139.224.142.108 Threat Intelligence and Host Information

Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 139.224.142.108 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

View other sources: Spamhaus VirusTotal

Country: China
Network: AS37963 hangzhou alibaba advertising co. ltd.
Noticed: 1 times
Protocols Attacked: SSH
Passive DNS Results: wylan.online x6seo.com xn–6krs3k3x4bmyl.com family112.com 80yxwl.com www.xqc-papergoods.com shuotao.shop hercules1115.fun www.gooseller.com fiftyad.com lihuan9527.ltd anwall.com.cn hpsytz.com g.llll.vc 6686666.xyz dns22.hichina.com dns24.hichina.com dns20.hichina.com dns18.hichina.com

Open Ports Detected

100 10001 10134 102 1023 1024 1025 10250 1029 10344 104 10443 10554 1063 1080 10909 1099 11 111 11112 11210 113 11300 1153 1177 119 1200 12000 122 1234 12345 13 1337 14147 14265 14344 1471 15 1515 1521 1599 16010 16992 16993 17 1723 1741 175 179 1800 1801 18245 1883 19000 1911 195 1950 1962 1981 2000 20000 2002 20256 2051 20547 2057 2066 2070 2081 2083 2086 21 21025 211 2121 2181 2201 2221 2222 22443 2250 2259 23 23023 2323 2332 2345 2376 2404 2455 25 25105 2549 2551 25565 2570 26 27015 27017 2761 2762 28015 28017 28080 30002 30003 3001 3048 3050 3059 3089 3092 3096 311 3112 3117 3120 3121 3232 32400 3260 3268 32764 3299 3301 3306 3310 3388 3389 3405 3406 3408 35000 3523 3524 3542 3550 3551 3558 3566 3570 37 3749 3780 3790 389 3953 4000 4022 4063 4064 4118 4157 41800 4190 4242 4282 43 4321 4369 44158 443 4433 444 4443 4444 44818 449 4500 4505 4506 4545 4782 47990 48226 4840 4899 49 491 4911 4949 50000 5001 5006 5007 50070 5009 5025 5050 5080 51235 515 5172 5201 5269 541 54138 5431 5432 5454 548 554 55443 55553 55554 5560 5568 5569 5592 5604 5672 5801 587 5900 593 5938 59417 5984 5985 5986 6000 6001 60010 6002 6003 60030 6009 6010 60129 6036 6080 61613 61616 62078 631 636 6443 6588 6653 666 6664 6666 6667 6668 6697 675 70 7001 7022 7071 7171 7218 7415 7434 7443 7474 7510 7634 777 789 79 8002 8004 8009 8010 8016 8017 8024 8030 8034 8052 8054 8056 8081 8083 8087 8089 8098 8099 8126 8140 8181 8200 8248 8282 8291 8333 8407 8421 8431 8443 8500 8545 8554 8586 8623 8649 8728 873 8790 8804 8807 8809 8819 8831 8834 8838 8854 8860 8861 8863 8880 8887 8969 8989 8990 8991 90 9000 9002 9026 9028 9030 9044 9051 9091 9092 9094 9095 9097 9100 9109 9151 9160 9191 92 9200 9206 9210 9215 9295 9299 9307 9310 9418 9443 9444 9530 9600 9633 9743 9761 9869 992 993 9944 995 9988 999 9998 9999

CVEs Detected

CVE-2007-2768 CVE-2007-3205 CVE-2008-3844 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2013-2220 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-9253 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-3115 CVE-2017-15906 CVE-2017-7272 CVE-2017-7963 CVE-2017-8923 CVE-2018-10088 CVE-2018-15473 CVE-2018-15919 CVE-2018-19395 CVE-2018-19396 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9641 CVE-2020-11579 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2022-31628 CVE-2022-31629 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

NetRange: 139.224.0.0 - 139.224.255.255
CIDR: 139.224.0.0/16
NetName: APNIC-ERX-139-224-0-0
NetHandle: NET-139-224-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Ref: https://rdap.arin.net/registry/ip/139.224.0.0
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
inetnum: 139.224.0.0 - 139.224.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
abuse-c: AC1601-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-ALISOFT-CN
last-modified: 2023-11-28T00:57:06Z
irt: IRT-ALISOFT-CN
address: No.391 Wen’er Road, Hangzhou, Zhejiang, China, 310099
e-mail: didong.jc@alibaba-inc.com
abuse-mailbox: didong.jc@alibaba-inc.com
admin-c: ZM877-AP
tech-c: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2021-09-05T23:38:36Z
role: ABUSE CNNICCN
address: Beijing, China
country: ZZ
phone: +000000000
e-mail: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
nic-hdl: AC1601-AP
abuse-mailbox: ipas@cnnic.cn
mnt-by: APNIC-ABUSE
last-modified: 2020-05-14T11:19:01Z
person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: jiali.jl@alibaba-inc.com
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T02:02:01Z
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen’er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: anti-spam@list.alibaba-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2014-07-30T01:56:01Z
person: security trouble
e-mail: yitian.gaoyt@alibaba-inc.com
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
last-modified: 2021-04-13T23:22:33Z
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen’er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2013-07-09T01:34:02Z
route: 139.224.142.0/24
origin: AS37963
descr: China Internet Network Information Center
mnt-by: MAINT-CNNIC-AP
last-modified: 2020-02-18T01:31:57Z
route: 139.224.142.0/24
origin: AS45102
descr: China Internet Network Information Center
mnt-by: MAINT-CNNIC-AP
last-modified: 2020-02-18T01:33:17Z

Links to attack logs

****** ****** ******

Share on: