Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Powerbooky

macrumors demi-god
Original poster
Mar 15, 2008
687
628
Europe
OK... for years I'm used to the sheer amount of attempts to find open ports on my IP address by Chinese bots/hackers each hour.

But today I saw something new in the firewall reports from my network. For some odd reason the HomePod mini's try to connect to a China Telecom CDN (datacenter). Why? We're in Europe, enough CDN's much closer.

Most IP's don't resolve to a hostname, but some do like this one: 202.209.221.60.adsl-pool.sx.cn
Not really a typical FQDN of a datacenter.

Here two address ranges that popped up in the firewall reports. Of course these were blocked immediately.

Code:
inetnum:        124.236.0.0 - 124.239.255.255
netname:        CHINANET-HE
descr:          CHINANET hebei province network
descr:          China Telecom
descr:          No.31,jingrong street
descr:          Beijing 100032
country:        CN
admin-c:        BR3-AP
tech-c:         CH93-AP
abuse-c:        AC1573-AP
status:         ALLOCATED PORTABLE

inetnum:        60.220.0.0 - 60.223.255.255
netname:        UNICOM-SX
descr:          China Unicom Shanxi Province Network
descr:          China Unicom
country:        CN
admin-c:        CH1302-AP
tech-c:         XH63-AP
remarks:        service provider
mnt-by:         APNIC-HM
mnt-lower:      MAINT-CNCGROUP-SX
mnt-routes:     MAINT-CNCGROUP-RR
status:         ALLOCATED PORTABLE

Anyone seen the same behaviour since HomePod OS 17.1?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.