City: Beijing
Region: Beijing
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 47.92.0.0 - 47.97.255.255
CIDR: 47.92.0.0/14, 47.96.0.0/15
NetName: APNIC
NetHandle: NET-47-92-0-0-1
Parent: NET47 (NET-47-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2015-03-02
Updated: 2015-03-02
Ref: https://rdap.arin.net/registry/ip/47.92.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '47.92.0.0 - 47.95.255.255'
% Abuse contact for '47.92.0.0 - 47.95.255.255' is 'didong.jc@alibaba-inc.com'
inetnum: 47.92.0.0 - 47.95.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-ALISOFT-CN
last-modified: 2023-11-28T00:58:17Z
source: APNIC
irt: IRT-ALISOFT-CN
address: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
e-mail: didong.jc@alibaba-inc.com
abuse-mailbox: didong.jc@alibaba-inc.com
admin-c: ZM877-AP
tech-c: ZM877-AP
auth: # Filtered
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-11-18T00:35:07Z
source: APNIC
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
remarks: Generated from irt object IRT-CNNIC-CN
remarks: ipas@cnnic.cn is invalid
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-09-19T17:20:32Z
source: APNIC
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
source: APNIC
person: security trouble
e-mail: abuse@alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen??r Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
source: APNIC
% Information related to '47.92.0.0/14AS37963'
route: 47.92.0.0/14
descr: Hangzhou Alibaba Advertising Co.,Ltd.
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:06Z
source: APNIC
% Information related to '47.92.0.0/14AS45102'
route: 47.92.0.0/14
descr: Alibaba (US) Technology Co., Ltd.
country: CN
origin: AS45102
mnt-by: MAINT-CNNIC-AP
last-modified: 2019-08-07T23:28:04Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.95.205.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33148
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;47.95.205.12. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026051901 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 14:30:26 CST 2026
;; MSG SIZE rcvd: 105Host 12.205.95.47.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 12.205.95.47.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 223.245.213.92 | attack | Brute force SMTP login attempts. |
2019-08-08 18:46:39 |
| 116.240.199.23 | attackspambots | Aug 8 11:07:24 hosting sshd[2029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.240.199.23 user=root Aug 8 11:07:25 hosting sshd[2029]: Failed password for root from 116.240.199.23 port 46312 ssh2 Aug 8 11:07:28 hosting sshd[2033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.240.199.23 user=root Aug 8 11:07:30 hosting sshd[2033]: Failed password for root from 116.240.199.23 port 48056 ssh2 Aug 8 11:07:33 hosting sshd[2036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.240.199.23 user=root Aug 8 11:07:34 hosting sshd[2036]: Failed password for root from 116.240.199.23 port 49967 ssh2 ... |
2019-08-08 18:40:51 |
| 122.248.103.64 | attackbotsspam | proto=tcp . spt=32860 . dpt=25 . (listed on Blocklist de Aug 07) (115) |
2019-08-08 17:33:37 |
| 102.165.39.32 | attackspam | [SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08081035) |
2019-08-08 18:27:33 |
| 177.44.82.68 | attackbots | proto=tcp . spt=52336 . dpt=25 . (listed on Blocklist de Aug 07) (99) |
2019-08-08 18:14:48 |
| 198.211.114.102 | attackbots | Aug 8 03:29:56 debian sshd\[9361\]: Invalid user water from 198.211.114.102 port 59848 Aug 8 03:29:56 debian sshd\[9361\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.114.102 Aug 8 03:29:57 debian sshd\[9361\]: Failed password for invalid user water from 198.211.114.102 port 59848 ssh2 ... |
2019-08-08 18:49:43 |
| 109.184.114.244 | attackbotsspam | Aug 8 01:53:38 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 109.184.114.244 port 39946 ssh2 (target: 158.69.100.130:22, password: r.r) Aug 8 01:53:38 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 109.184.114.244 port 39946 ssh2 (target: 158.69.100.130:22, password: admin) Aug 8 01:53:38 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 109.184.114.244 port 39946 ssh2 (target: 158.69.100.130:22, password: 12345) Aug 8 01:53:38 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 109.184.114.244 port 39946 ssh2 (target: 158.69.100.130:22, password: guest) Aug 8 01:53:38 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 109.184.114.244 port 39946 ssh2 (target: 158.69.100.130:22, password: 123456) Aug 8 01:53:38 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 109.184.114.244 port 39946 ssh2 (target: 158.69.100.130:22, password: 1234) Aug 8 01:53:39 wildwolf ssh-honeypotd[26164]: Failed password for r......... ------------------------------ |
2019-08-08 17:36:18 |
| 134.73.161.89 | attackbotsspam | SSH invalid-user multiple login attempts |
2019-08-08 18:45:36 |
| 113.31.86.82 | attackspambots | Aug 8 00:31:39 plusreed sshd[4154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.86.82 user=root Aug 8 00:31:42 plusreed sshd[4154]: Failed password for root from 113.31.86.82 port 32936 ssh2 ... |
2019-08-08 17:27:10 |
| 112.85.42.87 | attack | Aug 8 12:12:08 ubuntu-2gb-nbg1-dc3-1 sshd[16631]: Failed password for root from 112.85.42.87 port 13787 ssh2 Aug 8 12:12:12 ubuntu-2gb-nbg1-dc3-1 sshd[16631]: error: maximum authentication attempts exceeded for root from 112.85.42.87 port 13787 ssh2 [preauth] ... |
2019-08-08 18:33:18 |
| 3.85.145.96 | attack | 3389BruteforceFW21 |
2019-08-08 18:48:50 |
| 39.74.247.35 | attackbotsspam | Triggered by Fail2Ban at Vostok web server |
2019-08-08 17:55:28 |
| 180.157.194.227 | attackspam | SSH Brute-Force reported by Fail2Ban |
2019-08-08 17:56:45 |
| 74.82.47.5 | attack | 13 2019-08-08 18:29:55 notice Firewall Match default rule, DROP 74.82.47.5:21514 192.168.3.108:17 ACCESS BLOCK |
2019-08-08 18:45:01 |
| 5.22.208.255 | attack | port scan and connect, tcp 23 (telnet) |
2019-08-08 18:42:23 |