城市(city): Zhengzhou
省份(region): Henan
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 171.11.254.110 | attackspam | 1588249430 - 04/30/2020 14:23:50 Host: 171.11.254.110/171.11.254.110 Port: 445 TCP Blocked |
2020-05-01 04:40:08 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '171.8.0.0 - 171.15.255.255'
% Abuse contact for '171.8.0.0 - 171.15.255.255' is 'anti-spam@chinatelecom.cn'
inetnum: 171.8.0.0 - 171.15.255.255
netname: CHINANET-HA
descr: CHINANET henan province network
descr: henan Telecom Corporation
descr: 97 # Zhongyuan Street, Zhengzhou,henan,China
country: CN
admin-c: HZ149-AP
tech-c: HZ149-AP
abuse-c: AC1573-AP
status: ALLOCATED PORTABLE
remarks: Henan Telecom Corporation hostmaster
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-HA
mnt-routes: MAINT-CHINANET-HA
mnt-irt: IRT-CHINANET-CN
last-modified: 2021-06-15T08:05:58Z
source: APNIC
irt: IRT-CHINANET-CN
address: No.31 ,jingrong street,beijing
address: 100032
e-mail: anti-spam@chinatelecom.cn
abuse-mailbox: anti-spam@chinatelecom.cn
admin-c: CH93-AP
tech-c: CH93-AP
auth: # Filtered
remarks: anti-spam@chinatelecom.cn was validated on 2026-05-21
mnt-by: MAINT-CHINANET
last-modified: 2026-05-21T01:31:36Z
source: APNIC
role: ABUSE CHINANETCN
country: ZZ
address: No.31 ,jingrong street,beijing
address: 100032
phone: +000000000
e-mail: anti-spam@chinatelecom.cn
admin-c: CH93-AP
tech-c: CH93-AP
nic-hdl: AC1573-AP
remarks: Generated from irt object IRT-CHINANET-CN
remarks: anti-spam@chinatelecom.cn was validated on 2026-05-21
abuse-mailbox: anti-spam@chinatelecom.cn
mnt-by: APNIC-ABUSE
last-modified: 2026-05-21T01:32:00Z
source: APNIC
person: Hongbiao Zhang
nic-hdl: HZ149-AP
e-mail: ip@hntele.com
address: 97# Zhongyuan Street, Zhengzhou City, China
phone: +86 371 65310018
fax-no: +86 371 65310015
country: CN
mnt-by: MAINT-CHINANET-HA
last-modified: 2008-09-04T07:29:40Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 171.11.254.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31684
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;171.11.254.239. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026070300 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 03 16:26:42 CST 2026
;; MSG SIZE rcvd: 107
239.254.11.171.in-addr.arpa domain name pointer 11.171.broad.ha.dynamic.163data.com.cn.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
239.254.11.171.in-addr.arpa name = 11.171.broad.ha.dynamic.163data.com.cn.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 209.17.96.114 | attack | IP: 209.17.96.114
Ports affected
HTTP protocol over TLS/SSL (443)
Abuse Confidence rating 100%
Found in DNSBL('s)
ASN Details
AS174 COGENT-174
United States (US)
CIDR 209.17.96.0/20
Log Date: 5/08/2020 11:00:32 AM UTC |
2020-08-06 02:33:42 |
| 2001:19f0:6001:1ba8:5400:2ff:fecc:2fff | attackbots | Automatically reported by fail2ban report script (mx1) |
2020-08-06 02:28:10 |
| 101.50.57.47 | attackbots | 20/8/5@08:12:50: FAIL: Alarm-Network address from=101.50.57.47 ... |
2020-08-06 02:55:13 |
| 194.44.243.186 | attackbotsspam | Password spray |
2020-08-06 02:50:51 |
| 39.57.53.55 | attackspam | Fail2Ban Ban Triggered |
2020-08-06 02:41:26 |
| 164.132.225.151 | attackspam | leo_www |
2020-08-06 02:47:18 |
| 113.86.136.243 | attackbotsspam | IP reached maximum auth failures |
2020-08-06 03:02:22 |
| 213.32.70.208 | attack | SSH auth scanning - multiple failed logins |
2020-08-06 02:25:29 |
| 91.134.240.130 | attackspambots | Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-05T12:22:20Z and 2020-08-05T12:34:13Z |
2020-08-06 02:39:56 |
| 200.198.180.178 | attackspam | Aug 5 18:48:15 choloepus sshd[6078]: Did not receive identification string from 200.198.180.178 port 54811 Aug 5 18:49:14 choloepus sshd[6460]: Invalid user miner from 200.198.180.178 port 52073 Aug 5 18:49:14 choloepus sshd[6460]: Disconnected from invalid user miner 200.198.180.178 port 52073 [preauth] ... |
2020-08-06 02:25:53 |
| 222.186.175.167 | attack | Aug 5 20:27:56 amit sshd\[443\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Aug 5 20:27:58 amit sshd\[443\]: Failed password for root from 222.186.175.167 port 63226 ssh2 Aug 5 20:28:01 amit sshd\[443\]: Failed password for root from 222.186.175.167 port 63226 ssh2 ... |
2020-08-06 02:30:24 |
| 37.49.224.192 | attack | Aug 5 18:42:09 scw-focused-cartwright sshd[22372]: Failed password for root from 37.49.224.192 port 42402 ssh2 |
2020-08-06 02:49:51 |
| 110.49.70.242 | attack | SSH authentication failure x 6 reported by Fail2Ban ... |
2020-08-06 02:51:51 |
| 118.47.80.245 | attackbotsspam | Aug 5 14:13:25 debian-2gb-nbg1-2 kernel: \[18888066.434164\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=118.47.80.245 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=36438 PROTO=TCP SPT=14889 DPT=9530 WINDOW=810 RES=0x00 SYN URGP=0 |
2020-08-06 02:36:12 |
| 13.125.138.70 | attackspambots | "XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES: |
2020-08-06 02:41:52 |