City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 47.92.0.0 - 47.97.255.255
CIDR: 47.92.0.0/14, 47.96.0.0/15
NetName: APNIC
NetHandle: NET-47-92-0-0-1
Parent: NET47 (NET-47-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2015-03-02
Updated: 2015-03-02
Ref: https://rdap.arin.net/registry/ip/47.92.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '47.92.0.0 - 47.95.255.255'
% Abuse contact for '47.92.0.0 - 47.95.255.255' is 'didong.jc@alibaba-inc.com'
inetnum: 47.92.0.0 - 47.95.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-ALISOFT-CN
last-modified: 2023-11-28T00:58:17Z
source: APNIC
irt: IRT-ALISOFT-CN
address: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
e-mail: didong.jc@alibaba-inc.com
abuse-mailbox: didong.jc@alibaba-inc.com
admin-c: ZM877-AP
tech-c: ZM877-AP
auth: # Filtered
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-18T00:35:07Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
source: APNIC
person: security trouble
e-mail: abuse@alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen??r Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
source: APNIC
% Information related to '47.92.0.0/14AS37963'
route: 47.92.0.0/14
descr: Hangzhou Alibaba Advertising Co.,Ltd.
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:06Z
source: APNIC
% Information related to '47.92.0.0/14AS45102'
route: 47.92.0.0/14
descr: Alibaba (US) Technology Co., Ltd.
country: CN
origin: AS45102
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:04Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.34 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.92.251.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42272
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;47.92.251.254. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026012400 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 25 00:30:15 CST 2026
;; MSG SIZE rcvd: 106Host 254.251.92.47.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 254.251.92.47.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 139.162.225.229 | spambotsattackproxynormal | Hollw |
2019-11-14 05:26:38 |
| 113.199.40.202 | attackbotsspam | Nov 13 18:46:01 server sshd\[9037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 user=mysql Nov 13 18:46:04 server sshd\[9037\]: Failed password for mysql from 113.199.40.202 port 53577 ssh2 Nov 13 19:09:27 server sshd\[14797\]: Invalid user franklin from 113.199.40.202 Nov 13 19:09:27 server sshd\[14797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 Nov 13 19:09:29 server sshd\[14797\]: Failed password for invalid user franklin from 113.199.40.202 port 34815 ssh2 ... |
2019-11-14 05:16:29 |
| 47.72.193.0 | attack | Brute force SMTP login attempts. |
2019-11-14 05:36:54 |
| 54.37.151.239 | attackspam | 2019-11-13T21:20:29.875178abusebot-7.cloudsearch.cf sshd\[29849\]: Invalid user gilreath from 54.37.151.239 port 55166 |
2019-11-14 05:33:23 |
| 110.47.218.84 | attackspambots | Nov 13 22:34:52 vps01 sshd[27361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.47.218.84 Nov 13 22:34:55 vps01 sshd[27361]: Failed password for invalid user ident from 110.47.218.84 port 55962 ssh2 |
2019-11-14 05:42:24 |
| 123.25.116.123 | attackspambots | Honeypot attack, port: 445, PTR: static.vdc.vn. |
2019-11-14 05:18:19 |
| 61.175.216.238 | attackbotsspam | 3306/tcp 1433/tcp... [2019-10-03/11-13]12pkt,2pt.(tcp) |
2019-11-14 05:09:16 |
| 46.101.88.10 | attackbots | Nov 13 21:15:11 nextcloud sshd\[31122\]: Invalid user ftpuser from 46.101.88.10 Nov 13 21:15:11 nextcloud sshd\[31122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.10 Nov 13 21:15:14 nextcloud sshd\[31122\]: Failed password for invalid user ftpuser from 46.101.88.10 port 20415 ssh2 ... |
2019-11-14 05:39:10 |
| 106.75.122.202 | attack | Nov 14 02:22:11 itv-usvr-01 sshd[5961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.202 user=root Nov 14 02:22:13 itv-usvr-01 sshd[5961]: Failed password for root from 106.75.122.202 port 39250 ssh2 Nov 14 02:27:05 itv-usvr-01 sshd[6132]: Invalid user beyls from 106.75.122.202 Nov 14 02:27:05 itv-usvr-01 sshd[6132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.122.202 Nov 14 02:27:05 itv-usvr-01 sshd[6132]: Invalid user beyls from 106.75.122.202 Nov 14 02:27:07 itv-usvr-01 sshd[6132]: Failed password for invalid user beyls from 106.75.122.202 port 46432 ssh2 |
2019-11-14 05:08:07 |
| 173.160.41.137 | attackbotsspam | Nov 13 18:03:30 localhost sshd\[6178\]: Invalid user shimoguchi from 173.160.41.137 port 42208 Nov 13 18:03:30 localhost sshd\[6178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.160.41.137 Nov 13 18:03:32 localhost sshd\[6178\]: Failed password for invalid user shimoguchi from 173.160.41.137 port 42208 ssh2 |
2019-11-14 05:04:59 |
| 185.175.93.19 | attackbotsspam | Nov 13 20:56:20 TCP Attack: SRC=185.175.93.19 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=249 PROTO=TCP SPT=48824 DPT=8018 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-11-14 05:17:45 |
| 114.38.247.27 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.38.247.27/ TW - 1H : (128) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 114.38.247.27 CIDR : 114.38.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 35 3H - 108 6H - 108 12H - 108 24H - 108 DateTime : 2019-11-13 19:03:22 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery |
2019-11-14 05:35:24 |
| 149.56.97.251 | attackspam | Nov 12 21:55:30 *** sshd[17490]: Failed password for invalid user admin from 149.56.97.251 port 57638 ssh2 Nov 12 22:16:46 *** sshd[17842]: Failed password for invalid user bastard from 149.56.97.251 port 45986 ssh2 Nov 12 22:26:43 *** sshd[18019]: Failed password for invalid user savannah from 149.56.97.251 port 44004 ssh2 Nov 12 22:30:06 *** sshd[18050]: Failed password for invalid user haugaard from 149.56.97.251 port 52746 ssh2 Nov 12 22:33:31 *** sshd[18086]: Failed password for invalid user dharmaraj from 149.56.97.251 port 33274 ssh2 Nov 12 22:40:26 *** sshd[18235]: Failed password for invalid user noordin from 149.56.97.251 port 50780 ssh2 Nov 12 22:47:12 *** sshd[18384]: Failed password for invalid user test from 149.56.97.251 port 40050 ssh2 Nov 12 22:51:32 *** sshd[18429]: Failed password for invalid user briles from 149.56.97.251 port 48818 ssh2 Nov 12 22:54:54 *** sshd[18469]: Failed password for invalid user 1904 from 149.56.97.251 port 57556 ssh2 Nov 12 23:01:46 *** sshd[18594]: Failed password |
2019-11-14 05:14:39 |
| 178.128.56.22 | attackbots | chaangnoifulda.de 178.128.56.22 \[13/Nov/2019:21:08:36 +0100\] "POST /wp-login.php HTTP/1.1" 200 6511 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" chaangnoifulda.de 178.128.56.22 \[13/Nov/2019:21:08:41 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4099 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-11-14 05:20:59 |
| 218.92.0.182 | attackspam | $f2bV_matches |
2019-11-14 05:26:32 |