:  2020-07-15T13:10:01Z
source:         APNIC

irt:            IRT-CHINAMOBILE-CN
address:        China Mobile Communications Corporation
address:        29, Jinrong Ave., Xicheng District, Beijing, 100032
e-mail:         abuse@chinamobile.com
abuse-mailbox:  abuse@chinamobile.com
admin-c:        CT74-AP
tech-c:         CT74-AP
auth:           # Filtered
remarks:        abuse@chinamobile.com was validated on 2025-09-15
mnt-by:         MAINT-CN-CMCC
last-modified:  2025-11-18T00:26:27Z
source:         APNIC

organisation:   ORG-CM1-AP
org-name:       China Mobile
org-type:       LIR
country:        CN
address:        29, Jinrong Ave.
phone:          +86-10-5268-6688
fax-no:         +86-10-5261-6187
e-mail:         hostmaster@chinamobile.com
mnt-ref:        APNIC-HM
mnt-by:         APNIC-HM
last-modified:  2023-09-05T02:14:48Z
source:         APNIC

role:           ABUSE CHINAMOBILECN
country:        ZZ
address:        China Mobile Communications Corporation
address:        29, Jinrong Ave., Xicheng District, Beijing, 100032
phone:          +000000000
e-mail:         abuse@chinamobile.com
admin-c:        CT74-AP
tech-c:         CT74-AP
nic-hdl:        AC2006-AP
remarks:        Generated from irt object IRT-CHINAMOBILE-CN
remarks:        abuse@chinamobile.com was validated on 2025-09-15
abuse-mailbox:  abuse@chinamobile.com
mnt-by:         APNIC-ABUSE
last-modified:  2025-09-15T02:20:13Z
source:         APNIC

role:           chinamobile tech
address:        29, Jinrong Ave.,Xicheng district
address:        Beijing
country:        CN
phone:          +86 5268 6688
fax-no:         +86 5261 6187
e-mail:         hostmaster@chinamobile.com
admin-c:        HL1318-AP
tech-c:         HL1318-AP
nic-hdl:        ct74-AP
notify:         hostmaster@chinamobile.com
mnt-by:         MAINT-cn-cmcc
abuse-mailbox:  abuse@chinamobile.com
last-modified:  2016-11-29T09:37:27Z
source:         APNIC

person:         haijun li
nic-hdl:        HL1318-AP
e-mail:         hostmaster@chinamobile.com
address:        29,Jinrong Ave, Xicheng district,beijing,100032
phone:          +86 1052686688
fax-no:         +86 10 52616187
country:        CN
mnt-by:         MAINT-CN-CMCC
abuse-mailbox:  abuse@chinamobile.com
last-modified:  2016-11-29T09:38:38Z
source:         APNIC

% Information related to '120.224.0.0/12AS9808'

route:          120.224.0.0/12
descr:          China Mobile communications corporation
origin:         AS9808
mnt-by:         MAINT-CN-CMCC
last-modified:  2008-11-05T07:40:19Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.47 (WHOIS-AU4)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.238.85.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54073
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;120.238.85.131.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026030300 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 16:31:55 CST 2026
;; MSG SIZE  rcvd: 107

Host info

Host 131.85.238.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.85.238.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.210.155.154	attack	Oct 7 16:49:57 ws12vmsma01 sshd[53737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.210.155.154 user=root Oct 7 16:49:59 ws12vmsma01 sshd[53737]: Failed password for root from 191.210.155.154 port 32597 ssh2 Oct 7 16:50:00 ws12vmsma01 sshd[53745]: Invalid user ubnt from 191.210.155.154 ...	2019-10-08 06:24:47
220.247.174.14	attackspambots	Oct 7 23:54:09 * sshd[32118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.247.174.14 Oct 7 23:54:10 * sshd[32118]: Failed password for invalid user 123White from 220.247.174.14 port 43312 ssh2	2019-10-08 05:54:12
185.211.245.170	attackspambots	Oct 7 23:19:02 relay postfix/smtpd\[15075\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 23:34:10 relay postfix/smtpd\[15649\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 23:34:18 relay postfix/smtpd\[22299\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 23:38:14 relay postfix/smtpd\[22299\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 23:38:21 relay postfix/smtpd\[15652\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-08 05:49:25
182.61.136.53	attack	Oct 7 23:55:13 v22019058497090703 sshd[32216]: Failed password for root from 182.61.136.53 port 38100 ssh2 Oct 7 23:58:38 v22019058497090703 sshd[32426]: Failed password for root from 182.61.136.53 port 42022 ssh2 ...	2019-10-08 06:03:09
51.158.117.17	attackspambots	$f2bV_matches	2019-10-08 05:56:34
77.40.61.103	attackbotsspam	Oct 7 21:49:46 ncomp postfix/smtpd[7965]: warning: unknown[77.40.61.103]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 21:50:32 ncomp postfix/smtpd[7965]: warning: unknown[77.40.61.103]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 21:51:11 ncomp postfix/smtpd[7965]: warning: unknown[77.40.61.103]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-08 05:51:19
49.88.112.80	attackspambots	Oct 8 00:14:56 MK-Soft-Root1 sshd[12474]: Failed password for root from 49.88.112.80 port 33284 ssh2 Oct 8 00:15:00 MK-Soft-Root1 sshd[12474]: Failed password for root from 49.88.112.80 port 33284 ssh2 ...	2019-10-08 06:19:56
222.186.52.107	attackspam	$f2bV_matches	2019-10-08 05:52:11
149.147.128.111	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/149.147.128.111/ US - 1H : (356) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN42961 IP : 149.147.128.111 CIDR : 149.147.128.0/20 PREFIX COUNT : 150 UNIQUE IP COUNT : 608768 WYKRYTE ATAKI Z ASN42961 : 1H - 1 3H - 1 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-07 21:50:36 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-08 06:19:33
222.186.15.18	attack	Oct 7 18:01:11 ny01 sshd[9553]: Failed password for root from 222.186.15.18 port 41524 ssh2 Oct 7 18:02:01 ny01 sshd[9682]: Failed password for root from 222.186.15.18 port 35422 ssh2	2019-10-08 06:28:43
104.236.230.165	attackspambots	Oct 7 23:57:12 core sshd[26244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.230.165 user=root Oct 7 23:57:14 core sshd[26244]: Failed password for root from 104.236.230.165 port 33870 ssh2 ...	2019-10-08 06:11:50
179.191.65.122	attackbotsspam	2019-10-07T22:00:02.374599abusebot-8.cloudsearch.cf sshd\[16833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.191.65.122 user=root	2019-10-08 06:00:52
94.23.208.211	attack	Oct 7 20:57:28 web8 sshd\[6266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.208.211 user=root Oct 7 20:57:30 web8 sshd\[6266\]: Failed password for root from 94.23.208.211 port 43274 ssh2 Oct 7 21:01:16 web8 sshd\[8013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.208.211 user=root Oct 7 21:01:18 web8 sshd\[8013\]: Failed password for root from 94.23.208.211 port 54522 ssh2 Oct 7 21:05:00 web8 sshd\[9684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.208.211 user=root	2019-10-08 06:22:57
186.137.123.13	attackbots	Lines containing failures of 186.137.123.13 Oct 6 21:59:00 shared02 sshd[25312]: Invalid user nscd from 186.137.123.13 port 45390 Oct 6 21:59:00 shared02 sshd[25312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.137.123.13 Oct 6 21:59:03 shared02 sshd[25312]: Failed password for invalid user nscd from 186.137.123.13 port 45390 ssh2 Oct 6 21:59:03 shared02 sshd[25312]: Received disconnect from 186.137.123.13 port 45390:11: Bye Bye [preauth] Oct 6 21:59:03 shared02 sshd[25312]: Disconnected from invalid user nscd 186.137.123.13 port 45390 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=186.137.123.13	2019-10-08 06:25:40
80.211.159.118	attackbots	Oct 6 00:12:10 srv01 sshd[1896]: reveeclipse mapping checking getaddrinfo for host118-159-211-80.serverdedicati.aruba.hostname [80.211.159.118] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 6 00:12:10 srv01 sshd[1896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.159.118 user=r.r Oct 6 00:12:12 srv01 sshd[1896]: Failed password for r.r from 80.211.159.118 port 51868 ssh2 Oct 6 00:12:12 srv01 sshd[1896]: Received disconnect from 80.211.159.118: 11: Bye Bye [preauth] Oct 6 00:29:09 srv01 sshd[2623]: reveeclipse mapping checking getaddrinfo for host118-159-211-80.serverdedicati.aruba.hostname [80.211.159.118] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 6 00:29:09 srv01 sshd[2623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.159.118 user=r.r Oct 6 00:29:11 srv .... truncated .... Oct 6 00:12:10 srv01 sshd[1896]: reveeclipse mapping checking getaddrinfo for host118-159-211-........ -------------------------------	2019-10-08 06:05:33

Recently Reported IPs

130.61.17.31	2606:4700:10::6816:4193	2606:4700:10::6816:104	122.193.247.171
121.230.89.90	2606:4700:10::ac43:1185	2606:4700:10::6814:6609	2606:4700:10::6814:4435
2606:4700:10::6816:3751	2606:4700:10::6814:5410	2606:4700:10::ac43:2700	2606:4700:10::6814:5722
103.118.42.58	94.231.206.156	83.142.209.48	34.79.181.63
216.36.121.76	20.104.233.159	20.104.233.28	64.62.156.224