城市(city): Guiyang
省份(region): Guizhou
国家(country): China
运营商(isp): China Unicom
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '220.192.0.0 - 220.207.255.255'
% Abuse contact for '220.192.0.0 - 220.207.255.255' is 'zhaoyz3@chinaunicom.cn'
inetnum: 220.192.0.0 - 220.207.255.255
netname: UNICOM
descr: China Unicom
descr: No.21 Financial Street,Xicheng District,
descr: Beijing 100140 ,P.R.China
country: CN
admin-c: YW6851-AP
tech-c: YW6851-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-UNICOM-CN
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNCGROUP-RR
last-modified: 2023-11-28T00:57:29Z
source: APNIC
irt: IRT-UNICOM-CN
address: No.21 Financial Street,Xicheng District,
address: Beijing 100140 ,P.R.China
e-mail: zhaoyz3@chinaunicom.cn
abuse-mailbox: zhaoyz3@chinaunicom.cn
admin-c: YW6851-AP
tech-c: YW6851-AP
auth: # Filtered
remarks: zhaoyz3@chinaunicom.cn was validated on 2026-05-08
mnt-by: MAINT-CNNIC-AP
last-modified: 2026-05-08T01:30:43Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Yuzhen Zhao
address: No.21 Financial Street,Xicheng District,
address: Beijing 100140 ,P.R.China
country: CN
phone: +86-10-66258500
fax-no: +86-10-66259626
e-mail: zhaoyz3@chinaunicom.cn
e-mail: hqs-ipabuse@chinaunicom.cn
nic-hdl: YW6851-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-09-21T03:48:02Z
source: APNIC
% Information related to '220.192.0.0/12AS4837'
route: 220.192.0.0/12
descr: China Unicom Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2011-12-13T01:08:02Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.197.78.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;220.197.78.50. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026060500 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 05 20:01:39 CST 2026
;; MSG SIZE rcvd: 106Host 50.78.197.220.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 50.78.197.220.in-addr.arpa: SERVFAIL| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 45.133.99.8 | attack | Mar 31 21:36:32 mail.srvfarm.net postfix/smtpd[755176]: lost connection after CONNECT from unknown[45.133.99.8] Mar 31 21:36:34 mail.srvfarm.net postfix/smtps/smtpd[755165]: lost connection after CONNECT from unknown[45.133.99.8] Mar 31 21:36:35 mail.srvfarm.net postfix/smtpd[740062]: warning: unknown[45.133.99.8]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 31 21:36:35 mail.srvfarm.net postfix/smtpd[740062]: lost connection after AUTH from unknown[45.133.99.8] Mar 31 21:36:36 mail.srvfarm.net postfix/smtpd[755321]: warning: unknown[45.133.99.8]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-04-01 03:54:59 |
| 82.112.181.94 | attackspam | Honeypot attack, port: 445, PTR: ip-82-112-181-94.gtspskov.ru. |
2020-04-01 03:38:54 |
| 95.190.98.201 | attackbotsspam | $f2bV_matches |
2020-04-01 03:53:48 |
| 191.242.167.142 | attackbots | port scan and connect, tcp 8080 (http-proxy) |
2020-04-01 04:06:16 |
| 198.245.53.163 | attackspambots | (sshd) Failed SSH login from 198.245.53.163 (CA/Canada/163.ip-198-245-53.net): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 31 21:28:44 ubnt-55d23 sshd[21605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.53.163 user=root Mar 31 21:28:47 ubnt-55d23 sshd[21605]: Failed password for root from 198.245.53.163 port 37256 ssh2 |
2020-04-01 03:35:46 |
| 58.87.120.53 | attackspam | 2020-03-31T14:23:56.212681vps773228.ovh.net sshd[24816]: Failed password for root from 58.87.120.53 port 46118 ssh2 2020-03-31T14:26:23.092690vps773228.ovh.net sshd[25742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.120.53 user=root 2020-03-31T14:26:25.362110vps773228.ovh.net sshd[25742]: Failed password for root from 58.87.120.53 port 46794 ssh2 2020-03-31T14:28:41.253937vps773228.ovh.net sshd[26560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.120.53 user=root 2020-03-31T14:28:43.466699vps773228.ovh.net sshd[26560]: Failed password for root from 58.87.120.53 port 47470 ssh2 ... |
2020-04-01 03:45:00 |
| 106.52.4.104 | attack | SSH invalid-user multiple login attempts |
2020-04-01 03:59:55 |
| 124.156.185.116 | attackspam | $f2bV_matches |
2020-04-01 03:54:34 |
| 178.149.114.79 | attack | $f2bV_matches |
2020-04-01 03:36:32 |
| 162.243.128.167 | attack | [Tue Mar 31 19:28:16.714075 2020] [:error] [pid 21852:tid 140271329814272] [client 162.243.128.167:44098] [client 162.243.128.167] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "55"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [data "Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "OWASP_CRS"] [tag "OWASP_CRS/AUTOMATION/SECURITY_SCANNER"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/portal/redlion"] [unique_id "XoM3YPf2@52nHUy5BB3ebQAAARA"] ... |
2020-04-01 03:58:28 |
| 104.40.55.46 | attack | Brute forcing RDP port 3389 |
2020-04-01 04:01:23 |
| 113.102.139.20 | attackbots | Unauthorized connection attempt detected from IP address 113.102.139.20 to port 445 |
2020-04-01 03:44:01 |
| 194.26.29.113 | attackspambots | Mar 31 20:59:36 debian-2gb-nbg1-2 kernel: \[7940228.110479\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.113 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=44199 PROTO=TCP SPT=42080 DPT=951 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-04-01 03:31:52 |
| 197.167.14.204 | attack | Unauthorized connection attempt detected from IP address 197.167.14.204 to port 8080 |
2020-04-01 03:32:40 |
| 213.230.67.32 | attack | SSH invalid-user multiple login try |
2020-04-01 03:52:36 |