8.149.128.82 Threat Intelligence and Host Information

Mar 26, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 8.149.128.82 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Tags: atif feed, banlist feed, binary defense, Brute-Forc, brute force, bruteforce, Bruteforce, Brute-Force, cowrie, info, notice, ssh, SSH
View other sources: Spamhaus VirusTotal

Country: Singapore
Network:
Noticed: 6 times
Protocols Attacked: ssh
Countries Attacked: Australia

Open Ports Detected

10001 10004 10018 10029 10037 10040 10045 10134 102 1025 10250 104 10892 10933 1099 110 11000 11002 11112 11288 113 11602 11680 1177 1200 12105 12110 12143 12176 12180 122 12216 12217 12222 12260 12286 12309 12332 12389 12390 12442 12459 12514 12515 12540 12551 12574 12576 12588 1337 1414 14147 14265 1433 14344 14404 15 1515 1521 15443 1599 16029 1604 16074 16094 16464 16667 175 179 1800 18025 18027 18031 18035 18040 18057 18066 18081 18098 18239 18245 18443 1883 19000 1911 19200 1926 195 1982 1985 19998 2000 2003 2008 20182 20202 20256 2048 2053 20547 2083 2087 20880 2101 21025 21083 2121 21282 21305 21308 21330 21379 21443 2154 22000 22069 221 2222 2226 2248 2259 23023 23182 2404 24442 2455 25 25001 2525 25565 26 2601 263 264 27036 2762 28015 28017 30001 30003 30022 30050 3013 30222 30303 3047 3050 30894 3092 311 3111 31122 31337 3139 31443 3163 3173 3175 3181 31822 31922 32022 3256 3260 3268 3299 33122 3342 33622 33722 33822 35000 35122 35422 36622 37 37022 37322 37522 37777 38080 38333 38880 38922 39022 39222 4000 40522 41522 4242 42422 427 4282 42901 43 4333 44158 4433 44500 44520 44818 4500 4506 48018 48322 4840 48522 487 49 49080 49152 49682 50000 50003 5001 50050 5006 50070 5009 5010 50104 50122 5070 50777 50995 51001 51004 513 51443 52022 5226 5243 5253 5273 53 53805 541 54138 5435 54984 55000 554 55422 55442 55443 55522 55553 55554 5557 5567 5672 5696 57922 58000 58522 5858 59322 5938 6000 60001 6002 60129 6036 6060 61616 61617 62443 6262 63260 6379 646 6633 6661 6666 6667 6668 6697 6748 70 7001 7012 7087 7171 7218 7415 7434 7548 7778 79 7980 80 8000 8001 8009 8047 8077 8087 8089 81 8149 8165 8200 8237 8291 8384 8430 8435 8445 8454 8500 8545 8558 8562 8573 8580 8587 8588 8593 8595 873 8745 8779 8787 8806 8826 8834 8846 8854 8899 8907 90 9026 9028 9042 9051 9060 9061 9091 9096 9130 9151 9154 9160 9173 9184 9188 9212 9230 9243 9246 9283 9306 9308 9418 9501 9530 9600 9804 9929 993 995 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465

Map

Whois Information

NetRange: 8.128.0.0 - 8.191.255.255
CIDR: 8.128.0.0/10
NetName: APNIC
NetHandle: NET-8-128-0-0-1
Parent: NET8 (NET-8-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2018-04-24
Updated: 2018-04-24
Ref: https://rdap.arin.net/registry/ip/8.128.0.0
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
inetnum: 8.128.0.0 - 8.159.255.255
netname: ALICLOUD
descr: Aliyun Computing Co.LTD
country: CN
admin-c: ASEP1-AP
tech-c: ASEP1-AP
abuse-c: AA1926-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-ASEPL-SG
mnt-irt: IRT-ASEPL-SG
last-modified: 2021-04-14T01:11:45Z
irt: IRT-ASEPL-SG
e-mail: abuse@alibaba-inc.com
abuse-mailbox: abuse@alibaba-inc.com
admin-c: ASEP1-AP
tech-c: ASEP1-AP
mnt-by: MAINT-ASEPL-SG
last-modified: 2024-10-08T07:53:08Z
role: ABUSE ASEPLSG
country: ZZ
phone: +000000000
e-mail: abuse@alibaba-inc.com
admin-c: ASEP1-AP
tech-c: ASEP1-AP
nic-hdl: AA1926-AP
abuse-mailbox: abuse@alibaba-inc.com
mnt-by: APNIC-ABUSE
last-modified: 2024-10-08T08:00:34Z
role: Alibabacom Singapore E-Commerce Private Limited a
country: SG
phone: +86-571-85022088
fax-no: +86-571-85022088
e-mail: anti-spam@list.alibaba-inc.com
admin-c: ASEP1-AP
tech-c: ASEP1-AP
nic-hdl: ASEP1-AP
mnt-by: MAINT-ASEPL-SG
last-modified: 2015-12-10T01:04:19Z
route: 8.149.128.0/24
origin: AS37963
descr: Alibaba.com Singapore E-Commerce Private Limited
mnt-by: MAINT-ASEPL-SG
last-modified: 2020-02-25T10:12:10Z

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-02-16

Share on: