City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '39.96.0.0 - 39.108.255.255'
% Abuse contact for '39.96.0.0 - 39.108.255.255' is 'ipas@cnnic.cn'
inetnum: 39.96.0.0 - 39.108.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
last-modified: 2021-06-16T01:29:48Z
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
remarks: ipas@cnnic.cn is invalid
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-17T23:08:37Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
source: APNIC
person: security trouble
e-mail: abuse@alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen??r Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
source: APNIC
% Information related to '39.96.0.0/13AS37963'
route: 39.96.0.0/13
descr: Hangzhou Alibaba Advertising Co.,Ltd.
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:06Z
source: APNIC
% Information related to '39.96.0.0/13AS45102'
route: 39.96.0.0/13
descr: Alibaba (US) Technology Co., Ltd.
country: CN
origin: AS45102
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:05Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.100.72.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56184
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;39.100.72.72. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032101 1800 900 604800 86400
;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 04:00:17 CST 2026
;; MSG SIZE rcvd: 105Host 72.72.100.39.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 72.72.100.39.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 51.91.102.99 | attackspambots | Automatic Fail2ban report - Trying login SSH |
2020-08-19 21:52:57 |
| 201.238.247.234 | attackspambots | Unauthorized connection attempt from IP address 201.238.247.234 on Port 445(SMB) |
2020-08-19 21:49:18 |
| 202.159.24.35 | attackspambots | Aug 19 14:14:44 rocket sshd[24229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.159.24.35 Aug 19 14:14:45 rocket sshd[24229]: Failed password for invalid user john from 202.159.24.35 port 50762 ssh2 ... |
2020-08-19 21:28:34 |
| 37.157.184.244 | attackspambots | Email address rejected |
2020-08-19 22:01:18 |
| 106.12.28.157 | attackspam | Aug 19 15:33:34 server sshd[29739]: Failed password for root from 106.12.28.157 port 38164 ssh2 Aug 19 15:36:34 server sshd[5053]: Failed password for root from 106.12.28.157 port 36488 ssh2 Aug 19 15:40:00 server sshd[19493]: Failed password for root from 106.12.28.157 port 34818 ssh2 |
2020-08-19 21:45:35 |
| 83.118.194.4 | attackspambots | Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-19T12:34:59Z and 2020-08-19T12:43:00Z |
2020-08-19 21:26:16 |
| 59.99.217.236 | attackspam | Unauthorized connection attempt from IP address 59.99.217.236 on Port 445(SMB) |
2020-08-19 21:43:52 |
| 68.183.31.114 | attack | Aug 19 15:32:36 home sshd[1611173]: Invalid user yly from 68.183.31.114 port 52056 Aug 19 15:32:36 home sshd[1611173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 Aug 19 15:32:36 home sshd[1611173]: Invalid user yly from 68.183.31.114 port 52056 Aug 19 15:32:38 home sshd[1611173]: Failed password for invalid user yly from 68.183.31.114 port 52056 ssh2 Aug 19 15:36:17 home sshd[1613282]: Invalid user lc from 68.183.31.114 port 60354 ... |
2020-08-19 21:46:04 |
| 177.185.117.133 | attackbots | Aug 19 08:31:28 Tower sshd[24705]: Connection from 177.185.117.133 port 56800 on 192.168.10.220 port 22 rdomain "" Aug 19 08:31:29 Tower sshd[24705]: Invalid user emmanuel from 177.185.117.133 port 56800 Aug 19 08:31:29 Tower sshd[24705]: error: Could not get shadow information for NOUSER Aug 19 08:31:29 Tower sshd[24705]: Failed password for invalid user emmanuel from 177.185.117.133 port 56800 ssh2 Aug 19 08:31:29 Tower sshd[24705]: Received disconnect from 177.185.117.133 port 56800:11: Bye Bye [preauth] Aug 19 08:31:29 Tower sshd[24705]: Disconnected from invalid user emmanuel 177.185.117.133 port 56800 [preauth] |
2020-08-19 21:39:15 |
| 134.209.7.179 | attack | Aug 19 14:19:45 h2646465 sshd[737]: Invalid user virgil from 134.209.7.179 Aug 19 14:19:45 h2646465 sshd[737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.7.179 Aug 19 14:19:45 h2646465 sshd[737]: Invalid user virgil from 134.209.7.179 Aug 19 14:19:47 h2646465 sshd[737]: Failed password for invalid user virgil from 134.209.7.179 port 56924 ssh2 Aug 19 14:29:44 h2646465 sshd[2083]: Invalid user proman from 134.209.7.179 Aug 19 14:29:44 h2646465 sshd[2083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.7.179 Aug 19 14:29:44 h2646465 sshd[2083]: Invalid user proman from 134.209.7.179 Aug 19 14:29:45 h2646465 sshd[2083]: Failed password for invalid user proman from 134.209.7.179 port 48944 ssh2 Aug 19 14:33:30 h2646465 sshd[2679]: Invalid user b from 134.209.7.179 ... |
2020-08-19 21:55:05 |
| 139.5.154.61 | attackspambots | B: Abusive ssh attack |
2020-08-19 21:57:32 |
| 134.122.111.162 | attack | Aug 19 14:56:34 abendstille sshd\[30307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.111.162 user=root Aug 19 14:56:36 abendstille sshd\[30307\]: Failed password for root from 134.122.111.162 port 40836 ssh2 Aug 19 15:00:18 abendstille sshd\[2351\]: Invalid user test from 134.122.111.162 Aug 19 15:00:18 abendstille sshd\[2351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.111.162 Aug 19 15:00:20 abendstille sshd\[2351\]: Failed password for invalid user test from 134.122.111.162 port 48634 ssh2 ... |
2020-08-19 21:28:49 |
| 185.234.217.164 | attackspambots | Aug 19 15:18:35 srv01 postfix/smtpd\[22058\]: warning: unknown\[185.234.217.164\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 15:23:32 srv01 postfix/smtpd\[12870\]: warning: unknown\[185.234.217.164\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 15:24:44 srv01 postfix/smtpd\[26384\]: warning: unknown\[185.234.217.164\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 15:25:34 srv01 postfix/smtpd\[23258\]: warning: unknown\[185.234.217.164\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 19 15:32:04 srv01 postfix/smtpd\[29899\]: warning: unknown\[185.234.217.164\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-08-19 21:51:59 |
| 82.196.15.195 | attack | Aug 19 12:38:43 django-0 sshd[6510]: Invalid user guest from 82.196.15.195 ... |
2020-08-19 21:53:39 |
| 207.194.35.197 | attackspam | Aug 19 14:31:00 dev0-dcde-rnet sshd[30666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.194.35.197 Aug 19 14:31:02 dev0-dcde-rnet sshd[30666]: Failed password for invalid user arts from 207.194.35.197 port 53712 ssh2 Aug 19 14:35:10 dev0-dcde-rnet sshd[30757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.194.35.197 |
2020-08-19 22:03:58 |