47.254.134.209 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 47.254.134.209 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 22/100

Host and Network Information

Tags: phishing, scam
View other sources: Spamhaus VirusTotal

Country: Germany
Network: AS45102 alibaba (us) technology co. ltd.
Noticed: 1 times
Protocols Attacked: SSH
Passive DNS Results: pegaxy-play.live 869meritking.com polkastertar.live appsushiswaps.com safepal-wallet.live debankwallet.live kingswaps.live www.kingswaps.live spacex-x2.live www.pancakesweps.com pancakesweps.com x2spacex.live app-sushiswap.com a-vax.swa-p.finance www.a-vax.swa-p.finance venus.biswapv3.com www.venus.biswapv3.com www.venus.jaxx-wallet.com venus.jaxx-wallet.com www.avax-network.swa-p.finance avax-network.swa-p.finance position.exchange.swap-s.live avax.network.swap-s.live swap-s.live www.position.exchange.swap-s.live app.venus.swap-s.live www.swap-s.live www.app.venus.swap-s.live ledgerlivewallets.com ledgerwalletlive.com binaryx.trade 1inch.media www.binaryx.secuxtechs.com binaryx.secuxtechs.com www.shiba.swa-p.finance shiba.swa-p.finance looksrare.nft-wallet.finance appzerion.com www.myetherwallet.nft-wallet.finance myetherwallet.nft-wallet.finance trezorsuite-io.com secuxtechs.com jaxx-wallet.com biswapv3.com app-gmxio.com hopexchangecrypto.com ethermine-pool.com momiswap.com trust-walletsx.online trust-walletsx.live gamaspors.com www.xuniswap.com defi-animalfarm-app.com drip-communityy.com reklamacente.info denemebonusu.ga opensea.nft-wallet.finance app-1lnchi-io.gq www.glickxc3672nxg47.ga network1lnc.ml 1lnch-connect-wallet.gq 1lnch-network.ga 1lnch-connect.gq app1lnch-io.gq ledgerlivesupdate.com 1inch-io.com benqiv2.com app-sushiswapx.com ledgerliveupdate.com sushiswapv3.com arbitrum.nft-wallet.finance www.arbitrum.nft-wallet.finance www.cryptocars.finance www.bitbox-02.com www.pancake.swa-p.finance 47-254-134-209.cprapid.com www.47-254-134-209.cprapid.com 1000cakegift-finance.tk ledgerliyev.com ledgerliye.com www-ledgerlive.com www.opensa.nft-wallet.finance www.opensea.nft-wallet.finance nft-wallet.finance legderlev.com shapeshift.finance www.paribu.swa-p.finance paribu.swa-p.finance sushiv2.live xuniswap.com sushiswapx.com usb-ledger.com www.live.ledgerrlive.com www.usb.ledgerrlive.com ledgerrlive.com suitetrezor.live cryptoplanesv2.com pegaxyv2.com ledgerwallet.finance www.usb.ledgerwallet.finance www.lives.ledgerwallet.finance www.live.ledgerwallet.finance www.live.ledgerlive.finance ledgerlive.finance www.usb.ledgerlive.finance www.live.ledgers-usa.com ledgers-usa.com ledgerr.finance www.lives.ledgerr.finance www.live.ledgerr.finance c2.dnscheguevara.com c1.dnscheguevara.com opensa.nft-wallet.live poocoin-app-bsc.com ledgerlives.com suitetrezor.com app-swapsushi.com uniswaphome.com bitbox02.finance swa-p.finance cryptocars.finance bitbox-02.com ledger-usa.com www.live.ledger-usa.com pancakaswapv2.finance sushiswapv2.com nft-wallet.live cryptocars-v2.com www.binance.com.biture.site binance.com.biture.site www.binance.com.dnscheguevara.com binance.com.dnscheguevara.com tronlink.finance blnance.site web-blnance.com www.web-blnance.com binance-apps.com opensae.finance www.opensae.finance lives.ledgar.finance www.lives.ledgar.finance live.ledgar.finance www.live.ledgar.finance dnscheguevara.com biture.site biture.live secure-ob.com

Malware Detected on Host

Count: 1 63974fbf75f2f32099b94fd7d73e162e13d3ea637fc0cab3ab2999191bc964f8

Open Ports Detected

22 80 888 8888

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

NetRange: 47.250.0.0 - 47.254.255.255
CIDR: 47.254.0.0/16, 47.252.0.0/15, 47.250.0.0/15
NetName: AL-3
NetHandle: NET-47-250-0-0-1
Parent: NET47 (NET-47-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Alibaba Cloud LLC (AL-3)
RegDate: 2016-04-15
Updated: 2017-04-26
Ref: https://rdap.arin.net/registry/ip/47.250.0.0
OrgName: Alibaba Cloud LLC
OrgId: AL-3
Address: 400 S El Camino Real, Suite 400
City: San Mateo
StateProv: CA
PostalCode: 94402
Country: US
RegDate: 2010-10-29
Updated: 2023-05-09
Comment: 1.For AliCloud IPR Infringement and Abuse Claim, please use below link with browser to report: https://intl.aliyun.com/report
Comment:
Comment: 2.For Alibaba.com and Aliexpress.com’s IPR Infringement , please use below link with browser to report: https://ipp.alibabagroup.com
Comment:
Comment: 3.For Alibaba.com and Aliexpress.com’s Abuse, please send email to those two mail lists to report: intl-abuse@list.alibaba-inc.com and abuse@alibaba-inc.com
Comment:
Comment: 4. For network issue, please send email to this mail list: aliops-goc@list.alibaba-inc.com
Ref: https://rdap.arin.net/registry/entity/AL-3
OrgNOCHandle: ALIBA-ARIN
OrgNOCName: Alibaba NOC
OrgNOCPhone: +1-408-748-1200
OrgNOCEmail: noc@list.alibaba-inc.com
OrgNOCRef: https://rdap.arin.net/registry/entity/ALIBA-ARIN
OrgAbuseHandle: NETWO4028-ARIN
OrgAbuseName: Network Abuse
OrgAbusePhone: +1-408-785-5580
OrgAbuseEmail: intl-abuse@list.alibaba-inc.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NETWO4028-ARIN
OrgTechHandle: ALIBA-ARIN
OrgTechName: Alibaba NOC
OrgTechPhone: +1-408-748-1200
OrgTechEmail: noc@list.alibaba-inc.com
OrgTechRef: https://rdap.arin.net/registry/entity/ALIBA-ARIN
NetRange: 47.254.128.0 - 47.254.191.255
CIDR: 47.254.128.0/18
NetName: ALICLOUD-GM
NetHandle: NET-47-254-128-0-1
Parent: AL-3 (NET-47-250-0-0-1)
NetType: Reassigned
OriginAS: AS45102
Customer: AliCloud (Germany) GmbH (C06869651)
RegDate: 2018-01-09
Updated: 2018-01-09
Comment: 1.For AliCloud IPR Infringement and Abuse Claim, please use below link with browser to report: https://intl.aliyun.com/report
Comment:
Comment: 2.For Alibaba.com and Aliexpress.com’s IPR Infringement , please use below link with browser to report: https://ipp.alibabagroup.com
Comment:
Comment: 3.For Alibaba.com and Aliexpress.com’s Abuse, please send email to those two mail lists to report: intl-abuse@list.alibaba-inc.com and abuse@alibaba-inc.com
Comment:
Comment: 4. For network issue, please send email to this mail list: aliops-goc@list.alibaba-inc.com
Ref: https://rdap.arin.net/registry/ip/47.254.128.0
CustName: AliCloud (Germany) GmbH
Address: Westendstrabe 28, 60325 Frankfurt am Main
City: Frankfurt
StateProv:
PostalCode:
Country: DE
RegDate: 2018-01-08
Updated: 2018-01-08
Ref: https://rdap.arin.net/registry/entity/C06869651
OrgNOCHandle: ALIBA-ARIN
OrgNOCName: Alibaba NOC
OrgNOCPhone: +1-408-748-1200
OrgNOCEmail: noc@list.alibaba-inc.com
OrgNOCRef: https://rdap.arin.net/registry/entity/ALIBA-ARIN
OrgAbuseHandle: NETWO4028-ARIN
OrgAbuseName: Network Abuse
OrgAbusePhone: +1-408-785-5580
OrgAbuseEmail: intl-abuse@list.alibaba-inc.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NETWO4028-ARIN
OrgTechHandle: ALIBA-ARIN
OrgTechName: Alibaba NOC
OrgTechPhone: +1-408-748-1200
OrgTechEmail: noc@list.alibaba-inc.com
OrgTechRef: https://rdap.arin.net/registry/entity/ALIBA-ARIN

Links to attack logs

****** ****** ******

Share on: