城市(city): Nanjing
省份(region): Jiangsu
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 146.56.0.0 - 146.56.255.255
CIDR: 146.56.0.0/16
NetName: APNIC-ERX-146-56-0-0
NetHandle: NET-146-56-0-0-1
Parent: NET146 (NET-146-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-02-04
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/146.56.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '146.56.192.0 - 146.56.255.255'
% Abuse contact for '146.56.192.0 - 146.56.255.255' is 'tencent_noc@tencent.com'
inetnum: 146.56.192.0 - 146.56.255.255
netname: TENCENT-CN
descr: Tencent Cloud Computing (Beijing) Co., Ltd
descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District
country: CN
org: ORG-TCCC1-AP
admin-c: TCA15-AP
tech-c: TCA15-AP
abuse-c: AT992-AP
status: ALLOCATED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-TENCENT-CN
mnt-routes: MAINT-TENCENT-CN
mnt-irt: IRT-TENCENT-CN
last-modified: 2020-07-22T13:10:58Z
source: APNIC
irt: IRT-TENCENT-CN
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 10; <<>> DiG 9.10.3-P4-Ubuntu <<>> 146.56.252.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51868
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;146.56.252.4. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025101401 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 14 22:54:54 CST 2025
;; MSG SIZE rcvd: 105Host 4.252.56.146.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 4.252.56.146.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 179.43.110.87 | attackspam | firewall-block, port(s): 23/tcp |
2019-10-29 16:51:06 |
| 91.188.194.236 | attackspambots | slow and persistent scanner |
2019-10-29 16:13:34 |
| 51.75.18.215 | attack | Oct 29 08:23:16 localhost sshd\[16640\]: Invalid user simon@123 from 51.75.18.215 Oct 29 08:23:16 localhost sshd\[16640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.215 Oct 29 08:23:18 localhost sshd\[16640\]: Failed password for invalid user simon@123 from 51.75.18.215 port 52018 ssh2 Oct 29 08:27:06 localhost sshd\[16941\]: Invalid user P@$$w0rd2000 from 51.75.18.215 Oct 29 08:27:06 localhost sshd\[16941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.215 ... |
2019-10-29 16:30:55 |
| 173.255.250.131 | attack | SASL Brute Force |
2019-10-29 16:36:59 |
| 200.121.226.153 | attackbotsspam | Oct 28 19:02:52 eddieflores sshd\[17889\]: Invalid user bnpass from 200.121.226.153 Oct 28 19:02:52 eddieflores sshd\[17889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.121.226.153 Oct 28 19:02:54 eddieflores sshd\[17889\]: Failed password for invalid user bnpass from 200.121.226.153 port 52473 ssh2 Oct 28 19:07:59 eddieflores sshd\[18280\]: Invalid user 1234567 from 200.121.226.153 Oct 28 19:07:59 eddieflores sshd\[18280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.121.226.153 |
2019-10-29 16:27:18 |
| 217.68.209.233 | attack | slow and persistent scanner |
2019-10-29 16:32:40 |
| 123.207.40.70 | attackbots | Oct 29 00:47:19 home sshd[21693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.40.70 user=root Oct 29 00:47:21 home sshd[21693]: Failed password for root from 123.207.40.70 port 40326 ssh2 Oct 29 01:02:25 home sshd[21833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.40.70 user=root Oct 29 01:02:27 home sshd[21833]: Failed password for root from 123.207.40.70 port 39360 ssh2 Oct 29 01:08:26 home sshd[21873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.40.70 user=root Oct 29 01:08:28 home sshd[21873]: Failed password for root from 123.207.40.70 port 49142 ssh2 Oct 29 01:14:32 home sshd[21902]: Invalid user rtkit from 123.207.40.70 port 58940 Oct 29 01:14:32 home sshd[21902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.40.70 Oct 29 01:14:32 home sshd[21902]: Invalid user rtkit from 123.207.40.70 port 58940 |
2019-10-29 16:22:52 |
| 106.3.45.254 | attackbotsspam | firewall-block, port(s): 1433/tcp |
2019-10-29 16:52:20 |
| 222.212.90.32 | attackspambots | Oct 29 06:40:45 hcbbdb sshd\[30719\]: Invalid user zjxc8888 from 222.212.90.32 Oct 29 06:40:45 hcbbdb sshd\[30719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.212.90.32 Oct 29 06:40:47 hcbbdb sshd\[30719\]: Failed password for invalid user zjxc8888 from 222.212.90.32 port 23905 ssh2 Oct 29 06:46:13 hcbbdb sshd\[31296\]: Invalid user 123456 from 222.212.90.32 Oct 29 06:46:13 hcbbdb sshd\[31296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.212.90.32 |
2019-10-29 16:42:06 |
| 103.208.34.199 | attackspambots | Oct 29 06:25:41 server sshd\[6432\]: Invalid user internet123 from 103.208.34.199 port 59208 Oct 29 06:25:41 server sshd\[6432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.208.34.199 Oct 29 06:25:43 server sshd\[6432\]: Failed password for invalid user internet123 from 103.208.34.199 port 59208 ssh2 Oct 29 06:29:45 server sshd\[24260\]: Invalid user 121233 from 103.208.34.199 port 42054 Oct 29 06:29:45 server sshd\[24260\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.208.34.199 |
2019-10-29 16:47:35 |
| 185.143.221.55 | attackbotsspam | 10/29/2019-03:40:16.585970 185.143.221.55 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-10-29 16:47:08 |
| 106.12.33.50 | attackbots | SSH Brute-Force reported by Fail2Ban |
2019-10-29 16:44:03 |
| 138.197.221.114 | attackspambots | Oct 29 06:56:39 ns41 sshd[19643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 |
2019-10-29 16:26:04 |
| 203.230.6.175 | attackbotsspam | Oct 29 07:16:04 vps01 sshd[1079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.230.6.175 Oct 29 07:16:06 vps01 sshd[1079]: Failed password for invalid user essen from 203.230.6.175 port 35132 ssh2 |
2019-10-29 16:40:02 |
| 120.27.133.127 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/120.27.133.127/ CN - 1H : (739) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN37963 IP : 120.27.133.127 CIDR : 120.27.128.0/18 PREFIX COUNT : 303 UNIQUE IP COUNT : 6062848 ATTACKS DETECTED ASN37963 : 1H - 4 3H - 8 6H - 13 12H - 26 24H - 41 DateTime : 2019-10-29 04:50:21 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-10-29 16:42:39 |