182.92.80.250 Threat Intelligence and Host Information

Sep 23, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 182.92.80.250 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: awsbah, bruteforce, cyber security, ioc, malicious, Nextray, phishing, redis

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 30 times
  • Protocols Attacked: redis
  • Countries Attacked: Bahrain, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: www.sjycjt.com sjycjt.com crm.sjycjt.com

Open Ports Detected

10000 10001 10073 10134 10143 102 1024 1025 10250 1028 104 10443 10554 10909 10911 1099 11 11000 111 11112 11210 11211 113 11300 1177 119 1200 12000 12235 1224 1234 12345 1290 13 1337 135 1355 139 1414 14147 14265 143 1433 14344 1442 1471 15 1515 1521 1599 16030 1604 16285 16992 16993 1723 1741 175 179 1801 18081 18245 1883 19 19000 1911 1926 195 1962 1981 20 2000 20000 2008 20256 2049 20547 2055 2058 2067 2081 2083 2087 20880 21 21025 21379 2150 2154 2181 22 22067 2222 2245 23 23023 2323 2345 2351 2376 2404 2455 25 25001 25105 25565 2628 264 2650 27015 27017 2761 2762 28015 30002 30003 3001 3050 3081 3091 3103 3105 3108 311 3117 3119 31337 31401 3260 3268 3270 32764 3299 3301 3306 3310 3311 3389 34125 35000 3542 3551 3569 3690 37 37777 3780 3790 3791 3838 389 39277 4000 4010 4022 4064 4157 41800 42398 4242 4243 427 4282 43 4369 44158 443 444 4443 4444 44818 4500 4506 465 4786 47990 4848 4911 49152 4949 50000 5003 5004 5006 5007 50070 5009 50100 502 5025 503 51235 515 5172 51800 5201 5269 53 54138 5432 54321 5435 54361 548 55000 554 55443 55553 55554 5560 5601 5602 5606 5609 5672 5697 593 5938 5984 5986 6000 6001 6002 6010 60129 60567 61613 61616 62078 631 63210 636 6379 666 6664 6666 6667 6668 6697 70 7001 7171 7218 7316 7415 7434 7474 7547 7548 7557 7634 7700 771 789 79 7999 80 8001 8009 8036 8040 806 8060 8069 8072 8081 8082 8083 8085 8086 8087 8089 8090 8092 8095 8098 8099 8111 8126 8181 8282 8291 83 8333 8334 8406 8407 8413 8420 8500 8545 8554 8575 8621 8623 8649 8728 873 8791 8802 8834 8847 8848 8880 8889 9000 9001 9002 9035 9041 9042 9043 9050 9051 9070 9095 9100 9102 9109 9111 9151 9160 9191 9199 9210 9218 9302 9305 9306 9389 9398 9418 9443 9530 9600 9633 9761 9876 9898 993 9943 995 9990 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387

Map

Whois Information

  • inetnum: 182.92.0.0 - 182.92.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • last-modified: 2023-11-28T00:57:12Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-07-30T11:55:46Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T02:02:01Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 182.92.80.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:34:29Z
  • route: 182.92.80.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:35:54Z

Links to attack logs

****** awsbah-redis-bruteforce-ip-list-2022-03-18 ****** ******

Share on: