Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       47.92.0.0 - 47.97.255.255
CIDR:           47.96.0.0/15, 47.92.0.0/14
NetName:        APNIC
NetHandle:      NET-47-92-0-0-1
Parent:         NET47 (NET-47-0-0-0-0)
NetType:        Early Registrations, Transferred to APNIC
OriginAS:       
Organization:   Asia Pacific Network Information Centre (APNIC)
RegDate:        2015-03-02
Updated:        2015-03-02
Ref:            https://rdap.arin.net/registry/ip/47.92.0.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.apnic.net


OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 3646
City:           South Brisbane
StateProv:      QLD
PostalCode:     4101
Country:        AU
RegDate:        
Updated:        2012-01-24
Ref:            https://rdap.arin.net/registry/entity/APNIC

ReferralServer:  whois://whois.apnic.net
ResourceLink:  http://wq.apnic.net/whois-search/static/search.html

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName:   APNIC Whois Contact
OrgAbusePhone:  +61 7 3858 3188 
OrgAbuseEmail:  search-apnic-not-arin@apnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188 
OrgTechEmail:  search-apnic-not-arin@apnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '47.92.0.0 - 47.95.255.255'

% Abuse contact for '47.92.0.0 - 47.95.255.255' is 'didong.jc@alibaba-inc.com'

inetnum:        47.92.0.0 - 47.95.255.255
netname:        ALISOFT
descr:          Aliyun Computing Co., LTD
descr:          5F, Builing D, the West Lake International Plaza of S&T
descr:          No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country:        CN
admin-c:        ZM1015-AP
tech-c:         ZM877-AP
tech-c:         ZM876-AP
tech-c:         ZM875-AP
abuse-c:        AC1601-AP
status:         ALLOCATED PORTABLE
mnt-by:         MAINT-CNNIC-AP
mnt-irt:        IRT-ALISOFT-CN
last-modified:  2023-11-28T00:58:17Z
source:         APNIC

irt:            IRT-ALISOFT-CN
address:        No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
e-mail:         didong.jc@alibaba-inc.com
abuse-mailbox:  didong.jc@alibaba-inc.com
admin-c:        ZM877-AP
tech-c:         ZM877-AP
auth:           # Filtered
mnt-by:         MAINT-CNNIC-AP
last-modified:  2025-11-18T00:35:07Z
source:         APNIC

role:           ABUSE CNNICCN
country:        ZZ
address:        Beijing, China
phone:          +000000000
e-mail:         ipas@cnnic.cn
admin-c:        IP50-AP
tech-c:         IP50-AP
nic-hdl:        AC1601-AP
remarks:        Generated from irt object IRT-CNNIC-CN
remarks:        ipas@cnnic.cn is invalid
abuse-mailbox:  ipas@cnnic.cn
mnt-by:         APNIC-ABUSE
last-modified:  2025-09-19T17:20:32Z
source:         APNIC

person:         Li Jia
address:        NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country:        CN
phone:          +86-0571-85022088
e-mail:         jiali.jl@alibaba-inc.com
nic-hdl:        ZM1015-AP
mnt-by:         MAINT-CNNIC-AP
last-modified:  2025-07-01T07:12:42Z
source:         APNIC

person:         Guoxin Gao
address:        5F, Builing D, the West Lake International Plaza of S&T
address:        No.391 Wen'er Road, Hangzhou City
address:        Zhejiang, China, 310099
country:        CN
phone:          +86-0571-85022600
fax-no:         +86-0571-85022600
e-mail:         anti-spam@list.alibaba-inc.com
nic-hdl:        ZM875-AP
mnt-by:         MAINT-CNNIC-AP
last-modified:  2014-07-30T01:56:01Z
source:         APNIC

person:         security trouble
e-mail:         abuse@alibaba-inc.com
address:        5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen??r Road
address:        Hangzhou, Zhejiang, China
phone:          +86-0571-85022600
country:        CN
mnt-by:         MAINT-CNNIC-AP
nic-hdl:        ZM876-AP
last-modified:  2025-07-01T07:06:11Z
source:         APNIC

person:         Guowei Pan
address:        5F, Builing D, the West Lake International Plaza of S&T
address:        No.391 Wen'er Road, Hangzhou City
address:        Zhejiang, China, 310099
country:        CN
phone:          +86-0571-85022088-30763
fax-no:         +86-0571-85022600
e-mail:         abuse@alibaba-inc.com
nic-hdl:        ZM877-AP
mnt-by:         MAINT-CNNIC-AP
last-modified:  2025-07-01T07:05:46Z
source:         APNIC

% Information related to '47.92.0.0/14AS37963'

route:          47.92.0.0/14
descr:          Hangzhou Alibaba Advertising Co.,Ltd.
country:        CN
origin:         AS37963
mnt-by:         MAINT-CNNIC-AP
last-modified:  2019-08-07T23:28:06Z
source:         APNIC

% Information related to '47.92.0.0/14AS45102'

route:          47.92.0.0/14
descr:          Alibaba (US) Technology Co., Ltd.
country:        CN
origin:         AS45102
mnt-by:         MAINT-CNNIC-AP
last-modified:  2019-08-07T23:28:04Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5)
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.92.237.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42750
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;47.92.237.21.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026070502 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 06 03:30:07 CST 2026
;; MSG SIZE  rcvd: 105
Host info
Host 21.237.92.47.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.237.92.47.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
83.174.237.109 attack
Unauthorized connection attempt from IP address 83.174.237.109 on Port 445(SMB)
2020-08-22 03:39:06
45.115.4.210 attackbots
Unauthorized connection attempt from IP address 45.115.4.210 on Port 445(SMB)
2020-08-22 03:56:30
142.44.160.40 attackbots
2020-08-21T18:44:13.324412upcloud.m0sh1x2.com sshd[20965]: Invalid user jose from 142.44.160.40 port 46926
2020-08-22 03:53:58
182.176.99.35 attack
Unauthorized connection attempt from IP address 182.176.99.35 on Port 445(SMB)
2020-08-22 03:54:59
51.77.201.36 attack
Aug 21 19:19:56 [host] sshd[28026]: Invalid user a
Aug 21 19:19:56 [host] sshd[28026]: pam_unix(sshd:
Aug 21 19:19:58 [host] sshd[28026]: Failed passwor
2020-08-22 03:39:41
82.65.35.189 attackspam
Aug 21 21:32:43 [host] sshd[32722]: pam_unix(sshd:
Aug 21 21:32:45 [host] sshd[32722]: Failed passwor
Aug 21 21:36:33 [host] sshd[393]: Invalid user upd
2020-08-22 04:02:51
86.213.63.181 attackspambots
Invalid user hostmaster from 86.213.63.181 port 45890
2020-08-22 03:59:50
51.254.182.54 attack
srvr1: (mod_security) mod_security (id:942100) triggered by 51.254.182.54 (BE/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:43 [error] 482759#0: *839997 [client 51.254.182.54] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801124392.780127"] [ref ""], client: 51.254.182.54, [redacted] request: "GET /forum/viewthread.php?thread_id=1122PROCEDURE+ANALYSE%28EXTRACTVALUE%288971%2CCONCAT%280x5c%2C0x524949743677%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x524949743677%29%29%2C1%29--+pp4Y HTTP/1.1" [redacted]
2020-08-22 03:59:03
42.159.155.8 attackbots
Aug 21 19:45:47 gospond sshd[20124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.155.8 
Aug 21 19:45:47 gospond sshd[20124]: Invalid user wcsuser from 42.159.155.8 port 1600
Aug 21 19:45:50 gospond sshd[20124]: Failed password for invalid user wcsuser from 42.159.155.8 port 1600 ssh2
...
2020-08-22 03:55:35
212.129.139.59 attackbots
2020-08-21T16:06:35.147759snf-827550 sshd[4330]: Invalid user mct from 212.129.139.59 port 45304
2020-08-21T16:06:36.665149snf-827550 sshd[4330]: Failed password for invalid user mct from 212.129.139.59 port 45304 ssh2
2020-08-21T16:12:47.103353snf-827550 sshd[4385]: Invalid user ba from 212.129.139.59 port 45002
...
2020-08-22 03:33:21
201.182.72.250 attack
Aug 21 19:04:19 django-0 sshd[14760]: Invalid user joel from 201.182.72.250
...
2020-08-22 04:03:55
95.31.14.73 attackspam
Unauthorized connection attempt from IP address 95.31.14.73 on Port 445(SMB)
2020-08-22 03:48:01
203.175.73.61 attackspam
Unauthorized connection attempt from IP address 203.175.73.61 on Port 445(SMB)
2020-08-22 03:30:50
46.28.75.214 attackspambots
srvr1: (mod_security) mod_security (id:942100) triggered by 46.28.75.214 (IR/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:12 [error] 482759#0: *840059 [client 46.28.75.214] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801127287.039729"] [ref ""], client: 46.28.75.214, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+OR+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x4b657a527a51%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x4b657a527a51%2C0x78%29%29x%29%29--+CqbC HTTP/1.1" [redacted]
2020-08-22 03:30:29
111.198.61.150 attackspam
$f2bV_matches
2020-08-22 03:48:32

Recently Reported IPs

2606:4700:10::6814:5733 42.236.219.251 222.138.42.13 221.207.75.93
123.12.13.133 121.24.37.245 120.82.113.225 115.60.202.134
111.53.212.25 101.73.188.32 2606:4700:10::ac43:1121 79.124.62.147
79.124.62.253 79.124.62.81 79.124.62.20 79.124.62.17
79.124.62.252 79.124.62.247 79.124.62.85 79.124.62.112