城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '27.224.0.0 - 27.227.255.255'
% Abuse contact for '27.224.0.0 - 27.227.255.255' is 'anti-spam@chinatelecom.cn'
inetnum: 27.224.0.0 - 27.227.255.255
netname: CHINANET-GS
descr: CHINANET Gansu province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: XZ37-AP
tech-c: XZ37-AP
abuse-c: AC1573-AP
status: ALLOCATED PORTABLE
remarks: service provider
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
notify: yangmy@public.lz.gs.cn
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GS
mnt-routes: MAINT-CHINANET-GS
mnt-irt: IRT-CHINANET-CN
last-modified: 2021-06-15T08:06:19Z
source: APNIC
irt: IRT-CHINANET-CN
address: No.31 ,jingrong street,beijing
address: 100032
e-mail: anti-spam@chinatelecom.cn
abuse-mailbox: anti-spam@chinatelecom.cn
admin-c: CH93-AP
tech-c: CH93-AP
auth: # Filtered
remarks: anti-spam@chinatelecom.cn was validated on 2026-05-21
mnt-by: MAINT-CHINANET
last-modified: 2026-05-21T01:31:36Z
source: APNIC
role: ABUSE CHINANETCN
country: ZZ
address: No.31 ,jingrong street,beijing
address: 100032
phone: +000000000
e-mail: anti-spam@chinatelecom.cn
admin-c: CH93-AP
tech-c: CH93-AP
nic-hdl: AC1573-AP
remarks: Generated from irt object IRT-CHINANET-CN
remarks: anti-spam@chinatelecom.cn was validated on 2026-05-21
abuse-mailbox: anti-spam@chinatelecom.cn
mnt-by: APNIC-ABUSE
last-modified: 2026-05-21T01:32:00Z
source: APNIC
person: Xubo Zhang
address: Floor33 Zhongyin Tower,No.22 Luoyuan Road,
address: JINAN,CHINA
country: CN
phone: +86-0531-6995471
fax-no: +86-0531-6995478
e-mail: zzz@jinan.cngb.com.cn
nic-hdl: XZ37-AP
mnt-by: MAINT-CHINAGBN-AP
last-modified: 2008-09-04T07:29:53Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5)
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 27.225.137.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59698
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;27.225.137.202. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026070302 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 10:28:38 CST 2026
;; MSG SIZE rcvd: 107
Host 202.137.225.27.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 202.137.225.27.in-addr.arpa: NXDOMAIN
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 121.164.31.163 | attackspambots | Dec 14 11:20:40 MK-Soft-VM6 sshd[18936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.164.31.163 Dec 14 11:20:41 MK-Soft-VM6 sshd[18936]: Failed password for invalid user huasheng from 121.164.31.163 port 41242 ssh2 ... |
2019-12-14 18:43:59 |
| 42.117.128.240 | attack | Dec 14 07:26:03 vmd46246 kernel: [216143.363128] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:23:91:08:00 SRC=42.117.128.240 DST=144.91.112.181 LEN=40 TOS=0x00 PREC=0x00 TTL=56 ID=13363 PROTO=TCP SPT=50213 DPT=23 WINDOW=61973 RES=0x00 SYN URGP=0 Dec 14 07:26:03 vmd46246 kernel: [216143.420914] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:23:91:08:00 SRC=42.117.128.240 DST=144.91.112.181 LEN=40 TOS=0x00 PREC=0x00 TTL=56 ID=13363 PROTO=TCP SPT=50213 DPT=23 WINDOW=61973 RES=0x00 SYN URGP=0 Dec 14 07:26:03 vmd46246 kernel: [216143.423610] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:23:91:08:00 SRC=42.117.128.240 DST=144.91.112.181 LEN=40 TOS=0x00 PREC=0x00 TTL=56 ID=13363 PROTO=TCP SPT=50213 DPT=23 WINDOW=61973 RES=0x00 SYN URGP=0 ... |
2019-12-14 18:19:55 |
| 185.200.118.36 | attackbotsspam | Port scan: Attack repeated for 24 hours |
2019-12-14 18:25:07 |
| 81.19.251.66 | attackbotsspam | Dec 14 10:47:41 MK-Soft-VM5 sshd[12781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.19.251.66 Dec 14 10:47:42 MK-Soft-VM5 sshd[12781]: Failed password for invalid user php5 from 81.19.251.66 port 9137 ssh2 ... |
2019-12-14 18:27:38 |
| 71.6.158.166 | attack | 71.6.158.166 was recorded 9 times by 9 hosts attempting to connect to the following ports: 8081,9944,81,9295,20547,465,9443,84,80. Incident counter (4h, 24h, all-time): 9, 52, 1738 |
2019-12-14 18:23:24 |
| 173.236.144.82 | attackbots | 173.236.144.82 - - [14/Dec/2019:06:25:43 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.144.82 - - [14/Dec/2019:06:25:43 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-12-14 18:39:51 |
| 111.231.82.143 | attackbots | Dec 14 11:01:39 sd-53420 sshd\[11162\]: Invalid user saniah from 111.231.82.143 Dec 14 11:01:39 sd-53420 sshd\[11162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.82.143 Dec 14 11:01:41 sd-53420 sshd\[11162\]: Failed password for invalid user saniah from 111.231.82.143 port 52076 ssh2 Dec 14 11:07:53 sd-53420 sshd\[11523\]: Invalid user jehan from 111.231.82.143 Dec 14 11:07:53 sd-53420 sshd\[11523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.82.143 ... |
2019-12-14 18:09:19 |
| 80.185.214.123 | attack | SSH login attempts |
2019-12-14 18:39:04 |
| 164.132.111.76 | attack | Dec 14 12:13:19 sauna sshd[74259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.111.76 Dec 14 12:13:22 sauna sshd[74259]: Failed password for invalid user thibadeau from 164.132.111.76 port 51512 ssh2 ... |
2019-12-14 18:29:10 |
| 196.202.19.245 | attack | MultiHost/MultiPort Probe, Scan, Hack - |
2019-12-14 18:18:53 |
| 51.91.97.197 | attackspambots | /var/log/messages:Dec 12 19:02:57 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1576177377.532:21204): pid=20017 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=20018 suid=74 rport=56788 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=51.91.97.197 terminal=? res=success' /var/log/messages:Dec 12 19:02:57 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1576177377.536:21205): pid=20017 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=20018 suid=74 rport=56788 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=51.91.97.197 terminal=? res=success' /var/log/messages:Dec 12 19:02:58 sanyalnet-cloud-vps fail2ban.filter[26948]: INFO [sshd] Found ........ ------------------------------- |
2019-12-14 18:41:42 |
| 82.112.45.67 | attackbotsspam | 1576304759 - 12/14/2019 07:25:59 Host: 82.112.45.67/82.112.45.67 Port: 445 TCP Blocked |
2019-12-14 18:22:56 |
| 42.113.232.193 | attackspam | MultiHost/MultiPort Probe, Scan, Hack - |
2019-12-14 18:15:48 |
| 49.88.112.116 | attackspam | Dec 14 07:25:31 vmd17057 sshd\[6348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Dec 14 07:25:34 vmd17057 sshd\[6348\]: Failed password for root from 49.88.112.116 port 14380 ssh2 Dec 14 07:25:35 vmd17057 sshd\[6348\]: Failed password for root from 49.88.112.116 port 14380 ssh2 ... |
2019-12-14 18:47:44 |
| 167.99.202.143 | attackbotsspam | Dec 14 11:11:23 cvbnet sshd[27802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.202.143 Dec 14 11:11:25 cvbnet sshd[27802]: Failed password for invalid user naomi from 167.99.202.143 port 38910 ssh2 ... |
2019-12-14 18:13:14 |