180.76.54.234 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: Bruteforce, Nextray, SSH, as135377ucloud, australia, brazil, cambodia, canada, china, cowrie, cyber security, fail2ban, france, germany, group, india, ioc, italy, japan, kazakhstan, korea, malicious, mexico, phishing, singapore, ssh, ssh bruteforce, tsec
  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: haley_ssh

  • Country: China
  • Network: AS38365 beijing baidu netcom science and technology co. ltd.
  • Noticed: 21 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: manage.silkroadata.com img.silkroadata.com api1.silkroadata.com www.silkroadata.com silkroadata.com

Malware Detected on Host

Count: 7 b6442d3cbc4aed9d190488e7497a6d26f9b5f61ce02dab37a211610e5a4f93fe 85707d1bdb3e976958523fef9ffbe963eafd391648f6868a4ef60d10ca8c6b90 c07de41e8eb4b39e6abaf65281a58033096aee5f1364c8a57f19fab12c979083 1976ff53fb5315bbb2bb8b637b4a56aa46b6a657a7d6eb1200d19d863eb5c64e f142997ed78dfa317e55e895c76d952236fbd6ca953ccfe3502e6da57507bd3a 37dc44a5c0dfb3ba195c2e82a7627daff3b70cc814a7dacf9c03fa6f8a9d0381 fb2a8a979bfef059acc5a67c672d9924e59f81b3c01a1c216a4978d8ba42ca8a

Open Ports Detected

80 9200 9300

Map

Whois Information

  • inetnum: 180.76.0.0 - 180.76.255.255
  • netname: Baidu
  • descr: Beijing Baidu Netcom Science and Technology Co., Ltd.
  • descr: Baidu Plaza, No.10, Shangdi 10th street,
  • descr: Haidian District Beijing,100080
  • country: CN
  • admin-c: ZYK12-AP
  • tech-c: ZYK12-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-CNNIC-CN
  • last-modified: 2021-06-16T01:32:42Z
  • irt: IRT-CNNIC-CN
  • address: Beijing, China
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-06-16T01:39:57Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Zhang Yukun
  • address: No.6 2nd North Street Haidian District Beijing
  • country: CN
  • phone: +86-18601350601
  • e-mail: [email protected]
  • nic-hdl: ZYK12-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2022-03-10T03:16:02Z
  • route: 180.76.0.0/16
  • descr: Baidu
  • country: CN
  • origin: AS38365
  • notify: [email protected]
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2015-01-14T05:56:02Z
  • route: 180.76.0.0/16
  • descr: Baidu
  • country: CN
  • origin: AS55967
  • notify: [email protected]
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2015-08-14T09:52:01Z

Links to attack logs

bruteforce-ip-list-2020-04-19 bruteforce-ip-list-2020-05-27 bruteforce-ip-list-2020-06-05