106.11.172.51 Threat Intelligence and Host Information
General
This page contains threat intelligence information for the IPv4 address 106.11.172.51 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Potentially Malicious Host 🟡 32/100
Host and Network Information
-
Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter
-
Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong
-
View other sources: Spamhaus VirusTotal
- Country: China
- Network: AS37963 hangzhou alibaba advertising co. ltd.
- Noticed: 1 times
- Protcols Attacked: SSH
- Passive DNS Results: 2023cm.com oak.kim beian.aliyun.com tvka.cn ynding.fun mailsso.aliyun.com alibaba-tam.com aliyun-ltd.com msea.aliyun.com www.junnp03.xyz ba.gein.cn beian.gein.cn mailopen-netdisk.aliyun.com mailhelp.aliyun.com www.95bok.cn ht0428.xmcm168.com m.xmcm168.com exmail.aliyun.com sh.wagbridge.aliyun.aliyun.com caldav.aliyun.com wan.pp.ua www.misaya.ltd 16882020.xyz myycu.cn wlan.pp.ua kdai.net fuliyun.net appjun.com 27bao.com denglijunying.top aicrowd.aliyun.com demine.top help-ccs.aliyun.com bridge.aliyun.com aliyunk.top panda.www.net.cn dc.www.net.cn api.aliyun.com dns.www.net.cn lengqie.live tools.aliyun.com dgaddr.com microdingtalk.aliyun.com dmp.www.net.cn pandavip.www.net.cn cschat-ccs.aliyun.com feedback.console.aliyun.com console.aliyun.com domain.aliyun.com account.www.net.cn 106.11.172.51 huijiadizhi.xyz xuyingfu.xyz bbs.aliyun.com aliyun-adns.aliyun.com.gds.alibabadns.com aliyun.com
Malware Detected on Host
Count: 21 c5ea5f5dc17f6a11c59bfc3080df80ebdaa74790d046ffc5dbb98d08edfeeadf 6771288fd706c39982b2784653beab9694aef07d1cb77aebc820e1ff2fd2a7c8 399ee2c92ec77a3ab0d8544bab13f49a5acd08298f14fbf2b89291494ef71906 4b6dc2efaed2ad3877e9ee7c49780149570517d3598fd6b4ff2ce0920b5c0cab ffc976ed5d3fa00547057f73bce983ff0fea3a65c01244e5292b3b8a55a88433 08e29cc97153e53eee4654b1301fe9992be7fbad9bc7d1b6a6553aea4826549a 815545d9c728cc18b1f1210acd7c24d40f76e596ec4c8c43238b2b0bb6d684c7 e28fdb860a04f10386f8c0fcdd04e71e1b38306909645853725273cf8876940c 23bfca1375f3403bc8ac8537b6027ad852342bf60cffa5845818891bade188fc e2ce34ba00e4c7e82ffd16359c2ac13b2cf9266eb6dd9eab1deb967e39163817
Map
Whois Information
- inetnum: 106.11.0.0 - 106.11.255.255
- netname: Taobao
- descr: Zhejiang Taobao Network Co.,Ltd
- descr: 2nd floor, Westlake International technology Building
- descr: 391Wener Road, Hangzhou, China
- country: CN
- admin-c: ZM678-AP
- tech-c: ZM877-AP
- tech-c: ZM876-AP
- abuse-c: AC1601-AP
- status: ALLOCATED PORTABLE
- mnt-by: MAINT-CNNIC-AP
- mnt-irt: IRT-TAOBAO-CN
- mnt-lower: MAINT-CNNIC-AP
- mnt-routes: MAINT-CNNIC-AP
- last-modified: 2023-11-28T00:56:50Z
- irt: IRT-Taobao-CN
- address: 2nd floor, Westlake International technology Building, 391 Wener Road, Hangzhou
- e-mail: didong.jc@alibaba-inc.com
- abuse-mailbox: didong.jc@alibaba-inc.com
- admin-c: ZM877-AP
- tech-c: ZM877-AP
- mnt-by: MAINT-CNNIC-AP
- last-modified: 2021-09-05T23:38:36Z
- role: ABUSE CNNICCN
- address: Beijing, China
- country: ZZ
- phone: +000000000
- e-mail: ipas@cnnic.cn
- admin-c: IP50-AP
- tech-c: IP50-AP
- nic-hdl: AC1601-AP
- abuse-mailbox: ipas@cnnic.cn
- mnt-by: APNIC-ABUSE
- last-modified: 2020-05-14T11:19:01Z
- person: Shuo Yu
- address: 5F, Builing D, the West Lake International Plaza of S&T
- address: No.391 Wen’er Road, Hangzhou City
- address: Zhejiang, China, 310099
- country: CN
- phone: +86-0571-85022600
- e-mail: anti-spam@list.alibaba-inc.com
- nic-hdl: ZM678-AP
- mnt-by: MAINT-CNNIC-AP
- last-modified: 2021-04-13T23:21:57Z
- person: security trouble
- e-mail: yitian.gaoyt@alibaba-inc.com
- address: Hangzhou, Zhejiang, China
- phone: +86-0571-85022600
- country: CN
- mnt-by: MAINT-CNNIC-AP
- nic-hdl: ZM876-AP
- last-modified: 2021-04-13T23:22:33Z
- person: Guowei Pan
- address: 5F, Builing D, the West Lake International Plaza of S&T
- address: No.391 Wen’er Road, Hangzhou City
- address: Zhejiang, China, 310099
- country: CN
- phone: +86-0571-85022088-30763
- fax-no: +86-0571-85022600
- e-mail: guowei.pangw@alibaba-inc.com
- nic-hdl: ZM877-AP
- mnt-by: MAINT-CNNIC-AP
- last-modified: 2013-07-09T01:34:02Z
- route: 106.11.172.0/24
- origin: AS37963
- descr: China Internet Network Information Center
- mnt-by: MAINT-CNNIC-AP
- last-modified: 2020-02-18T01:15:24Z
- route: 106.11.172.0/24
- origin: AS45102
- descr: China Internet Network Information Center
- mnt-by: MAINT-CNNIC-AP
- last-modified: 2020-02-18T01:17:24Z