47.97.119.127 Threat Intelligence and Host Information

Aug 19, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 47.97.119.127 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

Tags: awsindia, bruteforce, cyber security, ioc, malicious, Nextray, phishing, redis, Scanner, scanning, smtp, ssh, tcp, Webattack
View other sources: Spamhaus VirusTotal

Country: China
Network:
Noticed: 50 times
Protocols Attacked: redis
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, India, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 1 1bbcb37f678e0771aafc4e1677f70105575441297b2d2cd90abdd44e2a55a1f1

Open Ports Detected

1002 10037 10044 10068 10134 102 10225 1023 1025 10250 10443 1080 10933 1099 110 11001 111 11112 113 11300 1153 11920 1200 12000 12126 12129 12154 12175 12188 12191 12195 12214 12267 12268 12307 12325 12335 12345 12387 12398 12413 12428 12440 12458 12482 12519 12542 12558 12574 13 13333 1337 1365 14147 143 1433 14344 14900 15503 15504 1599 16023 16042 16047 16068 16088 16094 16601 16666 16993 17 17010 17082 1723 175 17780 179 180 1800 1801 18015 18028 18032 18048 18055 18060 18068 18072 18077 18105 18106 18200 18245 1883 189 19000 1901 19082 19084 1926 1962 1971 2000 20000 2003 20080 2010 20106 20121 20182 2031 20547 20600 2067 2072 20800 2081 2085 2087 21 21001 21025 21084 21200 21234 21236 21244 21255 2126 21313 21316 21379 21500 2181 22556 23 23023 23184 2323 2345 2404 243 2433 2455 25 25084 25565 25952 264 27017 2762 28818 30002 30003 30008 3001 30013 30021 30023 30111 3016 3042 3050 3063 3070 30700 3072 3073 3078 3088 3105 311 3110 31444 3178 3260 3268 3269 32764 3306 3310 3388 35000 35100 3557 3561 3562 3790 389 4063 4064 40894 4117 4150 4157 4242 42420 427 4282 43 4321 4369 4400 4433 44332 4434 444 4445 44818 4500 4502 4520 45667 45786 46001 462 4840 4899 49 50000 50004 50006 5001 5006 5007 5009 50101 50103 50112 50580 50805 513 515 5172 5201 5222 5234 5242 5258 53 53485 54138 5432 548 55000 5523 554 55443 555 55554 5567 5591 5596 5605 5660 5672 5680 5858 593 5938 6000 6001 6002 60129 6061 61616 62078 6264 63210 63260 636 6379 6380 6488 6602 666 6661 6666 6667 6668 70 7001 7083 7218 7283 7434 7443 7465 7473 7535 7547 789 79 7980 8009 8028 8030 806 8081 8083 8085 8087 8089 809 8126 8131 8139 8157 8159 8181 8300 8333 8430 8441 8500 8545 8564 8575 8576 8591 8637 8649 8666 8732 8782 8791 8809 8813 8834 8837 8839 8842 8852 8883 8884 8889 9001 9014 9016 9038 9044 9056 9077 9091 9095 9100 9111 9133 9147 9149 9173 9199 9210 9215 9242 9306 9308 9312 9333 9398 9418 9530 9550 9600 9633 9663 9711 9761 9876 9898 9899 9902 9943 9991 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-10088 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

NetRange: 47.92.0.0 - 47.97.255.255
CIDR: 47.96.0.0/15, 47.92.0.0/14
NetName: APNIC
NetHandle: NET-47-92-0-0-1
Parent: NET47 (NET-47-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2015-03-02
Updated: 2015-03-02
Ref: https://rdap.arin.net/registry/ip/47.92.0.0
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
inetnum: 47.96.0.0 - 47.97.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-ALISOFT-CN
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
last-modified: 2023-11-28T00:58:18Z
irt: IRT-ALISOFT-CN
address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
e-mail: didong.jc@alibaba-inc.com
abuse-mailbox: didong.jc@alibaba-inc.com
admin-c: ZM877-AP
tech-c: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-09-05T23:38:36Z
role: ABUSE CNNICCN
country: ZZ
address: Beijing, China
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2024-07-30T11:55:46Z
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:12:42Z
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen’er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
person: security trouble
e-mail: abuse@alibaba-inc.com
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2025-07-01T07:06:11Z
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen’er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: abuse@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2025-07-01T07:05:46Z
route: 47.96.0.0/15
descr: Aliyun Computing Co., LTD
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-11-05T05:54:02Z

Links to attack logs

Share on: