City: Guangzhou
Region: Guangdong
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 139.159.0.0 - 139.159.255.255
CIDR: 139.159.0.0/16
NetName: APNIC-ERX-139-159-0-0
NetHandle: NET-139-159-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/139.159.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '139.159.128.0 - 139.159.255.255'
% Abuse contact for '139.159.128.0 - 139.159.255.255' is 'ipas@cnnic.cn'
inetnum: 139.159.128.0 - 139.159.255.255
netname: HWCSNET
descr: Huawei Public Cloud Service (Huawei Software Technologies Co.,Ltd)
descr: No.2018 Xuegang Road,Bantian street,Longgang District,
descr: Shenzhen,Guangdong Province, 518129 P.R.China
country: CN
admin-c: LL3172-AP
tech-c: GX1759-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
last-modified: 2022-04-18T05:47:37Z
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
remarks: ipas@cnnic.cn is invalid
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-17T23:08:37Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Gui xiaowei
address: HUAWEI CLOUD Data Center, Jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guizhou Province
country: CN
phone: +86-18566251984
e-mail: guixiaowei@huawei.com
nic-hdl: GX1759-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2022-04-18T05:32:41Z
source: APNIC
person: Liu Liqun
address: HUAWEI CLOUD Data Center, Jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guizhou Province
country: CN
phone: +86-13360099887
e-mail: liuliqun2@huawei.com
nic-hdl: LL3172-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2022-04-18T05:33:15Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.159.170.86
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 591
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.159.170.86. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026060302 1800 900 604800 86400
;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 04 09:58:54 CST 2026
;; MSG SIZE rcvd: 10786.170.159.139.in-addr.arpa domain name pointer ecs-139-159-170-86.compute.hwclouds-dns.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
86.170.159.139.in-addr.arpa name = ecs-139-159-170-86.compute.hwclouds-dns.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 3.16.183.132 | attackspam | mue-0 : Trying access unauthorized files=>/images/jdownloads/screenshots/update.php() |
2020-06-07 17:13:15 |
| 180.76.151.189 | attack | Jun 7 05:47:44 hell sshd[29642]: Failed password for root from 180.76.151.189 port 59182 ssh2 ... |
2020-06-07 16:47:40 |
| 39.59.15.132 | attackbots | IP 39.59.15.132 attacked honeypot on port: 8080 at 6/7/2020 4:50:38 AM |
2020-06-07 17:10:11 |
| 198.71.239.7 | attackspambots | Automatic report - XMLRPC Attack |
2020-06-07 17:25:49 |
| 162.243.138.76 | attackbotsspam | [portscan] tcp/1433 [MsSQL] *(RWIN=65535)(06070941) |
2020-06-07 17:26:05 |
| 112.161.78.70 | attackspam | <6 unauthorized SSH connections |
2020-06-07 17:24:08 |
| 212.129.17.32 | attackspam | Jun 7 06:51:06 debian kernel: [404425.755004] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=212.129.17.32 DST=89.252.131.35 LEN=442 TOS=0x00 PREC=0x00 TTL=49 ID=60913 DF PROTO=UDP SPT=5065 DPT=5060 LEN=422 |
2020-06-07 17:05:07 |
| 79.137.72.121 | attackbots | Jun 6 23:43:35 pixelmemory sshd[1063786]: Failed password for root from 79.137.72.121 port 39820 ssh2 Jun 6 23:47:19 pixelmemory sshd[1075296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.72.121 user=root Jun 6 23:47:21 pixelmemory sshd[1075296]: Failed password for root from 79.137.72.121 port 43890 ssh2 Jun 6 23:50:52 pixelmemory sshd[1085682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.72.121 user=root Jun 6 23:50:53 pixelmemory sshd[1085682]: Failed password for root from 79.137.72.121 port 47960 ssh2 ... |
2020-06-07 16:55:42 |
| 72.43.141.9 | attackspambots | Jun 7 07:40:56 vps647732 sshd[15942]: Failed password for root from 72.43.141.9 port 55026 ssh2 ... |
2020-06-07 17:00:27 |
| 152.254.225.212 | attackspam | Automatic report - Port Scan Attack |
2020-06-07 17:22:41 |
| 182.61.6.174 | attack | Jun 7 18:05:27 web1 sshd[30053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.6.174 user=root Jun 7 18:05:28 web1 sshd[30053]: Failed password for root from 182.61.6.174 port 40942 ssh2 Jun 7 18:19:10 web1 sshd[1175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.6.174 user=root Jun 7 18:19:11 web1 sshd[1175]: Failed password for root from 182.61.6.174 port 38400 ssh2 Jun 7 18:22:40 web1 sshd[2091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.6.174 user=root Jun 7 18:22:42 web1 sshd[2091]: Failed password for root from 182.61.6.174 port 52484 ssh2 Jun 7 18:26:22 web1 sshd[3000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.6.174 user=root Jun 7 18:26:23 web1 sshd[3000]: Failed password for root from 182.61.6.174 port 38342 ssh2 Jun 7 18:29:52 web1 sshd[3895]: pam_unix(sshd:aut ... |
2020-06-07 17:03:29 |
| 120.210.134.49 | attack | Jun 7 07:31:05 piServer sshd[7492]: Failed password for root from 120.210.134.49 port 36430 ssh2 Jun 7 07:33:36 piServer sshd[7711]: Failed password for root from 120.210.134.49 port 36376 ssh2 ... |
2020-06-07 16:54:32 |
| 223.71.167.165 | attackspam | 223.71.167.165 was recorded 15 times by 3 hosts attempting to connect to the following ports: 9208,1723,9010,135,1434,2332,10134,990,7002,70,12000,37778,49155,55553,631. Incident counter (4h, 24h, all-time): 15, 56, 20160 |
2020-06-07 17:04:54 |
| 203.177.71.254 | attackbotsspam | 20 attempts against mh-ssh on echoip |
2020-06-07 16:59:45 |
| 206.81.8.155 | attackbots | prod6 ... |
2020-06-07 16:56:19 |