城市(city): Quanzhou
省份(region): Fujian
国家(country): China
运营商(isp): China Mobile
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '112.0.0.0 - 112.63.255.255'
% Abuse contact for '112.0.0.0 - 112.63.255.255' is 'abuse@chinamobile.com'
inetnum: 112.0.0.0 - 112.63.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
org: ORG-CM1-AP
admin-c: ct74-AP
tech-c: HL1318-AP
status: ALLOCATED PORTABLE
abuse-c: AC2006-AP
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
mnt-routes: MAINT-CN-CMCC
mnt-irt: IRT-CHINAMOBILE-CN
last-modified: 2026-05-22T03:50:58Z
source: APNIC
irt: IRT-CHINAMOBILE-CN
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
e-mail: abuse@chinamobile.com
abuse-mailbox: abuse@chinamobile.com
admin-c: CT74-AP
tech-c: CT74-AP
auth: # Filtered
remarks: abuse@chinamobile.com was validated on 2026-03-23
mnt-by: MAINT-CN-CMCC
last-modified: 2026-03-23T00:47:53Z
source: APNIC
organisation: ORG-CM1-AP
org-name: China Mobile
org-type: LIR
country: CN
address: 29, Jinrong Ave.
phone: +86-10-5268-6688
fax-no: +86-10-5261-6187
e-mail: hostmaster@chinamobile.com
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:14:48Z
source: APNIC
role: ABUSE CHINAMOBILECN
country: ZZ
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
phone: +000000000
e-mail: abuse@chinamobile.com
admin-c: CT74-AP
tech-c: CT74-AP
nic-hdl: AC2006-AP
remarks: Generated from irt object IRT-CHINAMOBILE-CN
remarks: abuse@chinamobile.com was validated on 2026-03-23
abuse-mailbox: abuse@chinamobile.com
mnt-by: APNIC-ABUSE
last-modified: 2026-03-23T00:48:02Z
source: APNIC
role: chinamobile tech
address: 29, Jinrong Ave.,Xicheng district
address: Beijing
country: CN
phone: +86 5268 6688
fax-no: +86 5261 6187
e-mail: hostmaster@chinamobile.com
admin-c: HL1318-AP
tech-c: HL1318-AP
nic-hdl: ct74-AP
notify: hostmaster@chinamobile.com
mnt-by: MAINT-cn-cmcc
abuse-mailbox: abuse@chinamobile.com
last-modified: 2016-11-29T09:37:27Z
source: APNIC
person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 1052686688
fax-no: +86 10 52616187
country: CN
mnt-by: MAINT-CN-CMCC
abuse-mailbox: abuse@chinamobile.com
last-modified: 2016-11-29T09:38:38Z
source: APNIC
% Information related to '112.40.0.0/13AS9808'
route: 112.40.0.0/13
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
last-modified: 2009-10-20T07:00:15Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.47.207.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;112.47.207.246. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026070300 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 03 14:44:59 CST 2026
;; MSG SIZE rcvd: 107
Host 246.207.47.112.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 246.207.47.112.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 121.141.5.199 | attackspambots | Triggered by Fail2Ban at Ares web server |
2019-07-08 08:11:10 |
| 194.93.39.255 | attackbotsspam | WordPress XMLRPC scan :: 194.93.39.255 4.228 BYPASS [08/Jul/2019:09:14:04 1000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 382 "https://www.[censored_1]/" "PHP/5.2.73" |
2019-07-08 07:47:33 |
| 92.242.255.49 | attackbots | proto=tcp . spt=48721 . dpt=25 . (listed on Blocklist de Jul 07) (28) |
2019-07-08 07:39:26 |
| 218.64.25.1 | attackbots | Jul 6 16:38:51 eola postfix/smtpd[32301]: warning: hostname 1.25.64.218.broad.nc.jx.dynamic.163data.com.cn does not resolve to address 218.64.25.1: Name or service not known Jul 6 16:38:51 eola postfix/smtpd[32354]: warning: hostname 1.25.64.218.broad.nc.jx.dynamic.163data.com.cn does not resolve to address 218.64.25.1: Name or service not known Jul 6 16:38:51 eola postfix/smtpd[32301]: connect from unknown[218.64.25.1] Jul 6 16:38:51 eola postfix/smtpd[32354]: connect from unknown[218.64.25.1] Jul 6 16:38:52 eola postfix/smtpd[32354]: lost connection after AUTH from unknown[218.64.25.1] Jul 6 16:38:52 eola postfix/smtpd[32354]: disconnect from unknown[218.64.25.1] ehlo=1 auth=0/1 commands=1/2 Jul 6 16:38:52 eola postfix/smtpd[32354]: warning: hostname 1.25.64.218.broad.nc.jx.dynamic.163data.com.cn does not resolve to address 218.64.25.1: Name or service not known Jul 6 16:38:52 eola postfix/smtpd[32354]: connect from unknown[218.64.25.1] Jul 6 16:38:53 eola po........ ------------------------------- |
2019-07-08 07:55:38 |
| 134.209.38.215 | attackbotsspam | Wordpress XMLRPC attack |
2019-07-08 07:49:43 |
| 73.8.91.33 | attackbotsspam | Jul 8 01:14:16 ArkNodeAT sshd\[7294\]: Invalid user xavier from 73.8.91.33 Jul 8 01:14:16 ArkNodeAT sshd\[7294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.8.91.33 Jul 8 01:14:18 ArkNodeAT sshd\[7294\]: Failed password for invalid user xavier from 73.8.91.33 port 50796 ssh2 |
2019-07-08 07:40:23 |
| 167.86.109.221 | attack | 07.07.2019 23:13:23 HTTPs access blocked by firewall |
2019-07-08 08:07:35 |
| 49.69.35.169 | attackspam | Jul 2 20:38:45 pl3server sshd[2121851]: Invalid user admin from 49.69.35.169 Jul 2 20:38:45 pl3server sshd[2121851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.69.35.169 Jul 2 20:38:47 pl3server sshd[2121851]: Failed password for invalid user admin from 49.69.35.169 port 59185 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.69.35.169 |
2019-07-08 07:45:49 |
| 188.121.103.187 | attack | proto=tcp . spt=35498 . dpt=25 . (listed on Blocklist de Jul 07) (24) |
2019-07-08 07:46:29 |
| 117.0.200.240 | attackbotsspam | Unauthorised access (Jul 8) SRC=117.0.200.240 LEN=52 TTL=107 ID=15647 DF TCP DPT=445 WINDOW=8192 SYN |
2019-07-08 07:54:14 |
| 39.36.180.199 | attackbotsspam | TCP Port: 25 _ invalid blocked dnsbl-sorbs abuseat-org _ _ _ _ (5) |
2019-07-08 08:19:20 |
| 206.189.38.181 | attack | Jun 30 20:04:13 vpxxxxxxx22308 sshd[15251]: Invalid user admin from 206.189.38.181 Jun 30 20:04:13 vpxxxxxxx22308 sshd[15253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.38.181 user=r.r Jun 30 20:04:13 vpxxxxxxx22308 sshd[15251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.38.181 Jun 30 20:04:13 vpxxxxxxx22308 sshd[15252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.38.181 user=r.r Jun 30 20:04:14 vpxxxxxxx22308 sshd[15253]: Failed password for r.r from 206.189.38.181 port 46600 ssh2 Jun 30 20:04:15 vpxxxxxxx22308 sshd[15251]: Failed password for invalid user admin from 206.189.38.181 port 46604 ssh2 Jun 30 20:04:15 vpxxxxxxx22308 sshd[15252]: Failed password for r.r from 206.189.38.181 port 46602 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=206.189.38.181 |
2019-07-08 07:49:23 |
| 138.197.158.35 | attack | Jul 5 09:37:47 our-server-hostname postfix/smtpd[14749]: connect from unknown[138.197.158.35] Jul x@x Jul 5 09:37:48 our-server-hostname postfix/smtpd[14749]: lost connection after RCPT from unknown[138.197.158.35] Jul 5 09:37:48 our-server-hostname postfix/smtpd[14749]: disconnect from unknown[138.197.158.35] Jul 5 09:45:08 our-server-hostname postfix/smtpd[22344]: connect from unknown[138.197.158.35] Jul 5 09:45:09 our-server-hostname postfix/smtpd[22344]: NOQUEUE: reject: RCPT from unknown[138.197.158.35]: 554 5.7.1 Service unavailable; Client host [138.197.158.35] blocked using .... truncated .... 4:06 our-server-hostname postfix/smtpd[9351]: lost connection after RCPT from unknown[138.197.158.35] Jul 5 11:44:06 our-server-hostname postfix/smtpd[9351]: disconnect from unknown[138.197.158.35] Jul 5 12:26:44 our-server-hostname postfix/smtpd[29058]: connect from unknown[138.197.158.35] Jul x@x Jul 5 12:26:45 our-server-hostname postfix/smtpd[29058]: lost conn........ ------------------------------- |
2019-07-08 07:44:36 |
| 27.209.4.7 | attackbots | Telnet Server BruteForce Attack |
2019-07-08 07:46:06 |
| 49.66.133.191 | attack | Jul 3 13:38:13 riskplan-s sshd[2175]: Invalid user gentry from 49.66.133.191 Jul 3 13:38:13 riskplan-s sshd[2175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.66.133.191 Jul 3 13:38:14 riskplan-s sshd[2175]: Failed password for invalid user gentry from 49.66.133.191 port 25349 ssh2 Jul 3 13:38:15 riskplan-s sshd[2175]: Received disconnect from 49.66.133.191: 11: Bye Bye [preauth] Jul 3 13:41:18 riskplan-s sshd[2382]: Invalid user cloud from 49.66.133.191 Jul 3 13:41:18 riskplan-s sshd[2382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.66.133.191 Jul 3 13:41:19 riskplan-s sshd[2382]: Failed password for invalid user cloud from 49.66.133.191 port 24855 ssh2 Jul 3 13:41:20 riskplan-s sshd[2382]: Received disconnect from 49.66.133.191: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.66.133.191 |
2019-07-08 08:11:44 |