139.196.235.28 Threat Intelligence and Host Information

Oct 10, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 139.196.235.28 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 29 times
  • Protocols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10001 10007 10009 10013 10014 10016 10036 10041 10082 10087 10134 10180 102 1023 10250 10324 10380 104 10480 10554 1080 10909 1099 111 11112 113 11300 1153 1177 119 12000 12101 12110 12121 12137 12139 12155 12164 12169 12177 12180 12205 12209 12215 12228 12253 12255 12266 12284 12303 12336 12345 12350 12353 12363 12372 12374 12375 12377 12380 12391 12393 12400 12404 12417 12425 12431 12441 12450 12454 12462 12463 12472 12480 1250 12515 12517 12525 12533 12544 12546 12566 12569 12570 1337 13380 13443 1364 13780 14130 1414 14147 1433 14344 14402 14403 14895 14905 15 15038 1515 1521 15443 15503 15673 16002 16003 16004 16026 16041 16043 16044 16048 16052 16076 16086 16088 16089 16091 16097 175 17774 1800 18009 18011 18023 18029 18034 18057 18060 18063 18067 18070 18074 18076 18081 18086 18095 18101 18102 18108 18368 19000 19016 19100 1911 192 19222 1926 195 1958 1962 1976 19776 1980 1981 1984 2002 2003 20053 20070 2008 20150 20185 20256 2048 20500 2059 2080 2081 2087 20880 2107 2121 21239 21251 21257 21265 21267 21273 21284 21289 21292 21298 21300 21323 21328 2154 22107 2220 2222 22556 2271 23 23023 2332 2345 2404 24082 24472 2455 25001 25005 2549 2558 2563 2568 25782 2598 2628 264 27015 2762 28015 28080 28443 30002 30003 3001 3005 3006 3008 30083 30112 3015 3020 30468 3050 3071 3086 3096 311 3112 3117 3132 31444 3153 3156 3172 3177 3186 32080 3260 3268 32764 3299 3301 3389 3404 3405 34500 35000 35101 3523 35251 3551 3562 3569 37 37443 3780 389 3954 400 4000 4022 4023 4063 4147 4150 4157 4159 4190 4242 42424 427 4282 43008 43080 43221 4369 441 443 4430 44300 4431 4433 44336 4434 44399 444 4443 4444 44500 447 448 44818 4500 45000 45003 45006 45111 4524 45777 46862 4700 47000 47984 491 4911 4949 49502 49688 50000 50003 5001 5007 5009 50122 5022 5025 503 50500 5080 5090 5122 51235 513 515 5201 5222 5224 5278 53 54138 5432 5435 5446 548 554 55470 55490 555 5552 55553 5556 5593 5595 5602 5607 5614 5620 5630 5672 57778 57781 57783 58392 5853 5858 5912 5914 5986 5987 5990 5993 6000 6002 60021 6011 6022 61613 61616 62080 63210 6331 636 64477 6512 65432 6588 6600 6601 6602 6622 6633 666 6666 6667 6668 6697 70 7001 7003 7004 7018 7021 7079 7171 7173 7218 7283 7373 7415 7433 7443 7548 7601 7603 7634 7676 7776 7780 7799 7980 8009 8012 8021 8032 8037 8039 8049 8076 8083 8089 8091 8108 8119 8120 8125 8126 8139 8140 8148 8158 8161 8162 8167 8174 8181 8190 8195 8243 8249 8280 8291 8410 8434 8445 8447 8456 8457 8467 8480 8515 8529 8530 8531 8575 8586 8598 8600 8704 8706 8728 873 8782 8804 8805 8813 8820 8823 8839 8843 8846 8855 8857 8871 8880 8905 8908 8993 9000 9002 9004 9006 9014 9029 9037 9040 9042 9051 9055 9078 9092 9097 9109 9117 9124 9136 9138 9150 9151 9154 9157 9162 9163 9169 9173 9178 9181 9184 9187 9189 9194 9195 9199 9201 9212 9213 9241 9244 9247 9301 9306 9312 9333 9376 9410 9418 9443 9488 9510 9530 9658 9700 9704 9861 9918 992 9926 9929 993 9977 9994 9999

CVEs Detected

CVE-2007-2768 CVE-2007-3205 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2013-2220 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-11233 CVE-2024-11234 CVE-2024-11236 CVE-2024-1874 CVE-2024-2408 CVE-2024-3096 CVE-2024-3566 CVE-2024-4577 CVE-2024-5458 CVE-2024-5585 CVE-2024-6387 CVE-2024-8925 CVE-2024-8926 CVE-2024-8927 CVE-2024-8929 CVE-2024-8932 CVE-2024-9026 CVE-2025-1217 CVE-2025-1219 CVE-2025-1220 CVE-2025-1734 CVE-2025-1735 CVE-2025-1736 CVE-2025-1861 CVE-2025-26465 CVE-2025-32728 CVE-2025-6491

Map

Whois Information

  • NetRange: 139.196.0.0 - 139.196.255.255
  • CIDR: 139.196.0.0/16
  • NetName: APNIC-ERX-139-196-0-0
  • NetHandle: NET-139-196-0-0-1
  • Parent: NET139 (NET-139-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: This IP address range is not registered in the ARIN database.
  • Comment: This range was transferred to the APNIC Whois Database as
  • Comment: part of the ERX (Early Registration Transfer) project.
  • Comment: For details, refer to the APNIC Whois Database via
  • Comment:
  • Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
  • Comment: for the Asia Pacific region. APNIC does not operate networks
  • Comment: using this IP address range and is not able to investigate
  • Comment: spam or abuse reports relating to these addresses. For more
  • Ref: https://rdap.arin.net/registry/ip/139.196.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 139.196.0.0 - 139.196.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • last-modified: 2023-11-28T00:57:06Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-09-19T17:20:32Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-07-01T07:12:42Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: abuse@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2025-07-01T07:06:11Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: abuse@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-07-01T07:05:46Z
  • route: 139.196.235.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T02:10:40Z
  • route: 139.196.235.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T02:12:15Z

Links to attack logs

****** dotoronto-redis-bruteforce-ip-list-2021-04-02 ****** ******

Share on: