City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 159.226.0.0 - 159.226.255.255
CIDR: 159.226.0.0/16
NetName: APNIC-ERX-159-226-0-0
NetHandle: NET-159-226-0-0-1
Parent: NET159 (NET-159-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2003-10-29
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/159.226.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '159.226.0.0 - 159.226.255.255'
% Abuse contact for '159.226.0.0 - 159.226.255.255' is 'abuse-ip@cstnet.cn'
inetnum: 159.226.0.0 - 159.226.255.255
netname: CSTNET-CN
descr: Computer Network Information Center of Chinese Academy of Sciences (CNIC-CAS)
country: CN
org: ORG-CA107-AP
admin-c: CNIC1-AP
tech-c: CNIC1-AP
abuse-c: AC2741-AP
status: ALLOCATED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-CSTNET-CN
mnt-routes: MAINT-CSTNET-CN
mnt-irt: IRT-CSTNET-CN
last-modified: 2023-09-29T13:07:48Z
source: APNIC
irt: IRT-CSTNET-CN
address: 2 Dongsheng South Road, Haidian District, Beijing Beijing 100190
e-mail: abuse-ip@cstnet.cn
abuse-mailbox: abuse-ip@cstnet.cn
admin-c: CNIC1-AP
tech-c: CNIC1-AP
auth: # Filtered
remarks: abuse-ip@cstnet.cn is invalid
mnt-by: MAINT-CSTNET-CN
last-modified: 2026-02-11T13:10:17Z
source: APNIC
organisation: ORG-CA107-AP
org-name: CNIC-CAS
org-type: LIR
country: CN
address: 2 Dongsheng South Road, Haidian District
phone: +86.10.58812266
e-mail: support@cnic.cn
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:18:50Z
source: APNIC
role: ABUSE CSTNETCN
country: ZZ
address: 2 Dongsheng South Road, Haidian District, Beijing Beijing 100190
phone: +000000000
e-mail: abuse-ip@cstnet.cn
admin-c: CNIC1-AP
tech-c: CNIC1-AP
nic-hdl: AC2741-AP
remarks: Generated from irt object IRT-CSTNET-CN
remarks: abuse-ip@cstnet.cn is invalid
abuse-mailbox: abuse-ip@cstnet.cn
mnt-by: APNIC-ABUSE
last-modified: 2026-02-11T13:11:38Z
source: APNIC
role: Computer Network Information Center of Chinese Academy of Sciences administrator
address: 2 Dongsheng South Road, Haidian District, Beijing Beijing 100190
country: CN
phone: +86.10.58812266
e-mail: supervise@cnic.cn
admin-c: CNIC1-AP
tech-c: CNIC1-AP
nic-hdl: CNIC1-AP
mnt-by: MAINT-CNICOCAOS-CN
last-modified: 2022-05-12T07:31:01Z
source: APNIC
% Information related to '159.226.0.0/16AS7497'
route: 159.226.0.0/16
descr: CSTNET's IP
country: CN
origin: AS7497
remarks: Please contact ip-noc@cstnet.cn if you have any
remarks: Questions regarding this object.
notify: ip-noc@cstnet.cn
mnt-by: MAINT-CSTNET-CN
last-modified: 2023-10-19T06:19:12Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.226.56.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53933
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;159.226.56.62. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026031900 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 19:57:35 CST 2026
;; MSG SIZE rcvd: 106Host 62.56.226.159.in-addr.arpa not found: 2(SERVFAIL)
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 62.56.226.159.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 35.210.5.38 | attackspambots | T: f2b 404 5x |
2020-04-13 20:36:55 |
| 118.89.61.51 | attackspam | SSH bruteforce (Triggered fail2ban) |
2020-04-13 20:24:34 |
| 103.242.181.30 | attack | Apr 13 09:49:20 xxxxxxx7446550 sshd[8076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.181.30 user=r.r Apr 13 09:49:22 xxxxxxx7446550 sshd[8076]: Failed password for r.r from 103.242.181.30 port 45652 ssh2 Apr 13 09:49:22 xxxxxxx7446550 sshd[8077]: Received disconnect from 103.242.181.30: 11: Bye Bye Apr 13 09:58:20 xxxxxxx7446550 sshd[13753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.181.30 user=r.r Apr 13 09:58:22 xxxxxxx7446550 sshd[13753]: Failed password for r.r from 103.242.181.30 port 36972 ssh2 Apr 13 09:58:22 xxxxxxx7446550 sshd[13754]: Received disconnect from 103.242.181.30: 11: Bye Bye Apr 13 10:03:14 xxxxxxx7446550 sshd[17669]: Invalid user support from 103.242.181.30 Apr 13 10:03:14 xxxxxxx7446550 sshd[17669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.181.30 ........ ----------------------------------------------- https://www.blockli |
2020-04-13 20:35:28 |
| 122.51.233.63 | attack | Apr 13 03:55:58 server1 sshd\[7825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.233.63 user=root Apr 13 03:56:00 server1 sshd\[7825\]: Failed password for root from 122.51.233.63 port 37108 ssh2 Apr 13 03:59:07 server1 sshd\[9183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.233.63 user=root Apr 13 03:59:08 server1 sshd\[9183\]: Failed password for root from 122.51.233.63 port 44812 ssh2 Apr 13 04:05:25 server1 sshd\[11703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.233.63 user=root ... |
2020-04-13 20:32:01 |
| 119.29.3.45 | attackbots | Apr 13 10:43:09 odroid64 sshd\[18057\]: User root from 119.29.3.45 not allowed because not listed in AllowUsers Apr 13 10:43:09 odroid64 sshd\[18057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.3.45 user=root ... |
2020-04-13 20:24:09 |
| 61.177.172.128 | attackspam | Apr 13 15:07:35 ift sshd\[63119\]: Failed password for root from 61.177.172.128 port 38399 ssh2Apr 13 15:07:38 ift sshd\[63119\]: Failed password for root from 61.177.172.128 port 38399 ssh2Apr 13 15:07:42 ift sshd\[63119\]: Failed password for root from 61.177.172.128 port 38399 ssh2Apr 13 15:07:45 ift sshd\[63119\]: Failed password for root from 61.177.172.128 port 38399 ssh2Apr 13 15:07:49 ift sshd\[63119\]: Failed password for root from 61.177.172.128 port 38399 ssh2 ... |
2020-04-13 20:19:11 |
| 144.217.214.100 | attackspam | 2020-04-13T11:48:19.454038shield sshd\[25315\]: Invalid user ingfei from 144.217.214.100 port 38532 2020-04-13T11:48:19.458093shield sshd\[25315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip100.ip-144-217-214.net 2020-04-13T11:48:21.647070shield sshd\[25315\]: Failed password for invalid user ingfei from 144.217.214.100 port 38532 ssh2 2020-04-13T11:52:40.012704shield sshd\[26071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip100.ip-144-217-214.net user=root 2020-04-13T11:52:41.895903shield sshd\[26071\]: Failed password for root from 144.217.214.100 port 46574 ssh2 |
2020-04-13 20:43:04 |
| 79.105.53.57 | attackbotsspam | Telnet/23 MH Probe, Scan, BF, Hack - |
2020-04-13 20:36:32 |
| 42.157.162.14 | attackbots | Apr 12 21:48:48 host2 sshd[18926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.162.14 user=r.r Apr 12 21:48:50 host2 sshd[18926]: Failed password for r.r from 42.157.162.14 port 63304 ssh2 Apr 12 21:48:50 host2 sshd[18926]: Received disconnect from 42.157.162.14: 11: Bye Bye [preauth] Apr 12 21:57:15 host2 sshd[15485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.162.14 user=r.r Apr 12 21:57:17 host2 sshd[15485]: Failed password for r.r from 42.157.162.14 port 19528 ssh2 Apr 12 21:57:17 host2 sshd[15485]: Received disconnect from 42.157.162.14: 11: Bye Bye [preauth] Apr 12 22:00:37 host2 sshd[29639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.162.14 user=r.r Apr 12 22:00:39 host2 sshd[29639]: Failed password for r.r from 42.157.162.14 port 58948 ssh2 Apr 12 22:00:39 host2 sshd[29639]: Received disconnect from 42.157......... ------------------------------- |
2020-04-13 20:01:56 |
| 157.97.29.124 | attackbotsspam | $f2bV_matches |
2020-04-13 20:07:52 |
| 49.234.28.109 | attackbots | Apr 13 10:42:21 ns382633 sshd\[21754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.28.109 user=root Apr 13 10:42:23 ns382633 sshd\[21754\]: Failed password for root from 49.234.28.109 port 48460 ssh2 Apr 13 10:57:10 ns382633 sshd\[24598\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.28.109 user=root Apr 13 10:57:12 ns382633 sshd\[24598\]: Failed password for root from 49.234.28.109 port 57784 ssh2 Apr 13 11:07:08 ns382633 sshd\[26490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.28.109 user=root |
2020-04-13 20:39:42 |
| 148.77.14.106 | attackspam | k+ssh-bruteforce |
2020-04-13 20:10:00 |
| 139.59.249.255 | attackspam | Apr 13 10:47:43 vps333114 sshd[6176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=blog.jungleland.co.id user=root Apr 13 10:47:45 vps333114 sshd[6176]: Failed password for root from 139.59.249.255 port 22631 ssh2 ... |
2020-04-13 19:58:55 |
| 142.93.46.172 | attackbots | $f2bV_matches |
2020-04-13 20:31:09 |
| 202.158.123.94 | attackbotsspam | 20 attempts against mh-ssh on echoip |
2020-04-13 19:59:43 |