116.136.159.99 Threat Intelligence and Host Information

Jun 12, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 116.136.159.99 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 52/100

Host and Network Information

  • Mitre ATT&CK IDs: T1007 - System Service Discovery, T1027 - Obfuscated Files or Information, T1031 - Modify Existing Service, T1040 - Network Sniffing, T1055 - Process Injection, T1057 - Process Discovery, T1106 - Native API, T1112 - Modify Registry, T1140 - Deobfuscate/Decode Files or Information, T1143 - Hidden Window, T1566 - Phishing, T1598 - Phishing for Information

  • Tags: 443 ma2592000, aaaa, a div, a domains, a li, all scoreblue, all search, android, apple, apple id, applei_imessage_ios, apple ios, apple message, as13414 twitter, as142403 yisu, as19679 dropbox, as20940, as2914 ntt, as32934, as3356 level, as4134 chinanet, as4837 china, asnone china, asnone united, body, calls, center hr, certificate, checking, china as4837, china asn, china unknown, chrome, cname, copy, create c, cybercrime, date, default, discovery, div div, dns replication, dns resolutions, dnssec, dock, domain, email, encrypt, entries, execution, expiration date, facebook, file, files, files copied, files deleted, files location, form, for privacy, get http, get na, gmt content, hacktool, head body, hichina, highlighted, hostname, http, https, icloud_apple_id, ingestion time, injection, invalid url, invoked methods, ip address, ip traffic, ipv4, ipwnderv1, kos, latest version, location china, media center, medium, meta, mobile, moved, msie, name servers, net technology, next, number, open, otx scoreblue, passive dns, password, persistence, phishing, please, please enter, popularity, post http, pragma, process, process32nextw, p span, pulse submit, pyinstaller, read c, record type, redacted for, reflection, registrar, regsetvalueexw, related nids, request, rwi dtools, scan endpoints, script script, script urls, search, self, server, server ca, servers, shell commands, shellexecuteexw, show, showing, slcc2, span a, status, suspicious, sxe0x0cx1cxf8, td tr, telephony, thumbprint, title, tmobile, trident, tsara brashears, ul div, umbrella, united, unknown, url analysis, url http, urls, utc cisco, utc statvoo, valid from, walmart, win32, window, windows nt, wow64, write, write c, written, xebrbxeax1ezxf0, yara detections, yuming, za z0

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: SSH
  • Countries Attacked: Brazil, Chile, China, Germany, Ireland, Singapore, Switzerland, United States of America
  • Passive DNS Results: dog.yunio.cn www.tz-jdy.com cqcl491t.sched.sma.tdnsstic1.cn come-up-static.easygame2021.com gksx5hzk.sched.sma.tdnsstic1.cn o7syijkw.sched.sma.tdnsstic1.cn pic.28a.xyz resources.scwto.cn shdl.cdn.leniu.com www.rejiexi.cn pic.cdmwsm.cn dwjq.cdn.fytxonline.com test.wechat-robot.gzmiyuan.com eight.shenghao88.top encimgt.wm6s.com static.hengdexf.com assets.hengdexf.com b.hengdexf.com bsp.group.taikang.com www.xz0371.com xz0371.com www.canyin88.com rz9nmebv.sched.sma.tdnsstic1.cn wechat-robot.gzmiyuan.com cdn.sanrxteam.com host.fx5718.cn user.fx5718.cn m.heima.cn www.heima.cn www.xxcybank.com www.nnzp.net 7rh17ltj.sched.sma-dk.tdnsstic1.cn down.airphone.cn chkcdn.in.lizhi.fm static.bowenyoung.cn down123.ren down123.me 520662.com 0i4k7t9l.sched.sma-dk.tdnsstic1.cn www.ncrczp.net ncrczp.net www.yuyujob.cn www.rd.kuaijishizi.com www.kuaijishizi.com www.cdlchd.com hackathon.kaiyuanshe.cn livestream.coatingcat.com upiptest.hcfdev.cn zz.hgzzp.com file.51kkyq.com 9btbsng6.sched.sma.tdnsstic1.cn www.hr0550.com hr0550.com static-test.youpindayaofang.com f.kuaiyin123.cn ktpnl.cdchmc.com 12wbkfks.sched.sma-dk.tdnsstic1.cn cunchu.baiblog.top cdn-jobzheua.sched.sma.tdnsstic1.cn files-global.suown.com assets.tnxg.whitenuo.cn pan.wcnmb.cn shumenol.cn www.shumenol.cn kyccdn.tencentcloudapi.com kyccdn-test.tencentcloudapi.com cdn.58woyou.com www.seo-rtinfo.com connext.nedigitals.com.cn h5.zhanghaomiao.com cdn.qq.ms.123u.com testk.19196.com file.365heart.com www.duoqichina.cn duoqichina.cn 91acttx.com image.wawacm.com statics.ymzsl.com lyv0570.cn www.lyv0570.cn w.zmzan.com www.shymyjt.cn static.zbt.guochao.show www.ddqbt.cn 147cbxqg.sched.sma.tdnsstic1.cn gw.imoto.sh rpj983mq.sched.sma.tdnsstic1.cn 3fdha76q.sched.sma.tdnsstic1.cn img.longqiuhong.com so.yaohuo.me ocpasia.mudu.com exhibition.snec.org.cn ocpasia.mudu.tv h5-qwxj.mairui888.com 3da99ank.sched.sma.tdnsstic1.cn iuorye2z.sched.sma.tdnsstic1.cn www.zp0851.cn zp0851.cn bmwstaticweb-int.bmw.com.cn live.xtransfer.cn a1.huanqiu.cn agent.3w.cn t1.huanqiu.cn www.cqwulong.net six.nnbdkfz.cn www.zpxinye.com events.ocpasia.org live.nmcid.org.cn image.xiaoqiandao.com cdn.wykefu.com static.weiyouzhushou.com edmmonitor.ecolab.com.cn edmstore.ecolab.com.cn edmfeedback.ecolab.com.cn edmconfig.ecolab.com.cn edmrepo.ecolab.com.cn edminsight.ecolab.com.cn edmportal.ecolab.com.cn cdn.huiju.cool shuyuncos.yzjtech.com snxblob.michelin.com.cn campaign.michelintransport.com.cn static.anitoys.com www.cnclabecq.com dg.cnvse.cn cdn-rnpz34ru.sched.sma.tdnsstic1.cn case.h6app.com gameres.bjweichu.com.cn op-test.chinabeego.com api.juhe.kulongwl.com www.ecolab.com.cn res.fhxxw.cn fhres.fhxxw.cn www.mosi-tech.cn cdn-quy43uzc.sched.sma.tdnsstic1.cn api-test.chinabeego.com n8y1g8mi.sched.sma.tdnsstic1.cn princessdressbattle.melestudio.cn mpfile.sctv.com apaas-components.imgcache.qq.com www.cxapi.cn cxapi.cn archerywxres.landintheair.com archeryttres.landintheair.com www.crc-ip.com adcaffe-static.ihandysoft.cn ge.ihandysoft.cn wx.chentiantian.cn janssenlive.i-conf.cn zhaopin.dazhangqiu.com lalife.kkkma.com bangyi-sh.com m.bangyi-sh.com gx.mxgsd.cn archeryoppores.landintheair.com cunyu1943.site cdn-cos-fudao.myoed.com sky-image.landintheair.com www.gyzhaopin.com nnxieli.com www.tx-rlw.com tx-rlw.com apps.ihandysoft.cn np2p.soomeng.com hxyxs.amed.net cqzscdn.gamejym.com xlhy1.xlyuxi.com cdn.zhiweiguanjia.com www.chuyutech.com.cn larqwees.sched.sma.tdnsstic1.cn e-Signuat.ecolab.com.cn Ecolink2Oip.ecolab.com.cn EcolinkLive.ecolab.com.cn Icc.ecolab.com.cn e-Sign.ecolab.com.cn e-Signdev.ecolab.com.cn app.ecolab.com.cn Fsmtool.ecolab.com.cn Fsm2oip.ecolab.com.cn 3dt.ecolab.com.cn s2.doge.cdn.zuik.ren www.99ppt.com b0mrx3qt.sched.sma.tdnsstic1.cn mp3.shoujihuifu.com cos.ke.mongjoy.com player.qianqi.net qnar0lls.sched.sma.tdnsstic1.cn 0ectoxvf.sched.sma.tdnsstic1.cn mffwqpfh.sched.sma-dk.tdnsstic1.cn rn4epmus.sched.sma.tdnsstic1.cn www.fnxx.cn resume.dev86.cn op.chinabeego.com 0994zp.com 0991zp.com tfdl.sprite020.com tfdl.shandian020.com tfdl.mushi020.com tfdl.youmeng020.com www.kocel-3dp.com www.kocel-robot.com sls.cloud.tencent.com www.htys188.com www.njshenxian.com h5-ido.yihot.com cdn-3u7rbebs.sched.sma.tdnsstic1.cn pv-download-tencent.592nike.com pv-web-tencent.sk226.com h5.cdn.allrace.com h5.dailyexam.winlesson.com image.app.winlesson.com giftcdn.rjtkj.cn www.zryzw.cn www.dxdzxz.com taobaofangke.com jl050.com encimgt.wandaair.net mediacdn.diyibo123.com nugetdev1.cdn.azure.cn 0b2015rt.sched.sma.tdnsstic1.cn itmkftxt.sched.sma.tdnsstic1.cn img-doge.42pic.top oss-doge.42pic.top npm-doge.42pic.top jsd-doge.42pic.top cfsboard.ecolab.com.cn cfsapp.ecolab.com.cn cfsmobile.ecolab.com.cn cfsfollowup.ecolab.com.cn cfsweb.ecolab.com.cn nuget.cdn.azure.cn 66o6cwdh.sched.sma.tdnsstic1.cn cdn.nnqingtian.com 0fabt64x.sched.sma.tdnsstic1.cn m.en.wfsunnycal.com res.each45.com abo.luobo.cn website-cdn.krguan.com file.roadshowing.com www.yuloo.com yuloo.com www.atacloud.com t.dhtfye.cn down.udashi.com d1.udashi.com shenzhou.godlike.icu incdn.whclzy.com whclzy.com www.whclzy.com whagent.whclzy.com www.hhhtzpw.com img.youxiguancha.com m.youxiguancha.com cdn1quny.vndeep.com img.ttjiasu.com cdn-alyun.bigaka.com 7yiry2zr.sched.sma.tdnsstic1.cn qadownload.cloudtrust.com.cn ltc.fenzhihuyu.cn zp.nlzpw.com h5.hdtjr.com activity.hdtjr.com yunbu.zqygame.com www.shopify.cn pay.19196.com wx.yuetuvip.com m3.yuetuvip.com m.yuetuvip.com wx3.yuetuvip.com web.putong.91smart.net quanshibiao.com 02.studyeveryday.top 04.studyeveryday.top pv-tencent.crazytina.com baiban.liuchengtu.com pocket.qq.com jiajiaobang.net js.zhuantoumen.com child.ccat.66nao.cn qingyu.zqygame.com saas.static.shuchuandata.com temporary.inapom.beixibaobao.com kuaigou.zqygame.com 7qtssiry.sched.sma.tdnsstic1.cn qj050.com bigfun.cn www.emspost.com.cn down1.qjpdf.muxin.fun cvd.cloud-desktop.myqcloud.com kuaiyun.info cdntestduolaixue.wedomusic.cn www.0972.cn www.xuezhangmen.com res.dev.hidanmu.com job.jinxiangapp.com i4egmdt5.sched.sma.tdnsstic1.cn 5dfldn0i.sched.sma-dk.tdnsstic1.cn qdzbarro.sched.sma.tdnsstic1.cn d8idordg.sched.sma-dk.tdnsstic1.cn zscoin.19196.com ivetest.ctrlvideo.com hanwen360.com pan.huran.xyz www.kuai0517.com api.quickso.cn api.app.yiche.com log.ycapp.yiche.com h52.saopiaobao.cn h5.saopiaobao.cn h51.saopiaobao.cn pwnk9t2z.sched.sma.tdnsstic1.cn game.ink abb.gdls114.com gzhcos.qq.com ocdn.linkh5.cn ln1wmpeo.sched.sma.tdnsstic1.cn webbox.9917yx.com gzhcosqq.sched.sma.tdnsstic1.cn 4cc82rla.sched.sma.tdnsstic1.cn playgwent.cn static0kanfangjilu.fanggeek.com.cn other.seeseeme.cn xncoding.com www.xncoding.com test-static.lrsqq.com static.lrsqq.com downloadans.ss.iqy.0nut.com lsn-cdn.zjian.net mchd.mmhappy.com.cn h5-wzlr.res.digitalzn.cn admincdn.tpl668.com cdn.tpl668.com cdn100.97wangame.cn www.ttajiankang.com kh.wukool.com pub-cdn-beta.metamedical.com.cn www.xuelangtown.net conference.xuelangtown.net s.starshomes.cn wyp905210119.gongchang.com nozvq9o2.sched.sma.tdnsstic1.cn 6vlutxxh.sched.sma.tdnsstic1.cn static.mj.xlsymj.com wechat.eqmobi.com job.ydweibao.com jiu.lifeng.in storage100.dcdn.kugou.com pub-cdn.mch.metadoc.cn gs.yulebuyu.com www.wp-rubber-eva.cn webcasting.bizconfstreaming.com xyxchannel.yulebuyu.com xyxapp.yulebuyu.com img.ynjcpx.yneducloud.com tlbb.wanmei.com ma.wanmei.com wmzs.wanmei.com sksea.cn yyzqc.gxkjec.com qcloudcdn.sched.sma.tdnsstic1.cn e27x9jw4.sched.sma.tdnsstic1.cn hwkc96sb.sched.sma.tdnsstic1.cn hqiqo3fo.sched.sma.tdnsstic1.cn quspieno.sched.sma.tdnsstic1.cn 6ifjtc4v.sched.sma.tdnsstic1.cn 0j4yv6un.sched.sma.tdnsstic1.cn upd13.sogoucdn.com.sched.sma.tdnsstic1.cn cdn-ki3tp25b.sched.sma.tdnsstic1.cn kyedygzy.sched.sma.tdnsstic1.cn cdn-9e8inzsw.sched.sma.tdnsstic1.cn hiplpris.sched.sma.tdnsstic1.cn pdf.qinaokj.com 6h5866n3.sched.sma.tdnsstic1.cn hrtd3h9g.sched.sma.tdnsstic1.cn home-cdn.samsclub.cn cdn.samsclub.cn live.iumed.com.cn api.shop.lingti666.com pa.pcvolcano.com mdl-live.uat.2wen.cn download.shenshouwl.com yxgl-ncdn1.ios.shenshouwl.com hfcdl.snec.org.cn s.jiwuhui.cn gxsa97e4.sched.sma.tdnsstic1.cn douchengzp.com zoocdn.funland.cn hr.nm177.com www.termilk.com job.0634.com 3sfuns90.sched.sma.tdnsstic1.cn o79lo64q.sched.sma.tdnsstic1.cn yulin.qianshougongyi.com pv-download-tencent.dltqro.com xin-lai.com statics-test.cloudtrust.com.cn is2zs1zn.sched.sma.tdnsstic1.cn b1l03tmu.sched.sma.tdnsstic1.cn n26vyz6u.sched.sma.tdnsstic1.cn 341862.sched.sma.tdnsstic1.cn etrainingcdn.mcd.com.cn api.weiks.com.cn cdn.kering-lexiang-community.cn record.isay.cloud cos.yzspeixun.com dlq1.sprite020.com avyyzmm7.sched.sma.tdnsstic1.cn 1x3tjchl.sched.sma.tdnsstic1.cn myluo.cn i.ugdtimg.com i.gdtimg.com cdnwusd.moheqq.com www.0537i.com www.fenghuanghui.com.cn yxvp.yixueyun.cn cdn.pnup-hd.tcssyw.com badminton.tiktok.cdn.qxplay.cn cdn.pnup-ls.tcssyw.com resources.jszhwlpt.com lyh5.17dawan.com www.hyfbyb.com r1.hd.globaltimes.cn games.laohu.com 18jt85h8.sched.sma.tdnsstic1.cn res.tnebula.cn static.hd.globaltimes.cn job.haining.com www.yuchengzp.com sgls.static.xyimg.net qy.wx.bhzq.com www.kk1.cn 0fq03ylt.sched.sma-dk.tdnsstic1.cn admin.jcqg.mhatp.cn knaci0hc.sched.sma.tdnsstic1.cn 432247.sched.sma.tdnsstic1.cn cos.ditudian.com 7zv059fy.sched.sma.tdnsstic1.cn tz.laorubin.top cs.yijianyuankong.com voice.yijianyuankong.com pay.yijianyuankong.com h5.yijianyuankong.com ioslink.yijianyuankong.com api.yijianyuankong.com servicepool.yijianyuankong.com dxra5xll.sched.sma.tdnsstic1.cn pic.dadalive.com www.yilifs.com s.neweggservice.com static.lin515.com file.qa.mbadashi.com web.allosoft.top 91888hzy.com images.nvidia.cn cydf.cdcyl.org.cn pic.dadayun.com.cn www.iphoenix8.com kk-f23.guyver.cn api-m.we.cn mirrors.r2wind.cn resources.r2wind.cn r2wind.cn cdn.cufa-china.cn www.ningdezp.com www-cdn-qa-sams.walmartmobile.cn mcdn-qa-sams.walmartmobile.cn static-qa-sams.walmartmobile.cn home-cdn-qa-sams.walmartmobile.cn cdn-decoration-qa-sams.walmartmobile.cn top9s1.topxlc6.com www.15xd.cn www.huangmeizp.com mj9lgkk6.sched.sma.tdnsstic1.cn q3doujwz.sched.sma.tdnsstic1.cn 1148900.sched.sma.tdnsstic1.cn www.voyah.com.cn icloud-meeting.com invoice.chinabeego.com cdn-cat.apowo.com www.helloshineshow.com static.youke.yhsdjq.com sxres.xhhycd.com www.dianhungongyi.com monitor.shopifycdn.net attach.wemall.mokyun.cn cdn-dcjp2cex.sched.sma.tdnsstic1.cn s.mayijinhui.com s.ky1651.com soft.down123.ren aceorm2d.sched.sma.tdnsstic1.cn static.357pk.net h5-static.17youshan.com omgmkt.qq.com keblj.baozhilinhealth.com sdk.youyihuyu.com sdk.chuangyouhy.com cdntx.zhijianfeiwu.com zhaopin0558.com www.zhaopin0558.com hotel.swaiot-hotel.com

Malware Detected on Host

Count: 18 4ea76c2ccc7428304762c3c9711aa735d629199765d23869eed145dd9b1476e7 96f8b60cbf3799b8f9aef957a7787907806d7f2323e8b0031ee77c792c2e210b 8e37a8f2900f9f23f225cf015263b264b9b16c2218efeedd161e84060a483254 46633201833ac627f17a04826cfa27106c11da10ea655bb23254b6f6b7f50ea2 669db78fcf9b6beb0856def61d73f6dffe33bd32b8ed12f416e259db294041f8 36b07022e95622fbabf42133be38ecae0efbdff87aba8fc7de5ee4e7865301e1 d1ae1851c86f1bfa64690eafbd7454fd5374069690ea4ae9ff80afabbff2499f 859f4ea08a51e290307d6960793bfccea2313dfe935d4817a222853840fc77cf e4f01c12786eb5940069203874202e35a4b1bf7c7638f4782ff37202903955b1 f0c7506e85cb43e0f082e1b6593c9a61b98ed59c486b2876e2d93bf7ac0f3638

Map

Whois Information

  • inetnum: 116.128.0.0 - 116.191.255.255
  • netname: UNICOM
  • descr: China United Network Communications Corporation Limited
  • descr: No.21 Financial Street,Xicheng District, Beijing 100140 ,P.R.China
  • country: CN
  • admin-c: XZ67-AP
  • tech-c: XZ67-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-UNICOM-CN
  • last-modified: 2021-11-02T07:48:23Z
  • irt: IRT-UNICOM-CN
  • address: No.21 Financial Street,Xicheng District,
  • address: Beijing 100140 ,P.R.China
  • e-mail: zhaoyz3@chinaunicom.cn
  • abuse-mailbox: zhaoyz3@chinaunicom.cn
  • admin-c: YW6851-AP
  • tech-c: YW6851-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-02-24T06:16:57Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-07-30T11:55:46Z
  • person: Xiaomin Zhou
  • address: No.21 Financial Street,Xicheng District, Beijing 100140 ,P.R.China
  • country: CN
  • phone: +86-10-66259626
  • fax-no: +86-10-66259626
  • e-mail: zhouxm@chinaunicom.cn
  • nic-hdl: XZ67-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2009-06-17T02:45:23Z
  • route: 116.128.0.0/10
  • descr: China Unicom CHINA169 Network
  • country: CN
  • origin: AS4837
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2017-10-20T06:12:02Z

Links to attack logs

****** ****** ******

Share on: