City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 39.100.82.249 | attack | HTTP/80/443 Probe, BF, WP, Hack - |
2019-08-07 02:18:45 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '39.96.0.0 - 39.108.255.255'
% Abuse contact for '39.96.0.0 - 39.108.255.255' is 'ipas@cnnic.cn'
inetnum: 39.96.0.0 - 39.108.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
last-modified: 2021-06-16T01:29:48Z
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
remarks: ipas@cnnic.cn is invalid
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-17T23:08:37Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
source: APNIC
person: security trouble
e-mail: abuse@alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen??r Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
source: APNIC
% Information related to '39.96.0.0/13AS37963'
route: 39.96.0.0/13
descr: Hangzhou Alibaba Advertising Co.,Ltd.
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:06Z
source: APNIC
% Information related to '39.96.0.0/13AS45102'
route: 39.96.0.0/13
descr: Alibaba (US) Technology Co., Ltd.
country: CN
origin: AS45102
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:05Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 39.100.82.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6605
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;39.100.82.49. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026042000 1800 900 604800 86400
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 22:01:32 CST 2026
;; MSG SIZE rcvd: 105Host 49.82.100.39.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 49.82.100.39.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 201.148.31.113 | attackspambots | Unauthorized connection attempt from IP address 201.148.31.113 on Port 445(SMB) |
2020-08-01 06:31:14 |
| 203.113.102.178 | attackbots | Attempted Brute Force (dovecot) |
2020-08-01 06:26:04 |
| 5.233.142.248 | attackspam | Unauthorized connection attempt from IP address 5.233.142.248 on Port 445(SMB) |
2020-08-01 06:14:01 |
| 87.251.74.23 | attackspambots | 07/31/2020-18:19:20.842443 87.251.74.23 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2020-08-01 06:43:35 |
| 154.221.19.210 | attackspam | 2020-07-31T23:51:59.204585vps773228.ovh.net sshd[2294]: Failed password for root from 154.221.19.210 port 38775 ssh2 2020-07-31T23:56:10.289296vps773228.ovh.net sshd[2296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.19.210 user=root 2020-07-31T23:56:12.762626vps773228.ovh.net sshd[2296]: Failed password for root from 154.221.19.210 port 45147 ssh2 2020-08-01T00:00:22.191666vps773228.ovh.net sshd[2313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.19.210 user=root 2020-08-01T00:00:24.258037vps773228.ovh.net sshd[2313]: Failed password for root from 154.221.19.210 port 51516 ssh2 ... |
2020-08-01 06:17:08 |
| 142.93.170.135 | attackspambots | SSH Invalid Login |
2020-08-01 06:30:26 |
| 186.67.179.2 | attackspam | Unauthorized connection attempt from IP address 186.67.179.2 on Port 445(SMB) |
2020-08-01 06:18:11 |
| 182.61.49.107 | attack | Bruteforce detected by fail2ban |
2020-08-01 06:31:46 |
| 45.129.33.13 | attack | firewall-block, port(s): 1644/tcp, 1680/tcp |
2020-08-01 06:27:10 |
| 218.92.0.220 | attackbots | logged into and snooped in a honey pot |
2020-08-01 06:38:48 |
| 130.162.64.72 | attack | 2020-07-31T22:14:59.235941shield sshd\[31239\]: Invalid user four from 130.162.64.72 port 22071 2020-07-31T22:14:59.242971shield sshd\[31239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-130-162-64-72.compute.oraclecloud.com 2020-07-31T22:15:01.048690shield sshd\[31239\]: Failed password for invalid user four from 130.162.64.72 port 22071 ssh2 2020-07-31T22:19:06.813314shield sshd\[32189\]: Invalid user newsms123 from 130.162.64.72 port 56520 2020-07-31T22:19:06.825192shield sshd\[32189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-130-162-64-72.compute.oraclecloud.com |
2020-08-01 06:37:49 |
| 222.186.42.57 | attackspambots | Jul 31 14:20:19 ws19vmsma01 sshd[109171]: Failed password for root from 222.186.42.57 port 40501 ssh2 ... |
2020-08-01 06:42:17 |
| 138.185.188.67 | attackbots | jannisjulius.de 138.185.188.67 [31/Jul/2020:22:32:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4269 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" jannisjulius.de 138.185.188.67 [31/Jul/2020:22:32:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4269 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" |
2020-08-01 06:19:15 |
| 103.145.12.206 | attackbotsspam | VoIP Brute Force - 103.145.12.206 - Auto Report ... |
2020-08-01 06:22:00 |
| 5.55.79.171 | attack | DATE:2020-07-31 22:32:01, IP:5.55.79.171, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-08-01 06:17:54 |