106.11.253.83 Threat Intelligence and Host Information

Jan 11, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 106.11.253.83 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 42/100

Host and Network Information

  • Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter

  • Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 1 times
  • Protcols Attacked: SSH

Malware Detected on Host

Count: 9 6e332e8059f9881450f3c790e1ad4bb5504c328204835bf0e2758a39a28524f7 d38550cc6e10551904d25dc9768437574b748aefb253bbfdec26ccf6aae32da6 ce3d51596d9eaadecb837cf8ce55cdc3b869f0e56cd6a72e481a43b7cff93f4b 23bfca1375f3403bc8ac8537b6027ad852342bf60cffa5845818891bade188fc b91cd6685b412eec6ed55ca6788bbcf1235fd31701e7f1c82eb598118b8bfa31 8128bd677f5382e04f7a6bd363f7a99efdda9eb7988dd5950226bebbb75e9ca3 5df815de47aa5e154d608a44653a81b407d963077381562a09f6bb58186d96c0 0e15b59cbff48a0b4408b8f4030ae94388b9a0c96594b9b3c34bb3818558f9a5 01a518da71756785ff3c790d9de7f645d736840f10c54f4df72da83187ed8f37

Open Ports Detected

10001 10134 102 1024 10243 1025 10250 104 10443 10554 1080 1099 11 110 111 11112 11210 11211 113 11300 11371 1153 1167 1177 119 12000 1234 1290 13 1311 1337 135 13579 1400 14147 14265 143 1433 14344 1471 1494 15 1515 1521 1599 16010 16030 1604 16993 17 1723 1741 175 179 1800 1801 18081 18245 19 19071 1911 1925 1926 1935 195 1962 2000 20000 2001 2002 2008 20256 20547 2057 2067 2077 2081 2083 2086 2087 21 2121 21379 2154 2181 22 221 2221 2222 2232 23 23023 2323 2332 2333 2345 2375 2376 2404 2455 2480 25 25001 25105 2525 2549 25565 2557 2572 2601 2628 263 264 27015 27017 2761 2762 28015 28017 30002 30003 3001 3050 3052 3056 3071 3077 3079 3080 3085 3099 3106 3111 3128 31337 3260 3268 3269 3299 3301 3306 33060 3310 3333 3388 3389 3402 3460 35000 3524 3541 3551 3554 3562 3568 3689 37 37777 3780 3790 38 389 4000 4010 4022 4040 4063 4064 4100 4118 4157 41800 4190 4242 427 4282 43 4321 4369 44158 443 4433 444 4444 44818 4482 4500 4506 4550 465 4664 47990 4840 4899 49 4911 49152 49153 4949 5000 50000 5003 5004 5005 5006 5009 5010 50100 502 5025 503 5050 51106 51235 5172 5201 5222 5269 52869 53 5357 54138 5432 5435 548 55000 554 55442 55443 5555 55553 55554 5596 5598 5601 5605 5672 5801 5858 587 58749 5900 593 5938 59417 5984 5986 6000 6001 60010 60030 60129 6080 61613 61616 62078 631 636 6372 6443 6464 6503 6550 6602 6633 6653 666 6664 6666 6667 6668 6697 70 7000 7001 7002 7004 7071 7171 7218 7415 7434 7443 7444 7445 7474 7493 7535 7548 7634 7657 771 7779 789 79 7979 7998 80 8008 8009 801 8010 8040 8041 8042 8049 8050 8060 8069 8080 8081 8083 8084 8085 8086 8087 8089 8090 8098 8099 81 8100 8105 8107 8109 8123 8126 8139 8181 82 8200 8222 8249 8291 83 830 8333 8334 8409 8411 8418 8426 8443 8500 8545 8554 8575 8649 8728 873 8779 8782 88 8800 8806 8816 8822 8823 8825 8831 8834 8845 8850 8851 8863 8880 8888 8889 8891 8899 9000 9001 9019 9032 9034 9036 9042 9043 9050 9051 9088 9089 9090 9091 9095 9100 9102 9151 9160 9191 9200 9202 9211 9216 9218 9295 9306 9443 9527 9530 9595 9600 9761 9765 98 9869 9876 9898 992 993 9943 9944 995 9950 9955 9981 9993 9998 9999

CVEs Detected

CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385

Map

Whois Information

  • inetnum: 106.11.0.0 - 106.11.255.255
  • netname: Taobao
  • descr: Zhejiang Taobao Network Co.,Ltd
  • descr: 2nd floor, Westlake International technology Building
  • descr: 391Wener Road, Hangzhou, China
  • country: CN
  • admin-c: ZM678-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-TAOBAO-CN
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • last-modified: 2023-11-28T00:56:50Z
  • irt: IRT-Taobao-CN
  • address: 2nd floor, Westlake International technology Building, 391 Wener Road, Hangzhou
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Shuo Yu
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM678-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-04-13T23:21:57Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 106.11.253.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:16:22Z
  • route: 106.11.253.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:18:19Z

Links to attack logs

****** ****** ******

Share on: