106.11.253.86 Threat Intelligence and Host Information

Jan 11, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 106.11.253.86 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 32/100

Host and Network Information

  • Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter

  • Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 1 times
  • Protcols Attacked: SSH

Malware Detected on Host

Count: 7 4e710411cd1f9d2a333ad16a68ef5031524aa2aa04fa05fff4e1b232ba15be88 eb679438ee107b3b1f91d63c9d9aeda4ccee3f64d087eccd1298641ecc54555b 8f8104b84953173bc0b0b4959846e20f41eccf3fde7ef0d93911b8502b7356b3 b07110b7a71a70655c6ecfb0daf32fe469066f4b15a61b69a908f3ff90623ab4 9c49d549dd6c1a8355e6a0860ca20a50c7603acb78f7bf9436e7ceb7c1cb1db1 be069653cb18fab6eac177e8d70304fa92ed214daaa326972950b64937264884 4721f11e59a2478e1141325ac464de9ca87247faf20e4472694eac1ff56a3109

Map

Whois Information

  • inetnum: 106.11.0.0 - 106.11.255.255
  • netname: Taobao
  • descr: Zhejiang Taobao Network Co.,Ltd
  • descr: 2nd floor, Westlake International technology Building
  • descr: 391Wener Road, Hangzhou, China
  • country: CN
  • admin-c: ZM678-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-TAOBAO-CN
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • last-modified: 2023-11-28T00:56:50Z
  • irt: IRT-Taobao-CN
  • address: 2nd floor, Westlake International technology Building, 391 Wener Road, Hangzhou
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Shuo Yu
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM678-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-04-13T23:21:57Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 106.11.253.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:16:22Z
  • route: 106.11.253.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:18:19Z

Links to attack logs

****** ****** ******

Share on: