106.11.35.19 Threat Intelligence and Host Information

Jan 11, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 106.11.35.19 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 37/100

Host and Network Information

  • Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter

  • Tags: 0x104, 0x11a, 0x12b, 0x14a, 0x14e, 0x228, 0x97, 0xc6, 0xe1, 0xf5, aafunction, afunction, android, april, array, array int8array, b1342177279, bad event, bad idp, child, class, closure library, cnzzdata, copyright, crios, customevent, czuuid, dafunction, date, edge, element, embed, error, fafafa, function, gc, gc3w7t6h5qw, gtmmdcvhgd, ienew ca, iframe, internal, invalid attempt, kafunction, kfunction, kkfunction, lh, meta, mit license, most, nkfunction, node, null, number, object, overlaylevel, p420, path, pseudo, public, qkfunction, quota, reduceright, regexp, rkfunction, sdkversion, skfunction, span, string, swiper, sxa0, symbol, template, this, trackevent, trackpageview, trident, typeerror, typeof, typeof b, typeof d, typeof define, typeof e, typeof enulle, typeof n, typeof r, typeof symbol, typeof t, ufunction, uint8array, umdistinctid, vd, version, void, win32, xlfunction, zdhxiong

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 1 times
  • Protcols Attacked: SSH

Open Ports Detected

100 10000 10001 1023 1025 1029 104 10443 10554 1080 10911 1099 11 110 11000 111 1110 11112 11210 11211 11371 1153 1177 119 1200 12000 122 1234 12345 13 1311 1337 135 13579 14265 143 14344 1471 15 1515 1521 1599 16010 1604 16993 17 1723 1741 179 1800 1801 18081 18245 1883 1935 1947 195 1990 2000 20000 2001 2002 2008 20256 20547 2059 2067 2069 2081 2082 2083 2086 2087 21 21025 2111 2121 21379 2154 2181 2266 23 23023 2323 2332 23424 2345 2375 2376 2404 2455 2480 25 2555 25565 26 2601 264 27015 2761 2762 28015 30002 30003 3001 3050 3068 3069 3072 3080 3092 3106 3107 311 3116 3128 31337 32400 3260 3268 3269 32764 3299 3301 3306 33060 3310 3333 3352 3388 3400 3410 35000 3521 3542 3548 3551 3689 37 37777 3790 389 4000 4022 4040 4063 4064 4157 41800 4242 427 4282 43 4321 4369 44158 443 444 4443 4444 44818 4500 4506 4567 465 4786 47990 49 49153 50000 5001 5005 50050 5007 50070 5009 50100 502 5025 503 5050 51106 515 5172 5222 5269 5280 52869 53 54138 5432 5435 548 55000 554 5555 55553 55554 5568 5601 5672 5801 5858 587 593 5938 5984 5985 60001 6002 60030 6006 60129 6036 6080 61613 62078 6379 6443 6600 6603 6633 6653 6664 6666 6667 6668 6697 70 7000 7071 7218 7474 7547 7548 7634 771 789 79 7999 8001 8008 8009 8011 8015 8017 8029 8044 8052 8055 8060 8071 8080 8081 8083 8085 8087 8089 8090 8093 8099 8112 8123 8126 8139 8140 8200 8249 8291 83 830 8334 84 8405 8413 8415 8420 8421 8500 8545 8554 8728 873 8765 8789 8806 8822 8823 8824 8844 8888 8889 8991 9000 9001 9009 9015 9019 902 9020 9027 9028 9036 9037 9042 9051 9080 9082 9090 9091 9092 9094 9095 9100 9111 9151 9160 9189 9208 9299 9310 9418 9443 9530 9600 9633 9761 9800 9869 992 993 9943 9944 995 9981 9998 9999

CVEs Detected

CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385

Map

Whois Information

  • inetnum: 106.11.0.0 - 106.11.255.255
  • netname: Taobao
  • descr: Zhejiang Taobao Network Co.,Ltd
  • descr: 2nd floor, Westlake International technology Building
  • descr: 391Wener Road, Hangzhou, China
  • country: CN
  • admin-c: ZM678-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-TAOBAO-CN
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • last-modified: 2023-11-28T00:56:50Z
  • irt: IRT-Taobao-CN
  • address: 2nd floor, Westlake International technology Building, 391 Wener Road, Hangzhou
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Shuo Yu
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM678-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-04-13T23:21:57Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 106.11.35.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:13:52Z
  • route: 106.11.35.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:15:48Z

Links to attack logs

****** ****** ******

Share on: