137.59.148.200 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 137.59.148.200 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 62/100

Host and Network Information

• Mitre ATT&CK IDs: T1021.001 - Remote Desktop Protocol, T1110 - Brute Force, T1184 - SSH Hijacking, T1192 - Spearphishing Link, T1194 - Spearphishing via Service, T1442 - Fake Developer Accounts, T1454 - Malicious SMS Message, T1566 - Phishing, T1583.001 - Domains, T1583.006 - Web Services, T1585.001 - Social Media Accounts, T1586 - Compromise Accounts, T1591.002 - Business Relationships

• Tags: anydesk, as15169 as16509, as19871 as22612, as9002, business email compromise, c2, caas, fraud, hosting, identifying, parked domains, scams, ssh hijacking, typosquatting

• JARM: 29d29d15d29d29d00042d42d0000009435214b849738c4ebab4534b5d158dd

• View other sources: Spamhaus VirusTotal

• Country: India
• Network: AS394695 pdr
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: com.md-hk-12.bluehostwebservers.com transconintlhk.com wsmediahk.com wpmsolutionssg.com asilcorn.com sxyaoyuan.com peacockmediahouse.com taachimedia.com mta-sts.md-hk-12.webhostbox.net 2cmold.com mail.cy135.cn.md-hk-12.bluehostwebservers.com imneko.imhime.com www.imcat.imhime.com imcat.imhime.com www.imneko.imhime.com whm.bnjewellery.wowweb11.com autoconfig.cym.wowweb11.com whm.clinicon.wowweb11.com cpcalendars.castingworld.wowweb11.com whm.eclc.wowweb11.com cpcontacts.hkbiomass.wowweb11.com delartscine.com mail.yanxue-hk.com.md-hk-12.bluehostwebservers.com chengmingtextile.com mail.cuishou8.com.md-hk-12.bluehostwebservers.com autoconfig.grandwinnerhk.wowweb11.com autodiscover.grandwinnerhk.wowweb11.com mail.ffshop.com.md-hk-12.bluehostwebservers.com changshujiahua.com shuziwanjia.com zeropointerp.ziyuanxingqiu.com wateenalkhaleej.com ouky.97770.net mail.yiminkorea.com.md-hk-12.bluehostwebservers.com www.us.scisoon.com us.scisoon.com wahcheong.hk printdot.shop www.58tv.inbtv.com 58tv.inbtv.com 58tv.net www.58tv.net www.e-cateringhk.com e-cateringhk.com ouky.cn www.ouky.97770.net www.ouky.cn www.hotelengineering.com.hk hotelengineering.com.hk surensystems.com www.surensystems.com www.hotelengineering.hk hotelengineering.hk glaymirage.com yecoparts.lnstarfire.com yecomachinery.lnstarfire.com www.yecojx.com yecojx.lnstarfire.com www.soobah.com www.meecola.cn meecola.cn www.sxaitao.com www.zjyhy.net www.mavideo.coms.asia digimatches.com www.clutchhk.piglay.com www.digimatches.piglay.com clutchhk.com www.glaymirage.piglay.com www.scalemodelbase.com scalemodelbase.com www.figureclub.me figureclub.me www.callsell.com www.xinyun28.xidating.com www.evosicbo.xidating.com www.why80.xidating.com www.katiaclassic.xidating.com xidating.com www.xidating.com www.printdot.shop maixiaoshu.com www.davidphoto.coms.asia www.maphoto.coms.asia www.en.scisoon.com www.davidvideo.coms.asia www.babaimissu.coms.asia bb.backend.hk mail.lvcopy.vip.md-hk-12.bluehostwebservers.com www.yecojx.lnstarfire.com yecojx.com cnc-made.com www.yecoparts.lnstarfire.com yecomachinery.com yecoparts.com www.yecomachinery.lnstarfire.com www.starringchild.coms.asia www.ydwp.net saechip.com www.saechip.com pool.webshop.hk cnclydeco.build-website.cn www.zhaoyang.hk-linux.bluehostdemo.com test6.hk-linux.bluehostdemo.com www.onwotong.com onwotong.com crown-hk.com www.crown-hk.com test5.hk-linux.bluehostdemo.com jianjiejck.com www.jianjiejck.com www.cnc-made.lnstarfire.com cnc-made.lnstarfire.com zhaoyang.hk-linux.bluehostdemo.com zjyouyue.cn www.zjyouyue.cn ailebuy.cn www.ailebuy.cn test3.hk-linux.bluehostdemo.com test2.hk-linux.bluehostdemo.com test1.hk-linux.bluehostdemo.com xxx.hk-linux.bluehostdemo.com secofm.com www.secofm.lnstarfire.com secofm.lnstarfire.com rfidsolutionglobal.com.md-hk-12.bluehostwebservers.com skd.wynco.cn rui.bluehostdemo.com berk.wynco.cn trista.wynco.cn yoga.wynco.cn demo.wynco.cn www.afterloon.lemoncell.com mail.szsenter.com.md-hk-12.bluehostwebservers.com pets.wynco.cn www.wynco.cn zjyhy.net fitmove.com.cn www.fitmove.com.cn clydeco.build-website.cn sxaitao.com vape.wynco.cn clydecodemo.build-website.cn evosicbo.com ydwp.net www.wowweb11.com stfinance.com.hk www.stfinance.com.hk www.stanleyling.com stanleyling.com www.dedaonew.laozi.ac.cn test4.hk-linux.bluehostdemo.com 88zuiyou.com www.88zuiyou.com www.cn.scisoon.com www.futuredream.scisoon.com www.wyncostore.wyncotek.com wynco.cn www.googlemeet.coms.asia daode.fun www.daodefun.laozi.ac.cn www.storage.coms.asia cleanedge.com.hk www.cleanedge.com.hk komitex.biz 6521.cn www.6521.cn www.dedaorg.laozi.ac.cn dedao.org lichunshu.hk-linux.bluehostdemo.com iccream.cn www.iccream.cn www.ic86.cc ic86.cc.szsenter.com www.ic86.cc.szsenter.com ic86.cc www.katiaclassic.com corsea.com www.iccream.szsenter.com www.easyfameshop.com www.xingchenmazhifu.com zeropointerp.asia www.zeropointerp.ziyuanxingqiu.com xingchenmazhifu.com bosqbtv5.com www.bosqbtv5.com www.xinnada.com xinnada.com ouhao.cc www.ouhao.cc www.arbcn.com arbcn.com shop.himesky.com buy.himesky.com www.buy.himesky.com www.shop.himesky.com www.imhime.com himesky.imhime.com himesky.com www.himesky.com www.himesky.imhime.com bangkokheadlines.top www.bangkokheadlines.top www.bangkokheadlines.inbtv.com myanmarinfo.top www.laosweekly.top www.myanmarinfo.top laosweekly.top myanmarinfo.top.inbtv.com www.myanmarinfo.top.inbtv.com www.laosweekly.inbtv.com www.corsea.lemoncell.com 01zeroone.com.hk www.yajun100.com yajun100.com d1f6k.cn www.d1f6k.cn zhengxinxiushen.com www.daode.laozi.ac.cn www.daodexxx.laozi.ac.cn www.zhiyin.laozi.ac.cn www.zhengxinxiushen.laozi.ac.cn www.pg.laozi.ac.cn www.bersiler.net gzhuili.com www.gzhuili.com www.coms.asia www.missm.com.cn missm.com.cn dgtama.com cn.dgtama.com www.dgtama.com top-speed.cn www.top-speed.cn yc.xinyun28.com www.feilong-tech.com www.ihualin.net www.vire.com.hk www.scholmart.com www.tseago.com bitebijiayuan.ziyuanxingqiu.com www.techcloudpro.asia techcloudpro.ziyuanxingqiu.com wynco.wyncotek.com www.ugoodies.com www.mthlab.com www.crm.mthlab.com www.shesky.com www.scisoon.com www.lemoncell.com thailand-times.inbtv.com canada-news.inbtv.com chat.inbtv.com pakistanfocusnews.inbtv.com malaysia-unitedtmes.inbtv.com www.sharmaji.net www.ets-tri.com ets-tri.com shu.xingchenmazhifu.com www.syhandcrafts.com www.ecotpu.com www.bud2013.com cdn.bud2013.com curtainshk.top www.curtainshk.top gz25.gdm189.com juanhao.bluehostdemo.com www.napmes.com self-discipline.cool www.self-discipline.cool self-discipline.electrics-machines.cn www.self-discipline.electrics-machines.cn www.pg.run pg.run www.canada-news.inbtv.com canada-news.top www.canada-news.top www.thailand-times.inbtv.com thailand-times.com www.thailand-times.com malaysia-unitedtmes.com www.malaysia-unitedtmes.com www.malaysia-unitedtmes.inbtv.com www.qwertyuiop.site www.pakistanfocusnews.com www.pakistanfocusnews.inbtv.com pakistanfocusnews.com bcube.eco www.bcube.baosquared.com www.youyouguan.com.cn youyouguan.com.cn qwertyuiop.site zs.andyu.ml blog.andyu.ml junc.hk-linux.bluehostdemo.com www.yc.xinyun28.com wp.andyu.ml mx.hk-linux.bluehostdemo.com zwq.hk-linux.bluehostdemo.com rqy.hk-linux.bluehostdemo.com www.facebook.coms.asia els.group yhai.hk-linux.bluehostdemo.com www.chat.inbtv.com www.somnate.com fangmengke.site www.ysdiesel.com.hk cn.mynanay.com www.givegivegive.asia techcloudpro.asia www.techcloudpro.ziyuanxingqiu.com andyu.ml www.andyu.ml www.crypto.coms.asia shaoxingguangyuan.com www.shaoxingguangyuan.com dedede.hk-linux.bluehostdemo.com easyfameshop.com www.yangzaitime.com www.tricobino.cn t.xidating.com www.szsenter.com www.shidff.org www.lnstarfire.com www.daode.biz www.dedaojing.org www.daode.club www.aswarexpress.com www.carrierbusiness.com www.unaigift.com www.sylabo.com www.ruifudao.com www.universead.site nbdcp.80088888888.com nbdcpcn.80088888888.com www.nbdcpcn.80088888888.com nbdcp.cn www.nbdcp.80088888888.com nbdcp.com universead.site www.universead.scisoon.net universead.scisoon.net www.inbtv.com www.jmb.photo www.payatoys.com www.hkaya.org.hk www.crowdfund-asia.hk www.hairlogics.com.hk www.bmi.com.ng www.mssthb.com www.environwinner.com www.sz-nano.com www.renuinteriors.com.au www.craftgini.com www.cqruizhu.com general-solarpower.cn www.general-solarpower.cn www.maicare-med.com koreaxin.net www.koreaxin.net maicare-med.com application.aone.hk ksc.koreaxin.com shx.bluehostdemo.com www.wynco.store wynco.store king-freight.com www.king-freight.com www.wynco.wyncotek.com universead.club.scisoon.net www.universead.club.scisoon.net www.arcci.com.hk www.c3intstore.com c3intstore.com www.world-logistics.cn world-logistics.cn www.xhpackage.com www.newqcj.com www.yayabiji.com yayabiji.com shxdemo.hk-linux.bluehostdemo.com www.hunterjian.xyz hunterjian.xyz lighten-distr.com vip1.gdkd189.com id.gddx189.com gz12.gdm189.com www.zzhfz.net zzhfz.net ekobebe.de www.ekobebe.de www.hklabel.com.hk hklabel.com.hk the7.maicare-med.com www.calenshop.com calenshop.com demo.hehehaha.hk fanclutchfortruck.com www.fanclutchfortruck.com kezhangbanzheng.com www.kezhangbanzheng.80088888888.com capetalfurniture.com www.melioncycling.com melioncycling.com www.mg-38.50103.net www.gzqdl.com gzqdl.com www.ejoyful.com.hk ejoyful.com.hk test.ml2.me www.yoyocycles.com.tw yoyocycles.com.tw testcdn.bluehostdemo.com www.hkscoliosis.org mssthb.com shx.hk-linux.bluehostdemo.com yuit.com.hk www.klria.com www.infiniti-a.com www.hunjieuk.80088888888.com jxdemo2.bluehostdemo.com jxdemo.hk-linux.bluehostdemo.com melamine.vip submission.theppnetwork.com cuiyongfu.com www.cuiyongfu.com mssthb.gzhuili.com honfai.com neo-cffoundation.org hunjie.uk heastar.com hhh.hk-linux.bluehostdemo.com estore.aone.hk gz7.gdm189.com gz16.gdm189.com gz6.gdm189.com gz10.gdm189.com gz14.gdm189.com gz11.gdm189.com gz24.gdm189.com gz15.gdm189.com gz17.gdm189.com gz9.gdm189.com gz8.gdm189.com gz4.gdm189.com gz13.gdm189.com gz22.gdm189.com gz19.gdm189.com gz18.gdm189.com gz5.gdm189.com gz20.gdm189.com gz3.gdm189.com gz23.gdm189.com gz2.gdm189.com gz21.gdm189.com gz1.gdm189.com gz2.gddx189.com gz1.gddx189.com www.bitcoin-miner.cn e.ceshiyong.site pagus.hk www.why80.com why80.com www.sla3dprinting.com sla3dprinting.com newqcj.com glorious-int.com www.3dslaprinting.orientools.com.cn www.aowo.orientools.com.cn 3dslaprinting.orientools.com.cn aowo.orientools.com.cn www.bbs.80088888888.com bbs.me.uk www.bitebijiayuan.ziyuanxingqiu.com bitebijiayuan.com szsyelec.com szsyelec.ecotpu.com www.szsyelec.ecotpu.com www.szsyelec.com 83484.com bestpowerhk.com.hk www.bestpowerhk.com.hk wholesomegrainsasia.com www.printart.hk www.widerichprop.com www.happyhappybirthday.hk www.happyhappybirthday.com.hk filipina.cn www.filipina.80088888888.com www.nafurancar.com nafurancar.com www.xn--dlq22e6a75s52s4hby93ahtlokodfirjhkx5fvhm.com xn–dlq22e6a75s52s4hby93ahtlokodfirjhkx5fvhm.com zhiyin.huanglao.com.cn me.huanglao.com.cn daode.huanglao.com.cn www.yqbc8.zxbc8.com www.pioneerlabel.com.hk mip.hehehaha.hk www.hohithk.com

Malware Detected on Host

Count: 15 cb913ab54a824713766b25c20d8c4c413895ddd937c63bcf4078419095e2ca6e 1e1afaf8e17766b9f8e3a3f03bf93a4c548430ba54bf25b4152bd13e98b0caa9 c1c39b2dcd11345c656222a0dfe5dd70cbe56eda001182a0a6c8907526c4598a 743e4ed04846663b2824ef9668d0d27d33822d1ab0437c2eed9f9138db9be677 76d699ec5651960d9991c24b47ac28cccbecb1b02b88e05d8d0f5a4adcb58b21 037437ad6cf58ecb29559a84770934ba21d541a415455cd269c30f461cfc1459 6604ee2aa1bbf31a86fe7a1ddff02036f25f399bec3eded04e88416feac1fbf5 89f59851256a49eb502c9ef696a8c97dca734df5d2ed8e08e094c8466bb33aa7 397216e340dc1e5b8870deff1f56d006ca91e9710f13feb24865ca90cf3da0f2 4a3b7d07eb4e1d09c78c1c130d79f2d491d4727735a70c7eacf62f2c62059ff8

Open Ports Detected

2222 53

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

• inetnum: 137.59.148.0 - 137.59.148.255
• netname: PDRSOLUTIONSFZC-AP
• descr: PDR HK Network Operations
• country: HK
• geoloc: 22.290923 114.274504
• admin-c: PSFA1-AP
• tech-c: PSFA1-AP
• abuse-c: AH1191-AP
• status: ALLOCATED NON-PORTABLE
• mnt-by: MAINT-IN-AP
• mnt-irt: IRT-HK-TELEHOUSE
• last-modified: 2021-01-06T13:12:24Z
• irt: IRT-HK-TELEHOUSE
• address: HK Colo, 1B-C05 Data Hall 1B, 1/F, 2 Chun Yat Street, Tseung Kwan O, Hong Kong
• e-mail: ipadmin@publicdomainregistry.com
• abuse-mailbox: abuse@publicdomainregistry.com
• admin-c: PSFA1-AP
• tech-c: PSFA1-AP
• mnt-by: MAINT-IN-AP
• last-modified: 2024-03-08T06:35:49Z
• role: ABUSE HKTELEHOUSE
• address: HK Colo, 1B-C05 Data Hall 1B, 1/F, 2 Chun Yat Street, Tseung Kwan O, Hong Kong
• country: ZZ
• phone: +000000000
• e-mail: ipadmin@publicdomainregistry.com
• admin-c: PSFA1-AP
• tech-c: PSFA1-AP
• nic-hdl: AH1191-AP
• abuse-mailbox: abuse@publicdomainregistry.com
• mnt-by: APNIC-ABUSE
• last-modified: 2024-03-08T06:36:25Z
• role: PDR Solutions FZC administrator
• address: P.D.R Solutions FZC,, F-20, Business Center 1,, Business Park, RAK Free Trade Zone, Ras Al Khaimah
• country: AE
• phone: +14152300648
• fax-no: +14152300648
• e-mail: abuse@publicdomainregistry.com
• admin-c: PSFA1-AP
• tech-c: PSFA1-AP
• nic-hdl: PSFA1-AP
• mnt-by: MAINT-PDRSOLUTIONSFZC-AP
• last-modified: 2017-03-08T17:17:21Z

Links to attack logs

****** ****** ******