8.136.212.2 Threat Intelligence and Host Information
Share on:General
This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.
Likely Malicious Host 🟠 57/100
Host and Network Information
- Tags: Nextray, aws, awsindia, bruteforce, cyber security, ioc, la, lafusioncenter, louisiana, malicious, phishing, redis, tsec
- View other sources: Spamhaus VirusTotal
-
Contained within other IP sets: gpf_comics, hphosts_fsa, nullsecure
- Country: China
- Network: AS37963 hangzhou alibaba advertising co. ltd.
- Noticed: 23 times
- Protcols Attacked: redis
- Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, India, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Malware Detected on Host
Count: 2 415801c74e053124f154bc3b4189f829b800ad1bdab4901a7f14a2ca5aff8524 415801c74e053124f154bc3b4189f829b800ad1bdab4901a7f14a2ca5aff8524
Open Ports Detected
CVEs Detected
CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617
Map
Whois Information
- NetRange: 8.128.0.0 - 8.191.255.255
- CIDR: 8.128.0.0/10
- NetName: APNIC
- NetHandle: NET-8-128-0-0-1
- Parent: NET8 (NET-8-0-0-0-0)
- NetType: Early Registrations, Transferred to APNIC
- OriginAS:
- Organization: Asia Pacific Network Information Centre (APNIC)
- RegDate: 2018-04-24
- Updated: 2018-04-24
- Ref: https://rdap.arin.net/registry/ip/8.128.0.0
- OrgName: Asia Pacific Network Information Centre
- OrgId: APNIC
- Address: PO Box 3646
- City: South Brisbane
- StateProv: QLD
- PostalCode: 4101
- Country: AU
- RegDate:
- Updated: 2012-01-24
- Ref: https://rdap.arin.net/registry/entity/APNIC
- OrgAbuseHandle: AWC12-ARIN
- OrgAbuseName: APNIC Whois Contact
- OrgAbusePhone: +61 7 3858 3188
- OrgAbuseEmail: [email protected]
- OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
- OrgTechHandle: AWC12-ARIN
- OrgTechName: APNIC Whois Contact
- OrgTechPhone: +61 7 3858 3188
- OrgTechEmail: [email protected]
- OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
- inetnum: 8.128.0.0 - 8.159.255.255
- netname: ALICLOUD
- descr: Aliyun Computing Co.LTD
- country: CN
- admin-c: ASEP1-AP
- tech-c: ASEP1-AP
- abuse-c: AA1926-AP
- status: ALLOCATED NON-PORTABLE
- mnt-by: MAINT-ASEPL-SG
- mnt-irt: IRT-ASEPL-SG
- last-modified: 2021-04-14T01:11:45Z
- irt: IRT-ASEPL-SG
- e-mail: [email protected]
- abuse-mailbox: [email protected]
- admin-c: ASEP1-AP
- tech-c: ASEP1-AP
- mnt-by: MAINT-ASEPL-SG
- last-modified: 2023-03-17T01:27:26Z
- role: ABUSE ASEPLSG
- country: ZZ
- phone: +000000000
- e-mail: [email protected]
- admin-c: ASEP1-AP
- tech-c: ASEP1-AP
- nic-hdl: AA1926-AP
- abuse-mailbox: [email protected]
- mnt-by: APNIC-ABUSE
- last-modified: 2023-03-17T01:28:27Z
- role: Alibabacom Singapore E-Commerce Private Limited a
- country: SG
- phone: +86-571-85022088
- fax-no: +86-571-85022088
- e-mail: [email protected]
- admin-c: ASEP1-AP
- tech-c: ASEP1-AP
- nic-hdl: ASEP1-AP
- mnt-by: MAINT-ASEPL-SG
- last-modified: 2015-12-10T01:04:19Z
- route: 8.136.212.0/24
- origin: AS37963
- descr: Alibaba.com Singapore E-Commerce Private Limited
- mnt-by: MAINT-ASEPL-SG
- last-modified: 2020-02-25T09:30:37Z
Links to attack logs
awsindia-redis-bruteforce-ip-list-2022-01-17 redis-bruteforce-ip-list-2021-09-18 aws-redis-bruteforce-ip-list-2021-07-16