City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 39.100.71.134 | attack | Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools |
2019-06-12 10:48:07 |
| 39.100.71.134 | attack | Automatic report - Web App Attack |
2019-06-12 10:47:55 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '39.96.0.0 - 39.108.255.255'
% Abuse contact for '39.96.0.0 - 39.108.255.255' is 'ipas@cnnic.cn'
inetnum: 39.96.0.0 - 39.108.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
last-modified: 2021-06-16T01:29:48Z
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
remarks: ipas@cnnic.cn is invalid
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-17T23:08:37Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
source: APNIC
person: security trouble
e-mail: abuse@alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen??r Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
source: APNIC
% Information related to '39.96.0.0/13AS37963'
route: 39.96.0.0/13
descr: Hangzhou Alibaba Advertising Co.,Ltd.
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:06Z
source: APNIC
% Information related to '39.96.0.0/13AS45102'
route: 39.96.0.0/13
descr: Alibaba (US) Technology Co., Ltd.
country: CN
origin: AS45102
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:05Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.100.71.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1775
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;39.100.71.203. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026031900 1800 900 604800 86400
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 22:30:47 CST 2026
;; MSG SIZE rcvd: 106Host 203.71.100.39.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 203.71.100.39.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 221.6.32.34 | attackspambots | Jul 8 01:53:29 OPSO sshd\[24439\]: Invalid user saksham from 221.6.32.34 port 55592 Jul 8 01:53:29 OPSO sshd\[24439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.6.32.34 Jul 8 01:53:30 OPSO sshd\[24439\]: Failed password for invalid user saksham from 221.6.32.34 port 55592 ssh2 Jul 8 02:01:38 OPSO sshd\[27106\]: Invalid user glora from 221.6.32.34 port 38944 Jul 8 02:01:38 OPSO sshd\[27106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.6.32.34 |
2020-07-08 08:46:19 |
| 162.62.26.228 | attackspambots | Honeypot hit. |
2020-07-08 08:24:56 |
| 95.182.122.22 | attack | port scan and connect, tcp 1433 (ms-sql-s) |
2020-07-08 08:41:59 |
| 67.205.135.65 | attack | Jul 8 00:19:46 plex-server sshd[614102]: Failed password for mail from 67.205.135.65 port 40410 ssh2 Jul 8 00:22:12 plex-server sshd[614352]: Invalid user vpntest from 67.205.135.65 port 56352 Jul 8 00:22:12 plex-server sshd[614352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 Jul 8 00:22:12 plex-server sshd[614352]: Invalid user vpntest from 67.205.135.65 port 56352 Jul 8 00:22:14 plex-server sshd[614352]: Failed password for invalid user vpntest from 67.205.135.65 port 56352 ssh2 ... |
2020-07-08 08:28:29 |
| 112.122.42.213 | attackspambots | Port probing on unauthorized port 26 |
2020-07-08 09:00:59 |
| 118.36.234.144 | attack | SSH Brute Force |
2020-07-08 08:52:09 |
| 1.234.13.176 | attackspambots | Jul 7 22:07:16 DAAP sshd[27394]: Invalid user sivanan.apa from 1.234.13.176 port 34366 Jul 7 22:07:16 DAAP sshd[27394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.234.13.176 Jul 7 22:07:16 DAAP sshd[27394]: Invalid user sivanan.apa from 1.234.13.176 port 34366 Jul 7 22:07:18 DAAP sshd[27394]: Failed password for invalid user sivanan.apa from 1.234.13.176 port 34366 ssh2 Jul 7 22:10:18 DAAP sshd[27499]: Invalid user test1 from 1.234.13.176 port 56870 ... |
2020-07-08 08:57:43 |
| 27.90.200.17 | attack | Unauthorised access (Jul 7) SRC=27.90.200.17 LEN=52 TOS=0x10 PREC=0x40 TTL=111 ID=16514 DF TCP DPT=445 WINDOW=8192 SYN |
2020-07-08 08:46:07 |
| 117.33.253.49 | attackbots | Jul 8 00:15:35 plex-server sshd[613479]: Invalid user huiyong from 117.33.253.49 port 36685 Jul 8 00:15:35 plex-server sshd[613479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.33.253.49 Jul 8 00:15:35 plex-server sshd[613479]: Invalid user huiyong from 117.33.253.49 port 36685 Jul 8 00:15:37 plex-server sshd[613479]: Failed password for invalid user huiyong from 117.33.253.49 port 36685 ssh2 Jul 8 00:17:34 plex-server sshd[613670]: Invalid user nostradamus from 117.33.253.49 port 50117 ... |
2020-07-08 08:34:29 |
| 222.186.180.6 | attack | Jul 8 02:49:56 * sshd[30282]: Failed password for root from 222.186.180.6 port 33156 ssh2 Jul 8 02:50:08 * sshd[30282]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 33156 ssh2 [preauth] |
2020-07-08 08:50:56 |
| 45.14.224.220 | attackbots | Malware server used by 45.14.224.140 : wget 45.14.224.220/jaws |
2020-07-08 08:27:47 |
| 54.38.180.93 | attackbots | SSH Invalid Login |
2020-07-08 08:50:24 |
| 180.76.181.47 | attackbots | 2020-07-07T15:12:31.360215linuxbox-skyline sshd[697433]: Invalid user titus from 180.76.181.47 port 47758 ... |
2020-07-08 08:38:05 |
| 213.158.29.179 | attackspambots | SSH Invalid Login |
2020-07-08 08:53:36 |
| 62.112.11.9 | attackbotsspam | Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-07T22:08:09Z and 2020-07-07T22:59:31Z |
2020-07-08 08:23:59 |