143.92.57.137 Threat Intelligence and Host Information

Oct 12, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 143.92.57.137 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Hong Kong
  • Network:
  • Noticed: 30 times
  • Protocols Attacked: mssql
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: asfadf4as564f5wiii.jelldsfcso.tmall.hmclouds.org.cn 352784.com 128479.com 930587.com 471652.com 819435.com 950317.cn aq4f9mk8.n.vipcname.com bp.tmall.close.kejischool.org.cn hy1.jc16881688.shop hy2.jc16881688.shop 684168.icu ca6wm5he.n.vipcname.com tcn.classgroup.org.cn 246802.cn 579135.cn 913567.cn 246800.cn 802456.cn 357901.cn 357913.cn 468012.cn 024680.cn 680246.cn 605040.cn 404448.com 468135.com 707784.com 357924.com 606672.com leijun1001org.cn leijun1002org.cn xn–fiq3mp3a99in9rolap34bd3j.com 9lizqu6r.cyou 0ihjoywz.cyou xl6ixara.cyou rmli5k6b.cyou 60vmrnkz.cyou yiw13qqr.cyou yhunc071.cyou i5zx9d9p.cyou 1p5bf00k.cyou 143.92.57.137

Open Ports Detected

111 22 3051 443 5001 5005 5006 5007 5009 5010 6653 7001 7654 7657 80 8001 8005 8006 8007 8008 8009 8010 8443 8504 8530 8880 9002 9003 9004 9005 9009 9010 9036 9094

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • NetRange: 143.92.0.0 - 143.92.127.255
  • CIDR: 143.92.0.0/17
  • NetName: APNIC-ERX-143-92-0-0
  • NetHandle: NET-143-92-0-0-1
  • Parent: NET143 (NET-143-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2003-11-12
  • Updated: 2019-01-03
  • Comment: This IP address range is not registered in the ARIN database.
  • Comment: This range was transferred to the APNIC Whois Database as
  • Comment: part of the ERX (Early Registration Transfer) project.
  • Comment: For details, refer to the APNIC Whois Database via
  • Comment:
  • Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
  • Comment: for the Asia Pacific region. APNIC does not operate networks
  • Comment: using this IP address range and is not able to investigate
  • Comment: spam or abuse reports relating to these addresses. For more
  • Ref: https://rdap.arin.net/registry/ip/143.92.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 143.92.48.0 - 143.92.63.255
  • netname: CTG92-48-HK
  • descr: CTG Server Ltd.
  • country: HK
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • abuse-c: AC2487-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-RCPL-SG
  • mnt-irt: IRT-CTG-HK
  • last-modified: 2022-03-30T17:10:01Z
  • irt: IRT-CTG-HK
  • address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
  • e-mail: cs.mail@ctgserver.com
  • abuse-mailbox: cs.mail@ctgserver.com
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2025-09-04T07:13:40Z
  • role: ABUSE CTGHK
  • country: ZZ
  • address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
  • phone: +000000000
  • e-mail: cs.mail@ctgserver.com
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: AC2487-AP
  • abuse-mailbox: cs.mail@ctgserver.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-07-31T03:16:34Z
  • role: RACKIP CONSULTANCY PTE LTD administrator
  • address: 399 Chai Wan Road, Chai Wan, Hong Kong
  • country: SG
  • phone: +603-7806-1316
  • fax-no: +603-7806-1316
  • e-mail: abuse@rackip.com
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2021-08-30T06:13:42Z
  • route: 143.92.57.0/24
  • origin: AS152194
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2024-03-31T12:32:55Z
  • route: 143.92.57.0/24
  • origin: AS64050
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2023-10-11T08:31:53Z

Links to attack logs

****** aws-mssql-bruteforce-ip-list-2021-03-05 ****** ******

Share on: