47.107.116.63 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 47.107.116.63 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 39/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 29 times
  • Protocols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: awesome-keller.hkatv.vip agitated-noyce.hkatv.vip practical-euler.hkatv.vip beautiful-burnell.hkatv.vip tender-thompson.hkatv.vip lucid-edison.hkatv.vip jovial-goodall.hkatv.vip blissful-leakey.hkatv.vip awesome-bardeen.hkatv.vip sleepy-mestorf.hkatv.vip hooks.hkatv.vip kind-gauss.hkatv.vip sharp-jepsen.hkatv.vip naughty-spence.hkatv.vip priceless-cray.hkatv.vip mystifying-grothendieck.hkatv.vip elated-montalcini.hkatv.vip zealous-hoover.hkatv.vip eager-ganguly.hkatv.vip cocky-kowalevski.hkatv.vip elated-goodall.hkatv.vip keen-sammet.hkatv.vip cranky-northcutt.hkatv.vip youthful-allen.hkatv.vip angry-moser.hkatv.vip crazy-booth.hkatv.vip zealous-davinci.hkatv.vip serene-boyd.hkatv.vip quizzical-visvesvaraya.hkatv.vip competent-hypatia.hkatv.vip epic-haibt.hkatv.vip magical-burnell.hkatv.vip laughing-wozniak.hkatv.vip intelligent-knuth.hkatv.vip goofy-grothendieck.hkatv.vip interesting-lehmann.hkatv.vip vigorous-wu.hkatv.vip elastic-panini.hkatv.vip angry-dirac.hkatv.vip eager-kirch.hkatv.vip recursing-napier.hkatv.vip optimistic-cori.hkatv.vip vigilant-kare.hkatv.vip suspicious-hawking.hkatv.vip lucid-perlman.hkatv.vip relaxed-mendel.hkatv.vip brave-chaplygin.hkatv.vip practical-feistel.hkatv.vip interesting-clarke.hkatv.vip zealous-goodall.hkatv.vip tender-bardeen.hkatv.vip sharp-brattain.hkatv.vip loving-liskov.hkatv.vip zealous-dijkstra.hkatv.vip musing-swartz.hkatv.vip quizzical-hoover.hkatv.vip strange-bell.hkatv.vip busy-tharp.hkatv.vip elegant-elbakyan.hkatv.vip exciting-chatelet.hkatv.vip sad-chatterjee.hkatv.vip dazzling-hellman.hkatv.vip relaxed-poitras.hkatv.vip admiring-raman.hkatv.vip cdn.hkatv.vip trusting-ganguly.hkatv.vip m.hkatv.vip

Open Ports Detected

6379 80 8800

CVEs Detected

CVE-2021-3618 CVE-2023-44487

Map

Whois Information

  • NetRange: 47.98.0.0 - 47.112.255.255
  • CIDR: 47.104.0.0/13, 47.112.0.0/16, 47.100.0.0/14, 47.98.0.0/15
  • NetName: APNIC
  • NetHandle: NET-47-98-0-0-1
  • Parent: NET47 (NET-47-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2015-04-01
  • Updated: 2015-04-01
  • Ref: https://rdap.arin.net/registry/ip/47.98.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 47.104.0.0 - 47.111.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • last-modified: 2023-11-28T00:58:17Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T02:02:01Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 47.104.0.0/13
  • descr: Hangzhou Alibaba Advertising Co.,Ltd.
  • country: CN
  • origin: AS37963
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2019-08-07T23:28:06Z
  • route: 47.104.0.0/13
  • descr: Alibaba (US) Technology Co., Ltd.
  • country: CN
  • origin: AS45102
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2019-08-07T23:28:05Z

Links to attack logs

****** awsau-redis-bruteforce-ip-list-2021-09-08 ****** ******

Share on: