106.11.248.144 Threat Intelligence and Host Information

Oct 10, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 106.11.248.144 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter

  • Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Passive DNS Results: ishop2008.com maomi.love xiaco.one wowo1234.com msea.aliyun.com tvka.cn ynding.fun chinalove69.com alibaba-tam.com aliyun-ltd.com www.panbaidu.com www.junnp03.xyz mailsso.aliyun.com aliyun.gein.cn www.95bok.cn ht0428.xmcm168.com m.xmcm168.com caldav.aliyun.com mailopen-netdisk.aliyun.com sh.wagbridge.aliyun.aliyun.com www.misaya.ltd 16882020.xyz kdai.net fuliyun.net appjun.com denglijunying.top aliyunk.top pandavip.www.net.cn domain.aliyun.com lengqie.live console.aliyun.com dgaddr.com dmp.www.net.cn tools.aliyun.com feedback.console.aliyun.com aliyun.it aicrowd.aliyun.com dc.www.net.cn dns.www.net.cn account.www.net.cn panda.www.net.cn cschat-ccs.aliyun.com microdingtalk.aliyun.com api.aliyun.com help-ccs.aliyun.com bridge.aliyun.com huijiadizhi.xyz aliyun-adns.aliyun.com.gds.alibabadns.com aliyun.com

Malware Detected on Host

Count: 12 9e66bbe422a61b3d1d87370b4c89307a051747bee59b02edf85a64856d26a4da a3766920f98df0cea49f4ae9fa7882ed58b70560e54550d2b657dc717fac4ead c1d024b8edd16df2d29b169d4c5070445bb12663a0c153290780618fd40eb194 18a823b2dbf6d7a03a54710da5526743658e22dfb41eb2b7b2ac82ef9ad8c429 5a395c86be283a240e052dfe6f719da4914af53cb4da66c34dbcf1f1b74da3d2 867f3970a5b37f2e5c57df5f4645abe5cd9e8a4206ed1928880e30c6967b3760 f19a3aead330751cd12ea1905650fb89a0a55171107a731559c31032dc037b6e 84e7f66eb37e7a38b7c71f16ccab6ae8de84c6e10953c2a3b1bad381105780d3 0c6e9231f9325d8bd9318414f7b34731884d2e040c122d4007d8f2abd4c35dd4 ae84db80440b1d0b29f4858ae43348c5213816b40593215799101afea7457cae

Map

Whois Information

  • inetnum: 106.11.0.0 - 106.11.255.255
  • netname: Taobao
  • descr: Zhejiang Taobao Network Co.,Ltd
  • descr: 2nd floor, Westlake International technology Building
  • descr: 391Wener Road, Hangzhou, China
  • country: CN
  • admin-c: ZM678-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-CNNIC-CN
  • last-modified: 2021-06-16T01:30:52Z
  • irt: IRT-CNNIC-CN
  • address: Beijing, China
  • e-mail: ipas@cnnic.cn
  • abuse-mailbox: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-06-16T01:39:57Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Shuo Yu
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM678-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-04-13T23:21:57Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 106.11.248.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:16:19Z
  • route: 106.11.248.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:18:16Z
Share on: