City: unknown
Region: unknown
Country: China
Internet Service Provider: China Unicom
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 123.6.49.36 | attackbots | Port probing on unauthorized port 2480 |
2020-05-31 20:08:26 |
| 123.6.49.38 | attack | firewall-block, port(s): 1433/tcp |
2020-05-31 16:52:28 |
| 123.6.49.36 | attack | 123.6.49.36 was recorded 5 times by 5 hosts attempting to connect to the following ports: 3097. Incident counter (4h, 24h, all-time): 5, 5, 5 |
2019-11-13 22:37:49 |
| 123.6.49.36 | attack | 1030/tcp 9100/tcp 2717/tcp... [2019-06-22/30]11pkt,3pt.(tcp) |
2019-07-01 03:37:27 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '123.4.0.0 - 123.7.255.255'
% Abuse contact for '123.4.0.0 - 123.7.255.255' is 'zhaoyz3@chinaunicom.cn'
inetnum: 123.4.0.0 - 123.7.255.255
netname: UNICOM-HA
descr: China Unicom Henan province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: WW444-AP
abuse-c: AC1718-AP
status: ALLOCATED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HA
mnt-routes: MAINT-CNCGROUP-RR
mnt-irt: IRT-CU-CN
last-modified: 2025-01-22T13:07:33Z
source: APNIC
irt: IRT-CU-CN
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
e-mail: zhaoyz3@chinaunicom.cn
abuse-mailbox: zhaoyz3@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
remarks: zhaoyz3@chinaunicom.cn was validated on 2026-05-08
mnt-by: MAINT-CNCGROUP
last-modified: 2026-05-09T04:50:16Z
source: APNIC
role: ABUSE CUCN
country: ZZ
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
phone: +000000000
e-mail: zhaoyz3@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
nic-hdl: AC1718-AP
remarks: Generated from irt object IRT-CU-CN
remarks: zhaoyz3@chinaunicom.cn was validated on 2026-05-08
abuse-mailbox: zhaoyz3@chinaunicom.cn
mnt-by: APNIC-ABUSE
last-modified: 2026-05-08T01:31:32Z
source: APNIC
person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: hqs-ipabuse@chinaunicom.cn
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
mnt-by: MAINT-CNCGROUP
last-modified: 2017-08-17T06:13:16Z
source: APNIC
person: Wei Wang
nic-hdl: WW444-AP
e-mail: abuse@public.zz.ha.cn
address: #55 San Quan Road, Zhengzhou, Henan Provice
phone: +86-371-65952358
fax-no: +86-371-65968952
country: CN
mnt-by: MAINT-CNCGROUP-HA
last-modified: 2010-03-05T08:20:01Z
source: APNIC
% Information related to '123.4.0.0/14AS4837'
route: 123.4.0.0/14
descr: CNC Group CHINA169 Henan Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-09-04T07:54:53Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.6.49.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3883
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;123.6.49.49. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026053100 1800 900 604800 86400
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 31 18:32:19 CST 2026
;; MSG SIZE rcvd: 10449.49.6.123.in-addr.arpa domain name pointer hn.kd.ny.adsl.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
49.49.6.123.in-addr.arpa name = hn.kd.ny.adsl.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 195.54.160.212 | attackspambots | SmallBizIT.US 4 packets to tcp(2278,3378,22784,22787) |
2020-06-02 12:25:17 |
| 124.156.134.36 | attackbots | 2020-06-01T20:13:31.876874randservbullet-proofcloud-66.localdomain sshd[16352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.134.36 user=root 2020-06-01T20:13:34.579895randservbullet-proofcloud-66.localdomain sshd[16352]: Failed password for root from 124.156.134.36 port 48486 ssh2 2020-06-01T20:15:25.599100randservbullet-proofcloud-66.localdomain sshd[16368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.134.36 user=root 2020-06-01T20:15:27.950996randservbullet-proofcloud-66.localdomain sshd[16368]: Failed password for root from 124.156.134.36 port 48414 ssh2 ... |
2020-06-02 08:20:33 |
| 5.196.198.147 | attackbots | Jun 1 22:12:53 s1 sshd\[1110\]: User root from 5.196.198.147 not allowed because not listed in AllowUsers Jun 1 22:12:53 s1 sshd\[1110\]: Failed password for invalid user root from 5.196.198.147 port 42686 ssh2 Jun 1 22:14:16 s1 sshd\[2775\]: User root from 5.196.198.147 not allowed because not listed in AllowUsers Jun 1 22:14:16 s1 sshd\[2775\]: Failed password for invalid user root from 5.196.198.147 port 37078 ssh2 Jun 1 22:15:33 s1 sshd\[5293\]: User root from 5.196.198.147 not allowed because not listed in AllowUsers Jun 1 22:15:33 s1 sshd\[5293\]: Failed password for invalid user root from 5.196.198.147 port 59700 ssh2 ... |
2020-06-02 08:15:30 |
| 185.201.13.126 | attackspam | Jun 2 06:48:39 pkdns2 sshd\[48343\]: Address 185.201.13.126 maps to cust.tanet.cz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jun 2 06:48:41 pkdns2 sshd\[48343\]: Failed password for root from 185.201.13.126 port 50174 ssh2Jun 2 06:52:16 pkdns2 sshd\[48529\]: Address 185.201.13.126 maps to cust.tanet.cz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jun 2 06:52:18 pkdns2 sshd\[48529\]: Failed password for root from 185.201.13.126 port 52466 ssh2Jun 2 06:55:49 pkdns2 sshd\[48704\]: Address 185.201.13.126 maps to cust.tanet.cz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jun 2 06:55:50 pkdns2 sshd\[48704\]: Failed password for root from 185.201.13.126 port 54757 ssh2 ... |
2020-06-02 12:30:24 |
| 58.27.240.253 | attackbotsspam | Unauthorized connection attempt from IP address 58.27.240.253 on Port 445(SMB) |
2020-06-02 08:20:10 |
| 179.40.43.1 | attack | web-1 [ssh] SSH Attack |
2020-06-02 12:28:16 |
| 122.165.247.254 | attackspam | " " |
2020-06-02 08:25:36 |
| 68.183.110.49 | attackbotsspam | Jun 2 05:53:06 buvik sshd[26302]: Failed password for root from 68.183.110.49 port 46518 ssh2 Jun 2 05:56:26 buvik sshd[26735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.110.49 user=root Jun 2 05:56:27 buvik sshd[26735]: Failed password for root from 68.183.110.49 port 50408 ssh2 ... |
2020-06-02 12:05:26 |
| 222.186.15.115 | attackspambots | Jun 2 06:03:34 vps639187 sshd\[30086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Jun 2 06:03:37 vps639187 sshd\[30086\]: Failed password for root from 222.186.15.115 port 53532 ssh2 Jun 2 06:03:38 vps639187 sshd\[30086\]: Failed password for root from 222.186.15.115 port 53532 ssh2 ... |
2020-06-02 12:04:22 |
| 104.248.143.177 | attack | SSH / Telnet Brute Force Attempts on Honeypot |
2020-06-02 08:17:56 |
| 158.255.27.233 | attackbotsspam | Brute-force attempt banned |
2020-06-02 08:25:21 |
| 190.207.154.246 | attackbotsspam | Unauthorized connection attempt from IP address 190.207.154.246 on Port 445(SMB) |
2020-06-02 08:22:17 |
| 173.82.245.244 | attackbots | spam |
2020-06-02 12:19:10 |
| 109.244.101.169 | attackbotsspam | Jun 2 06:08:07 legacy sshd[10871]: Failed password for root from 109.244.101.169 port 37454 ssh2 Jun 2 06:10:07 legacy sshd[10924]: Failed password for root from 109.244.101.169 port 34644 ssh2 ... |
2020-06-02 12:13:38 |
| 78.46.99.254 | attackbots | 20 attempts against mh-misbehave-ban on plane |
2020-06-02 12:21:14 |