115.29.203.138 Threat Intelligence and Host Information

Jun 02, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 115.29.203.138 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: awsjap, bruteforce, cyber security, ioc, ip monitor, malicious, Nextray, phishing, redis, Scanner, scanning, smtp, ssh, tcp, UK Based, Webattack

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: huangxinhua.top

Open Ports Detected

10000 10002 10008 10020 10029 10031 102 1023 10251 10380 10393 104 10444 10554 1080 10909 10911 1099 110 11000 11001 11112 11210 11211 113 1153 11681 1177 1198 1200 12118 12122 12133 12166 12196 12198 122 12206 12208 12258 12264 12270 12273 12279 12281 12293 12306 12308 12315 12326 1234 12345 12360 12362 12367 12381 12389 12394 12397 12405 12409 12415 12423 12432 12433 12458 12498 12499 12537 12544 12553 12555 12559 12564 12566 12568 12574 13001 13084 13128 1337 14101 14130 1414 14184 14265 143 14344 1456 1494 15 15044 15084 1521 1599 16005 16029 16039 1604 16046 16060 16067 16083 16091 16993 17 1723 179 1800 18004 1801 18023 18028 18032 18048 18059 18067 18081 18085 18087 18091 18101 18239 18245 18765 1883 19000 19090 19233 1953 1962 2 20 2000 20001 2002 2003 20040 2008 20080 20256 2052 20547 2057 2067 2070 2072 2085 2087 20880 20894 2095 21 21025 2107 21082 21243 21262 21268 21272 21276 21291 21311 21313 21319 21322 2222 22345 2271 2327 2332 2345 2351 2376 24 2404 24082 2455 25001 2550 2554 25565 2560 2563 2628 264 27015 2762 28015 285 30002 30003 30006 30009 3001 30017 30027 3022 30479 3050 3052 3080 3081 30894 311 3118 3120 3139 3142 3144 3155 3161 3182 3183 3195 3197 32102 32444 3268 32764 3299 3310 3389 340 3403 34225 35000 35241 3530 3550 37 37215 37777 3780 3791 38 389 3950 4000 4063 4064 4150 4155 4157 4160 4190 42208 4282 43 4369 44158 44308 4433 44332 444 4444 4445 44510 44818 4500 45001 4506 4572 45777 46000 462 4786 47990 480 48013 4840 4933 4949 50000 50004 5001 50010 5006 5007 5010 50100 50103 50112 502 5022 50257 503 5053 5093 50995 51003 51004 5105 513 515 5172 5201 5228 5241 5242 5250 5251 5255 5264 5268 5269 53 53484 54138 5435 548 5500 55081 55388 554 55553 5594 5607 58532 593 5938 5984 6000 6002 60129 6161 61616 62078 63210 63260 63676 6380 6443 6510 6603 6666 6668 6887 70 7001 7006 7015 7218 7415 7500 7537 7548 7634 7654 7878 789 8009 8023 8026 8030 8032 8034 8036 8043 8049 8073 8081 8082 8083 8087 8094 8099 811 8126 8139 8148 8153 8184 8203 8248 8250 8283 8409 8425 8432 8436 8493 85 8500 8505 8554 8557 8571 8577 8578 8623 8641 8649 8708 873 8779 8801 8834 8847 8855 8859 8861 8889 8913 8993 9000 9020 9021 9040 9042 9047 9051 9073 9077 9085 9095 9098 9102 9112 9115 9119 9151 9213 9244 9256 9257 9306 9312 9333 9398 9507 9530 9633 9682 9761 9876 9908 9916 9929 993 9943 995 9966 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • inetnum: 115.28.0.0 - 115.29.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • last-modified: 2023-11-28T00:56:55Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-07-30T11:55:46Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T02:02:01Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 115.28.0.0/15
  • descr: Hangzhou Alibaba Advertising Co.,Ltd.
  • country: CN
  • origin: AS37963
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2019-08-07T23:28:03Z
  • route: 115.28.0.0/15
  • descr: Alibaba (US) Technology Co., Ltd.
  • country: CN
  • origin: AS45102
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2019-08-07T23:28:02Z

Links to attack logs

awsjap-redis-bruteforce-ip-list-2022-04-02 ****** awsbah-redis-bruteforce-ip-list-2022-02-10 ****** ******

Share on: