139.196.66.152 Threat Intelligence and Host Information

Oct 10, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 139.196.66.152 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 29 times
  • Protocols Attacked: ntp
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10001 10003 10019 10020 10021 10024 10029 10030 10038 10065 10134 10201 1025 10250 10302 10348 104 10444 10480 10554 106 1080 1099 11 11000 11007 1103 11065 11084 111 11182 11211 11288 11300 11401 11434 11443 11601 11688 1177 1180 1181 119 11920 1198 1200 12101 12134 12140 12144 12145 12160 12170 12171 12175 12191 12192 122 12202 12205 12207 12210 12216 12227 12233 12236 12246 12249 12262 12271 12272 12278 12281 12288 12291 12292 12308 12313 12314 12317 12319 12328 12335 12340 12342 12345 12348 12349 12359 12361 12373 12386 12387 12394 12414 12419 12428 12435 12436 12454 12474 12481 12504 12510 12520 12528 12538 12544 12545 12548 12557 12570 12571 12579 12581 12589 1293 13 13000 13001 13128 1337 1343 1366 1370 14084 14104 14130 1414 14265 1433 14443 1471 15 1515 1521 15672 1599 16004 16006 16012 16013 16022 1604 16040 16043 16049 16074 16076 16081 16088 16090 16097 16403 1660 16667 17 1723 17443 179 180 1800 1801 18012 18015 18018 18024 18027 18035 18048 18056 18060 18062 18084 18103 18107 18245 18802 1883 189 19000 1911 19233 1957 1962 1972 1983 199 1990 2000 20018 2002 2003 20030 2008 2012 20201 2021 20256 2053 20547 2064 2067 2069 2072 2081 2083 2087 20880 2096 2111 2121 21240 21252 21262 21294 21309 21321 21327 21328 2133 21500 2154 22 2201 2209 221 22103 2221 2223 22345 225 22556 23023 2323 2332 2345 2404 24084 2435 2444 2455 25 25000 25001 25010 25565 2557 26 27015 2761 28015 2806 285 2995 30000 30002 30003 3001 30013 3006 3010 30111 30121 3017 3050 3054 3062 3073 3074 3077 3087 3091 3115 31210 31337 3136 3144 3167 3187 3189 3199 3200 33001 3306 33060 3310 3409 35101 3549 3551 3570 37080 37777 3780 3794 400 4000 4001 40029 4022 4043 4063 4064 4080 4085 4150 4157 41800 42235 427 4282 43 4321 4369 440 44021 44100 44158 44300 44303 4433 44334 4434 44350 444 44420 4443 4444 4457 44818 4500 4506 4510 4530 4545 45668 45888 461 4620 4664 47000 4840 4899 49121 49210 4949 50000 50009 5006 5007 5009 5010 50100 50101 50104 50105 502 50998 50999 51007 51201 51235 513 515 5253 5255 5259 5263 5264 5269 53481 53483 54138 5432 5435 548 55000 5544 55554 5591 5592 5597 5721 57781 57787 57788 58378 5858 587 5903 5906 5911 5915 5917 593 5984 5996 5999 60000 6001 6010 60129 6081 61613 61616 61619 62016 62078 6264 63256 636 64295 6432 6543 6550 6653 666 6666 6697 6887 6998 70 7001 7016 7070 7071 7079 7082 7083 7084 7090 7105 7171 7348 7415 7444 7465 7548 7634 7700 771 7788 789 7980 7998 8009 8013 8020 8032 8038 8042 8043 8047 8056 8059 8068 8075 8081 8087 809 8100 8117 8125 8134 8138 8165 8184 8203 8237 8239 8291 8317 8322 8333 8383 8402 8408 8414 8415 8420 8427 8428 8430 8457 8493 8500 8504 8519 8529 853 8550 8554 8560 8574 8575 8577 8593 8607 8630 8666 8724 873 8731 8732 8733 8782 8824 8825 8828 8833 8834 8840 8844 8847 8854 8859 8860 8862 8867 8873 8880 8881 8883 8890 89 8905 8911 8935 8990 9000 9001 9017 902 9021 9025 9030 9031 9032 9039 9042 9051 9054 9082 9091 9092 9111 9115 9121 9128 9134 9157 9175 9197 9199 9206 9209 9211 9217 9226 9252 9306 9313 9345 9351 9387 9418 9443 9445 947 95 9500 9501 9532 9553 9600 9633 97 9704 9765 98 9888 990 993 994 9943 995 9992 9993 9994 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-16905 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • NetRange: 139.196.0.0 - 139.196.255.255
  • CIDR: 139.196.0.0/16
  • NetName: APNIC-ERX-139-196-0-0
  • NetHandle: NET-139-196-0-0-1
  • Parent: NET139 (NET-139-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: This IP address range is not registered in the ARIN database.
  • Comment: This range was transferred to the APNIC Whois Database as
  • Comment: part of the ERX (Early Registration Transfer) project.
  • Comment: For details, refer to the APNIC Whois Database via
  • Comment:
  • Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
  • Comment: for the Asia Pacific region. APNIC does not operate networks
  • Comment: using this IP address range and is not able to investigate
  • Comment: spam or abuse reports relating to these addresses. For more
  • Ref: https://rdap.arin.net/registry/ip/139.196.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 139.196.0.0 - 139.196.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • last-modified: 2023-11-28T00:57:06Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • country: ZZ
  • address: Beijing, China
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-09-19T17:20:32Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-07-01T07:12:42Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: abuse@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2025-07-01T07:06:11Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: abuse@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2025-07-01T07:05:46Z
  • route: 139.196.66.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T02:08:28Z
  • route: 139.196.66.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T02:09:52Z

Links to attack logs

****** aws-ntp-bruteforce-ip-list-2020-10-22 awsbah-ntp-bruteforce-ip-list-2020-10-22 ****** ******

Share on: