47.99.116.131 Threat Intelligence and Host Information

Oct 20, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 47.99.116.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 29 times
  • Protocols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: music.iqimeng.com iqimeng.top

Open Ports Detected

10002 10008 10010 10033 10048 10065 10134 10180 102 1023 10250 1063 1080 10933 10936 11082 111 113 1153 1177 1180 11920 12001 12135 12143 12162 12165 12193 12195 12198 122 12236 12247 12250 12263 12265 12290 12296 12297 12300 12325 12329 12334 12335 1234 12345 12374 12392 12426 12427 12443 12445 12457 12490 12503 12511 12529 12536 12545 12548 12549 12563 12564 12583 1337 1343 1365 1377 1387 1414 14523 14909 15 1515 1599 16024 16034 1604 16040 16057 16063 16065 16082 16088 16800 16993 17010 1723 177 17779 179 1800 18006 18018 18023 18043 18048 18052 18109 18113 18182 18264 1833 1883 19 1911 19233 1926 195 1962 1976 1981 2002 2003 2008 2010 20256 20547 2067 2081 2083 2087 2100 21025 21239 21249 21275 21289 21294 21317 21381 2154 2181 2200 221 2223 23182 2345 2404 2433 25 25001 25002 25004 25006 25082 25565 26 27015 30002 30003 3001 3006 3008 30113 3022 30468 3073 3085 311 3138 3142 3183 3192 3196 32202 3260 3268 32764 3306 33060 3307 3310 33389 3388 3389 3410 35000 3551 3553 35560 3558 3561 3569 3590 37080 37777 3780 389 4010 4022 40471 4063 40894 4100 4104 4148 4157 4250 427 4282 43 4321 44158 4432 4433 44334 44365 44399 444 4443 44818 4500 45003 4506 4524 462 4786 47990 48012 48888 49153 49682 49690 49767 50000 5006 5007 5009 5010 50104 502 5061 50777 5093 51007 51235 513 51434 515 5172 5209 5222 5234 5238 5269 52931 53 53482 53805 54138 5432 5435 548 55000 55080 55443 55553 55554 5594 5672 5680 5701 5853 587 593 5938 5984 5995 6002 6006 60129 61613 61616 62078 63256 63260 636 6379 6505 6513 6544 6560 6588 6662 6666 6668 6686 6775 7001 7071 7079 7171 7218 7434 7443 7634 771 7780 789 79 8009 801 8017 8025 805 8077 8083 8089 8091 8094 8126 8143 8148 8168 8175 8181 8189 8238 8250 8340 8343 8404 8405 8423 8431 8441 8453 8485 8524 8531 8540 8545 8549 8567 8578 8583 8600 8728 873 8732 880 8809 8889 9000 9001 9020 9021 9029 9043 9050 9051 9076 9086 9100 9108 9114 9115 9158 9159 9160 9175 9177 9185 9204 9221 9291 9304 9306 9333 9353 9393 9398 9500 9515 9600 9633 9690 9761 993 9943 9992 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • NetRange: 47.98.0.0 - 47.112.255.255
  • CIDR: 47.104.0.0/13, 47.98.0.0/15, 47.112.0.0/16, 47.100.0.0/14
  • NetName: APNIC
  • NetHandle: NET-47-98-0-0-1
  • Parent: NET47 (NET-47-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2015-04-01
  • Updated: 2015-04-01
  • Ref: https://rdap.arin.net/registry/ip/47.98.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 47.98.0.0 - 47.99.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • last-modified: 2023-11-28T00:58:18Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-09-19T17:20:32Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-07-01T07:12:42Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: abuse@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2025-07-01T07:06:11Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: abuse@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-07-01T07:05:46Z
  • route: 47.99.0.0/16
  • descr: Aliyun Computing Co., LTD
  • country: CN
  • origin: AS45102
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2018-01-19T08:12:02Z

Links to attack logs

aws-redis-bruteforce-ip-list-2021-07-11 ****** ****** ******

Share on: