159.75.217.189 Threat Intelligence and Host Information

Share on:

Mar 10, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

Tags: awsau, awsjap, bruteforce, redis, tsec
View other sources: Spamhaus VirusTotal
Contained within other IP sets: ciarmy
Country: China
Network: AS45090 shenzhen tencent computer systems company limited
Noticed: 27 times
Protcols Attacked: redis
Countries Attacked: Australia, Japan

Open Ports Detected

1883 22 27017 3306 5672 8848 9999

CVEs Detected

CVE-2021-3711 CVE-2021-3712 CVE-2021-4160 CVE-2022-0778 CVE-2022-1292 CVE-2022-2068 CVE-2022-2097 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286

Map

Whois Information

NetRange: 159.75.0.0 - 159.75.255.255
CIDR: 159.75.0.0/16
NetName: APNIC
NetHandle: NET-159-75-0-0-1
Parent: NET159 (NET-159-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2018-02-20
Updated: 2018-02-20
Ref: https://rdap.arin.net/registry/ip/159.75.0.0
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
inetnum: 159.75.0.0 - 159.75.255.255
netname: TENCENT-CN
descr: Tencent Cloud Computing (Beijing) Co., Ltd
descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District
country: CN
org: ORG-TCCC1-AP
admin-c: TCA15-AP
tech-c: TCA15-AP
abuse-c: AT992-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-TENCENT-CN
mnt-routes: MAINT-TENCENT-CN
mnt-irt: IRT-TENCENT-CN
last-modified: 2020-07-22T13:10:59Z
irt: IRT-TENCENT-CN
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: TCA15-AP
tech-c: TCA15-AP
mnt-by: MAINT-COMSENZ1-CN
last-modified: 2022-12-05T03:39:36Z
organisation: ORG-TCCC1-AP
org-name: Tencent Cloud Computing (Beijing) Co., Ltd
country: CN
address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District.
phone: +86-10-62671299
fax-no: +86-10-82602088-41299
e-mail: [email protected]
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2017-08-20T22:54:05Z
role: ABUSE TENCENTCN
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
country: ZZ
phone: +000000000
e-mail: [email protected]
admin-c: TCA15-AP
tech-c: TCA15-AP
nic-hdl: AT992-AP
abuse-mailbox: [email protected]
mnt-by: APNIC-ABUSE
last-modified: 2022-12-05T03:39:40Z
role: Tencent Cloud administrator
address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080
country: CN
phone: +86-10-62671299
e-mail: [email protected]
admin-c: TCA15-AP
tech-c: TCA15-AP
nic-hdl: TCA15-AP
mnt-by: MAINT-AP-DIALPAD
fax-no: +86-10-62671299
last-modified: 2017-04-04T10:34:03Z
route: 159.75.0.0/16
origin: AS45090
descr: Tencent Cloud Computing (Beijing) Co., Ltd
mnt-by: MAINT-TENCENT-CN
last-modified: 2020-02-24T07:35:25Z

Links to attack logs

awsjap-redis-bruteforce-ip-list-2022-02-13 awsjap-redis-bruteforce-ip-list-2021-12-27 awsau-redis-bruteforce-ip-list-2022-01-22 awsau-redis-bruteforce-ip-list-2021-12-21 awsjap-redis-bruteforce-ip-list-2022-03-11 awsjap-redis-bruteforce-ip-list-2021-12-17 awsau-redis-bruteforce-ip-list-2021-12-27 awsjap-redis-bruteforce-ip-list-2022-01-15