180.76.137.131 Threat Intelligence and Host Information

Sep 20, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 180.76.137.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS38365 beijing baidu netcom science and technology co. ltd.
  • Noticed: 29 times
  • Protocols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

22 3306 80 8060 88

CVEs Detected

CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-22570 CVE-2021-23017 CVE-2021-3618 CVE-2022-21412 CVE-2022-21417 CVE-2022-21425 CVE-2022-21427 CVE-2022-21444 CVE-2022-21451 CVE-2022-21454 CVE-2022-21460 CVE-2022-21478 CVE-2022-21479 CVE-2022-21482 CVE-2022-21483 CVE-2022-21484 CVE-2022-21485 CVE-2022-21486 CVE-2022-21489 CVE-2022-21592 CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21605 CVE-2022-21607 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21635 CVE-2022-21637 CVE-2022-21638 CVE-2022-21640 CVE-2022-21641 CVE-2022-39400 CVE-2022-39402 CVE-2022-39403 CVE-2022-39408 CVE-2022-39410 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 CVE-2023-22007 CVE-2023-22015 CVE-2023-22026 CVE-2023-22028 CVE-2023-22032 CVE-2023-22059 CVE-2023-22064 CVE-2023-22065 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22104 CVE-2023-22110 CVE-2023-22111 CVE-2023-22112 CVE-2023-22113 CVE-2023-22114 CVE-2023-22115 CVE-2023-44487 CVE-2024-20961 CVE-2024-20963 CVE-2024-20965 CVE-2024-20967 CVE-2024-20969 CVE-2024-20971 CVE-2024-20973 CVE-2024-20977 CVE-2024-20981 CVE-2024-20983 CVE-2024-20985 CVE-2024-21165 CVE-2024-21171

Map

Whois Information

  • inetnum: 180.76.0.0 - 180.76.255.255
  • netname: Baidu
  • descr: Beijing Baidu Netcom Science and Technology Co., Ltd.
  • descr: Baidu Plaza, No.10, Shangdi 10th street,
  • descr: Haidian District Beijing,100080
  • country: CN
  • admin-c: BN261-AP
  • tech-c: BN261-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-BAIDU-CN
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • last-modified: 2024-03-11T23:29:37Z
  • irt: IRT-Baidu-CN
  • address: 12f,lixiang building ,zhongguancun,beijing
  • e-mail: huxin05@baidu.com
  • abuse-mailbox: huxin05@baidu.com
  • admin-c: ZKY3-AP
  • tech-c: ZKY3-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:37Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-07-30T11:55:46Z
  • person: Baidu Noc
  • address: Baidu Campus,NO.10 Shangdi 10th Street,Haidian District,Beijing The People’s Republic of China 100085
  • country: CN
  • phone: +86-18110062082
  • e-mail: noc@baidu.com
  • nic-hdl: BN261-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2024-03-11T23:28:23Z
  • route: 180.76.137.0/24
  • descr: Baidu
  • country: CN
  • origin: AS38365
  • notify: zhangyukun@baidu.com
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2015-07-23T09:22:02Z
  • route: 180.76.137.0/24
  • descr: Baidu
  • country: CN
  • origin: AS55967
  • notify: zhangyukun@baidu.com
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2017-03-13T07:36:02Z

Links to attack logs

****** aws-redis-bruteforce-ip-list-2021-07-12 awsjap-redis-bruteforce-ip-list-2021-08-26 ****** ******

Share on: