47.97.254.184 Threat Intelligence and Host Information

Apr 28, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 47.97.254.184 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: awsjap, bruteforce, cyber security, ioc, malicious, Nextray, phishing, redis

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 30 times
  • Protocols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10010 10012 10029 10038 10081 102 1022 10250 10348 10443 10445 10554 10892 11 11000 11182 11211 11288 11300 1153 11602 1177 1200 12000 12107 12121 12125 12130 12148 12198 12205 12226 12237 12246 12254 12259 12292 12309 12321 12327 1234 12345 12368 12389 12403 12411 12412 12421 12422 12423 12433 12462 12467 12504 12541 12543 12549 12554 12584 12587 1337 1355 1414 14265 1433 14344 14401 1458 15123 1515 1599 16003 16006 16010 16041 16102 1660 16993 17 17000 17100 1723 179 1800 1801 18035 18059 18081 18102 18245 18553 1883 1926 1952 1956 1962 1965 2000 2002 2008 20201 20256 2048 2053 20547 2066 2072 2083 2087 21 2100 21002 2121 21241 21254 2126 21260 21262 21265 21268 21291 21314 2154 22070 22345 23023 2320 2323 23424 2404 243 2435 24808 2558 2601 264 26656 26657 27015 27017 27036 2762 28015 28080 2995 30022 30025 30050 3009 3014 3021 30422 3048 30522 3057 30718 30722 3080 3081 30922 3093 311 3126 3127 3141 31522 31722 3173 31922 32022 32122 32202 32322 32444 3256 3299 3306 33060 3388 3389 3405 3524 3531 3555 3557 37777 3791 3792 4000 4063 4064 4150 41794 4282 43221 4333 4369 44158 44305 4433 4434 444 4443 4463 44818 45000 45006 4506 4528 453 45444 4572 46000 4646 47001 4734 47808 48012 4840 49 49152 49153 49502 49694 50000 50012 50073 5009 5010 50100 5025 5100 51106 51235 515 5269 53413 53805 54138 548 55080 55081 5544 55443 55475 55554 5592 5660 57780 5804 5916 59443 5986 5990 6000 60129 6134 61613 61616 61617 62078 62443 63210 6348 64738 65000 6560 666 6666 6667 6668 70 7004 7011 7014 7084 7171 7272 7433 7434 7443 7775 7887 789 7979 8009 8014 8033 8061 8075 8078 808 8081 8087 8091 8096 8104 811 8111 8118 8120 8129 8145 8160 8176 8181 8236 8237 8283 8333 8420 8429 8463 8470 8503 8505 8506 8545 8554 8579 8649 8701 8702 8731 8806 8819 8821 8830 8834 8863 8880 8889 8891 89 8907 8988 9006 9018 9040 9051 9055 9119 9134 9151 9155 9158 9160 9198 9223 9249 9252 9257 9306 9311 9315 9398 9418 9530 96 9633 9704 992 9944 998 9988 9993 9997 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465

Map

Whois Information

  • NetRange: 47.92.0.0 - 47.97.255.255
  • CIDR: 47.92.0.0/14, 47.96.0.0/15
  • NetName: APNIC
  • NetHandle: NET-47-92-0-0-1
  • Parent: NET47 (NET-47-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2015-03-02
  • Updated: 2015-03-02
  • Ref: https://rdap.arin.net/registry/ip/47.92.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 47.96.0.0 - 47.97.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • last-modified: 2023-11-28T00:58:18Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-07-30T11:55:46Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T02:02:01Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 47.96.0.0/15
  • descr: Aliyun Computing Co., LTD
  • country: CN
  • origin: AS37963
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-11-05T05:54:02Z

Links to attack logs

awsjap-redis-bruteforce-ip-list-2022-04-02 ****** ****** ******

Share on: