City: Nanjing
Region: Jiangsu
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 129.211.0.0 - 129.211.255.255
CIDR: 129.211.0.0/16
NetName: APNIC
NetHandle: NET-129-211-0-0-1
Parent: NET129 (NET-129-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2018-01-02
Updated: 2018-01-02
Ref: https://rdap.arin.net/registry/ip/129.211.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '129.211.0.0 - 129.211.255.255'
% Abuse contact for '129.211.0.0 - 129.211.255.255' is 'tencent_idc@tencent.com'
inetnum: 129.211.0.0 - 129.211.255.255
netname: TENCENT-CN
descr: Tencent Cloud Computing (Beijing) Co., Ltd
descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District
country: CN
org: ORG-TCCC1-AP
admin-c: CA354-AP
tech-c: CA354-AP
abuse-c: AC2043-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-COMSENZ1-CN
mnt-routes: MAINT-COMSENZ1-CN
mnt-irt: IRT-COMSENZ-CN
last-modified: 2020-07-22T13:16:01Z
source: APNIC
irt: IRT-COMSENZ-CN
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
e-mail: tencent_idc@tencent.com
abuse-mailbox: tencent_idc@tencent.com
admin-c: CA353-AP
tech-c: CA353-AP
auth: # Filtered
remarks: tencent_idc@tencent.com was validated on 2026-02-10
mnt-by: MAINT-COMSENZ-CN
last-modified: 2026-02-10T05:39:14Z
source: APNIC
organisation: ORG-TCCC1-AP
org-name: Tencent Cloud Computing (Beijing) Co., Ltd
org-type: LIR
country: CN
address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District.
phone: +86-10-62671299
fax-no: +86-10-82602088-41299
e-mail: tencent_idc@tencent.com
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:16:21Z
source: APNIC
role: ABUSE COMSENZCN
country: ZZ
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
phone: +000000000
e-mail: tencent_idc@tencent.com
admin-c: CA353-AP
tech-c: CA353-AP
nic-hdl: AC2043-AP
remarks: Generated from irt object IRT-COMSENZ-CN
remarks: tencent_idc@tencent.com was validated on 2026-02-10
abuse-mailbox: tencent_idc@tencent.com
mnt-by: APNIC-ABUSE
last-modified: 2026-02-10T06:06:40Z
source: APNIC
role: Comsenz administrator
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
country: CN
phone: +86-10-62671299
fax-no: +86-10-62671299
e-mail: qcloud_net_duty@tencent.com
admin-c: CA354-AP
tech-c: CA354-AP
nic-hdl: CA354-AP
mnt-by: MAINT-COMSENZ1-CN
last-modified: 2019-03-11T10:40:06Z
source: APNIC
% Information related to '129.211.0.0/16AS45090'
route: 129.211.0.0/16
origin: AS45090
descr: Tencent Cloud Computing (Beijing) Co., Ltd
309 West Zone, 3F. 49 Zhichun Road. Haidian District.
mnt-by: MAINT-COMSENZ1-CN
last-modified: 2018-01-17T08:23:35Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.211.229.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61572
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;129.211.229.121. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026061301 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 14 12:30:24 CST 2026
;; MSG SIZE rcvd: 108Host 121.229.211.129.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 121.229.211.129.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.100.209.172 | attackspam | SSH authentication failure x 6 reported by Fail2Ban ... |
2020-08-04 01:28:32 |
| 176.92.143.143 | attackspam | Telnet Server BruteForce Attack |
2020-08-04 01:21:44 |
| 122.202.32.70 | attackbots | 2020-08-04T00:04:18.152234hostname sshd[76388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.202.32.70 user=root 2020-08-04T00:04:20.842138hostname sshd[76388]: Failed password for root from 122.202.32.70 port 53694 ssh2 ... |
2020-08-04 01:19:37 |
| 54.39.133.91 | attackspambots | firewall-block, port(s): 32677/tcp |
2020-08-04 01:25:53 |
| 222.186.30.35 | attack | Aug 3 19:25:43 vps sshd[949835]: Failed password for root from 222.186.30.35 port 36069 ssh2 Aug 3 19:25:45 vps sshd[949835]: Failed password for root from 222.186.30.35 port 36069 ssh2 Aug 3 19:25:49 vps sshd[950433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root Aug 3 19:25:51 vps sshd[950433]: Failed password for root from 222.186.30.35 port 26573 ssh2 Aug 3 19:25:52 vps sshd[950433]: Failed password for root from 222.186.30.35 port 26573 ssh2 ... |
2020-08-04 01:30:10 |
| 114.35.16.46 | attack | Port Scan detected! ... |
2020-08-04 01:13:36 |
| 103.199.162.153 | attackspambots | Aug 3 14:19:01 prox sshd[22880]: Failed password for root from 103.199.162.153 port 36492 ssh2 |
2020-08-04 01:49:09 |
| 157.245.108.109 | attack | 2020-08-03T15:31:35.026809vps773228.ovh.net sshd[2937]: Failed password for root from 157.245.108.109 port 37238 ssh2 2020-08-03T15:36:11.319689vps773228.ovh.net sshd[2968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.108.109 user=root 2020-08-03T15:36:13.767802vps773228.ovh.net sshd[2968]: Failed password for root from 157.245.108.109 port 49250 ssh2 2020-08-03T15:40:41.897984vps773228.ovh.net sshd[2988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.108.109 user=root 2020-08-03T15:40:44.072942vps773228.ovh.net sshd[2988]: Failed password for root from 157.245.108.109 port 33028 ssh2 ... |
2020-08-04 01:55:42 |
| 114.236.209.5 | attackspambots | 20 attempts against mh-ssh on float |
2020-08-04 01:26:57 |
| 195.214.160.197 | attackbotsspam | Aug 3 18:39:37 debian-2gb-nbg1-2 kernel: \[18731247.079605\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.214.160.197 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=41413 PROTO=TCP SPT=41073 DPT=25071 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-08-04 01:13:10 |
| 36.27.76.216 | attack | Lines containing failures of 36.27.76.216 Aug 3 14:14:12 localhost sshd[16288]: Bad protocol version identification '' from 36.27.76.216 port 60161 Aug 3 14:14:14 localhost sshd[16289]: User r.r from 36.27.76.216 not allowed because not listed in AllowUsers Aug 3 14:14:14 localhost sshd[16289]: Connection closed by invalid user r.r 36.27.76.216 port 60350 [preauth] Aug 3 14:14:15 localhost sshd[16291]: User r.r from 36.27.76.216 not allowed because not listed in AllowUsers Aug 3 14:14:15 localhost sshd[16291]: Connection closed by invalid user r.r 36.27.76.216 port 60876 [preauth] Aug 3 14:14:17 localhost sshd[16293]: User r.r from 36.27.76.216 not allowed because not listed in AllowUsers Aug 3 14:14:17 localhost sshd[16293]: Connection closed by invalid user r.r 36.27.76.216 port 33057 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=36.27.76.216 |
2020-08-04 01:29:04 |
| 217.182.77.186 | attack | 2020-08-03T10:23:19.8598421495-001 sshd[22501]: Invalid user PA5sword from 217.182.77.186 port 46770 2020-08-03T10:23:22.2079171495-001 sshd[22501]: Failed password for invalid user PA5sword from 217.182.77.186 port 46770 ssh2 2020-08-03T10:26:35.6475381495-001 sshd[22672]: Invalid user dqwkqk7417 from 217.182.77.186 port 42734 2020-08-03T10:26:35.6507381495-001 sshd[22672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.ip-217-182-77.eu 2020-08-03T10:26:35.6475381495-001 sshd[22672]: Invalid user dqwkqk7417 from 217.182.77.186 port 42734 2020-08-03T10:26:37.3473291495-001 sshd[22672]: Failed password for invalid user dqwkqk7417 from 217.182.77.186 port 42734 ssh2 ... |
2020-08-04 01:20:45 |
| 167.99.75.240 | attackbotsspam | Aug 3 19:33:49 jane sshd[26573]: Failed password for root from 167.99.75.240 port 56720 ssh2 ... |
2020-08-04 01:55:30 |
| 124.117.100.236 | attackbotsspam | Aug 3 14:54:51 hni-server sshd[23729]: Bad protocol version identification '' from 124.117.100.236 port 41595 Aug 3 15:17:54 hni-server sshd[2110]: User r.r from 124.117.100.236 not allowed because not listed in AllowUsers Aug 3 15:17:55 hni-server sshd[2110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.117.100.236 user=r.r Aug 3 15:17:58 hni-server sshd[2110]: Failed password for invalid user r.r from 124.117.100.236 port 36491 ssh2 Aug 3 15:17:58 hni-server sshd[2110]: Connection closed by 124.117.100.236 port 36491 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=124.117.100.236 |
2020-08-04 01:30:36 |
| 59.127.152.203 | attackspambots | Aug 3 16:27:42 dev0-dcde-rnet sshd[26761]: Failed password for root from 59.127.152.203 port 60388 ssh2 Aug 3 16:32:55 dev0-dcde-rnet sshd[26795]: Failed password for root from 59.127.152.203 port 44458 ssh2 |
2020-08-04 01:46:28 |