139.224.142.100 Threat Intelligence and Host Information

Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 139.224.142.100 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 19/100

Host and Network Information

  • Country: China
  • Network: AS37963 hangzhou alibaba advertising co. ltd.
  • Noticed: 2 times
  • Protocols Attacked: SSH
  • Passive DNS Results: scbzyjng2015.com isshiyi.xyz wylan.online gdwuniu.com liuly3.xyz www.es360.cn edgm.top jackychang.online chenmugm.com place.dorpu.cn 8878yx.com fiftyad.com www.lingji168.cn dgjtn.com qvbsz4.cn dns17.hichina.com xn–kkru26ackcev5bmhw.com chaoyuankeji.com.cn wddaudio.com dns21.hichina.com kucha.com chenwji.com dns23.hichina.com dns19.hichina.com

Open Ports Detected

10000 10001 10134 102 1023 1024 10250 10344 104 10443 10554 10909 10911 1099 110 11000 111 1110 11112 11300 11434 1153 1177 119 1200 12000 121 122 1234 12345 13 1311 1337 13579 1400 14265 143 1433 14344 15 1515 1521 16992 16993 17000 1723 179 1800 1801 18245 1883 19 19000 1901 19071 1911 1926 1935 1947 195 1951 1962 20000 2002 2008 2012 2021 20256 2057 2067 2068 2081 2087 21 21025 2121 2126 21379 2154 2181 2200 221 2222 22443 225 23 23023 2332 2345 2352 24 2404 25 25001 25105 25565 2562 2601 2628 264 2650 27015 2761 2762 28015 28080 30002 30003 3001 3002 3049 3050 3073 3082 3083 3087 3090 3097 3111 3118 3119 31337 32400 3260 3268 32764 3299 3301 33060 3307 3310 3388 3389 35000 3522 3548 3551 3552 3561 3689 37 37777 3780 3790 3794 389 4000 4010 4042 4063 4064 4157 41800 4190 4242 427 4282 4321 4369 44158 443 4430 4433 444 4443 4444 44818 4500 4506 4550 465 4782 47990 48226 4840 49 491 4911 4949 50000 5001 5006 5007 5009 50100 503 51235 515 5172 5222 5269 53 54138 5432 554 55442 55443 55553 55554 5560 5592 5607 5672 5801 5858 5900 593 5938 6000 60001 60010 6002 6006 61613 61616 62078 631 636 6363 6379 6511 6601 6633 666 6664 6667 6668 6697 6955 70 7001 7002 7071 7218 7401 7415 7443 7474 7548 771 7779 79 8001 8005 8009 8011 8012 8021 8027 8037 8081 8083 8085 8086 8087 8098 8099 81 8103 8104 8111 8123 8126 8139 8140 8181 82 8200 8291 8333 84 8406 8407 8443 8500 8513 8545 8553 8575 8728 8779 880 8818 8840 8842 8844 8856 8862 8865 8870 8871 8872 8880 8881 8885 8888 8889 89 8988 9002 9006 9012 902 9042 9088 9092 9095 9100 9105 9109 9160 9191 92 9206 9222 9295 9300 9302 9306 9418 9433 9443 9500 9530 9595 9600 9633 9704 9761 9800 990 992 993 995 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-10088 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

  • NetRange: 139.224.0.0 - 139.224.255.255
  • CIDR: 139.224.0.0/16
  • NetName: APNIC-ERX-139-224-0-0
  • NetHandle: NET-139-224-0-0-1
  • Parent: NET139 (NET-139-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: This IP address range is not registered in the ARIN database.
  • Comment: This range was transferred to the APNIC Whois Database as
  • Comment: part of the ERX (Early Registration Transfer) project.
  • Comment: For details, refer to the APNIC Whois Database via
  • Comment:
  • Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
  • Comment: for the Asia Pacific region. APNIC does not operate networks
  • Comment: using this IP address range and is not able to investigate
  • Comment: spam or abuse reports relating to these addresses. For more
  • Ref: https://rdap.arin.net/registry/ip/139.224.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 139.224.0.0 - 139.224.255.255
  • netname: ALISOFT
  • descr: Aliyun Computing Co., LTD
  • descr: 5F, Builing D, the West Lake International Plaza of S&T
  • descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • country: CN
  • admin-c: ZM1015-AP
  • tech-c: ZM877-AP
  • tech-c: ZM876-AP
  • tech-c: ZM875-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-ALISOFT-CN
  • last-modified: 2023-11-28T00:57:06Z
  • irt: IRT-ALISOFT-CN
  • address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
  • e-mail: didong.jc@alibaba-inc.com
  • abuse-mailbox: didong.jc@alibaba-inc.com
  • admin-c: ZM877-AP
  • tech-c: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-05T23:38:36Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Li Jia
  • address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
  • country: CN
  • phone: +86-0571-85022088
  • e-mail: jiali.jl@alibaba-inc.com
  • nic-hdl: ZM1015-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T02:02:01Z
  • person: Guoxin Gao
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022600
  • fax-no: +86-0571-85022600
  • e-mail: anti-spam@list.alibaba-inc.com
  • nic-hdl: ZM875-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2014-07-30T01:56:01Z
  • person: security trouble
  • e-mail: yitian.gaoyt@alibaba-inc.com
  • address: Hangzhou, Zhejiang, China
  • phone: +86-0571-85022600
  • country: CN
  • mnt-by: MAINT-CNNIC-AP
  • nic-hdl: ZM876-AP
  • last-modified: 2021-04-13T23:22:33Z
  • person: Guowei Pan
  • address: 5F, Builing D, the West Lake International Plaza of S&T
  • address: No.391 Wen’er Road, Hangzhou City
  • address: Zhejiang, China, 310099
  • country: CN
  • phone: +86-0571-85022088-30763
  • fax-no: +86-0571-85022600
  • e-mail: guowei.pangw@alibaba-inc.com
  • nic-hdl: ZM877-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-07-09T01:34:02Z
  • route: 139.224.142.0/24
  • origin: AS37963
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:31:57Z
  • route: 139.224.142.0/24
  • origin: AS45102
  • descr: China Internet Network Information Center
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2020-02-18T01:33:17Z

Links to attack logs

****** ****** ******

Share on: