47.96.79.54 Threat Intelligence and Host Information

Aug 28, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 47.96.79.54 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

Tags: cyber security, ioc, malicious, Nextray, phishing
View other sources: Spamhaus VirusTotal

Country: China
Network:
Noticed: 29 times
Protocols Attacked: redis
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: jianli.luobojiang.cn chengyu.luobojiang.cn

Malware Detected on Host

Count: 1 44c4c4688c9cbcbc9c8e857e49b55497edb931c2d475f4ff0dc9eae0e8627091

Open Ports Detected

10000 10001 10024 10030 10032 10045 10048 10065 1027 1029 10399 10443 10444 10554 10911 10934 10935 1099 110 111 11112 11184 11211 11288 113 11300 1153 1181 119 1200 12000 12056 12112 12121 12132 12137 12139 12142 12152 12161 12164 12198 12237 12270 12271 12276 12301 12319 12324 12331 12341 12345 12351 12382 12387 12404 12427 12444 12452 12454 12464 12468 12478 12492 12514 12522 12529 12551 13 13001 139 14344 1458 1460 15002 1515 15555 15672 16002 16014 16016 16017 1604 16055 16066 16072 16076 16082 16084 16404 16993 17084 17184 175 17780 179 1800 1801 18027 18034 18035 18071 18087 18103 18225 1883 19 19000 1911 1926 1965 1975 1981 1982 2000 20000 20010 2008 20090 20106 2050 2066 2078 2083 2085 2087 20880 2096 2100 21025 21084 2121 21243 21246 21263 21271 21283 21290 21309 21316 21324 21357 21379 2154 2181 2221 2225 2266 23 23023 2320 2327 2332 2345 2353 2362 2404 2455 25 25001 25004 25084 25565 2560 2599 263 264 27015 2709 2761 2762 30003 3001 30011 3002 30025 3014 3050 3053 3054 3070 3082 3085 3086 311 3126 31337 3134 314 3142 31443 3148 3176 3191 3211 3260 3268 32764 32800 3301 3306 3388 3390 3402 3408 34225 3479 3500 35240 3553 3566 3568 3622 3690 36983 37 3790 389 3951 400 4000 40029 4022 4063 4157 427 4369 44158 443 4430 4434 4443 44510 446 44818 4505 4506 45555 465 46862 47990 4899 4949 49690 50000 50007 5001 5007 50112 5025 5061 5100 51200 5122 513 5222 5245 5269 5277 53400 53481 54138 5435 5446 54857 55000 55081 55443 55490 55553 55554 5598 5672 57778 57780 58000 5804 5858 587 5907 5912 5938 5984 5986 6000 6010 60129 6161 61613 61616 61617 62078 63045 63210 63256 63260 636 6379 6443 6488 65 6580 6653 666 6662 6666 6668 6686 6955 7001 7002 7004 7014 7071 7081 7083 7086 7272 7415 7443 7473 7634 7676 7778 79 7979 80 8009 8030 8035 8040 8051 8082 8085 8087 8099 8104 8108 8125 8139 8142 8159 8165 8168 8181 8187 8200 8322 8333 8343 8384 8388 8403 8425 8435 8442 8451 8454 8458 8481 8501 8505 8523 8554 8558 8575 8593 8597 8601 8649 873 8732 8816 8822 8834 887 8874 8880 8911 9000 9001 9002 9003 9022 9042 9045 9051 9052 9058 9061 9073 9082 9085 9091 9095 9143 9146 9151 9157 9166 9173 9190 9195 9197 9199 9306 9309 9389 943 9433 9488 9501 9530 9600 9761 9810 9811 9885 9926 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-20372 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-23017 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

NetRange: 47.92.0.0 - 47.97.255.255
CIDR: 47.96.0.0/15, 47.92.0.0/14
NetName: APNIC
NetHandle: NET-47-92-0-0-1
Parent: NET47 (NET-47-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2015-03-02
Updated: 2015-03-02
Ref: https://rdap.arin.net/registry/ip/47.92.0.0
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
inetnum: 47.96.0.0 - 47.97.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-ALISOFT-CN
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
last-modified: 2023-11-28T00:58:18Z
irt: IRT-ALISOFT-CN
address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
e-mail: didong.jc@alibaba-inc.com
abuse-mailbox: didong.jc@alibaba-inc.com
admin-c: ZM877-AP
tech-c: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-09-05T23:38:36Z
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2024-07-30T11:55:46Z
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen’er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
person: security trouble
e-mail: abuse@alibaba-inc.com
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen’er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
route: 47.96.0.0/15
descr: Aliyun Computing Co., LTD
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-11-05T05:54:02Z

Links to attack logs

dolondon-redis-bruteforce-ip-list-2021-03-25 aws-redis-bruteforce-ip-list-2021-04-11 ****** dotoronto-redis-bruteforce-ip-list-2021-03-28 ****** ******

Share on: