103.11.83.52 Threat Intelligence and Host Information

Sep 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.11.83.52 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: MTI, Malicious IP, Nextray, Telnet, blacklist, botnet, bruteforce, cyber security, ioc, malicious, mirai, phishing, scan, tcp, telnet, vsoc

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: snort_ipfilter, talosintel_ipfilter

  • Country: India
  • Network: AS135817 esto media private limited
  • Noticed: 1 times
  • Protcols Attacked: telnet
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 44 00dc09a068391657ec4277a57360e8a4c174903a5e58a538a922d0778212de24 94fe85d48f9aca189a262950cc421ab7ee057e301c0200ee78a1355f4c12d5eb 47fe2d34e81cca580037f5772663331d03e7d792367bcfb63444f61ee045a689 14aa16f36f01503e15e2e4d194d64dd9d539c923c2a99bd21d62811c716fc238 4d72881474f61af7d369cd027f1f301eb0cbd5e3ed01aade1648cfd8e13ea61d afcc001a8a38614d62612b68a8fa28422e34556ffe94ffe1f0ff573e22f1be2d 235af927ceeb13aa994e49fdfe97c8a651513aa148130db304daf73fe5fed45a af9d20112fe0c70fd621badc3a9d5947cdc2892f044bb928854d47447bd2338b 4ce83e1fb95652f713d6b61d10d206b5196775bd74eeda04653d76e2e9f59f29 026a8a9ee9b2d5b373544a0d8d73e3a5a437436d27c4883d19e1eed808c3d370

Open Ports Detected

443

Map

Whois Information

  • inetnum: 103.11.83.0 - 103.11.83.255
  • netname: AIRITINDIA-IN
  • descr: Access Broadband
  • descr: Indore
  • country: IN
  • admin-c: AIIP1-AP
  • tech-c: AIIP1-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-AIRITINDIA-IN
  • mnt-lower: MAINT-AIRITINDIA-IN
  • mnt-routes: MAINT-AIRITINDIA-IN
  • mnt-irt: IRT-AIRITINDIA-IN
  • last-modified: 2013-03-14T16:57:08Z
  • irt: IRT-AIRITINDIA-IN
  • address: Sai Road
  • address: Baddi
  • address: Solan
  • address: Himachal Pradesh
  • e-mail: askus@airitindia.com
  • abuse-mailbox: network@airitindia.com
  • admin-c: AIIP1-AP
  • tech-c: AIIP1-AP
  • mnt-by: MAINT-AIRITINDIA-IN
  • last-modified: 2013-09-25T01:40:09Z
  • role: AIR IT INFRASTRUCTURE PRIVATE LIMITED - network
  • address: Sai Road
  • address: Baddi
  • address: Solan
  • address: Himachal Pradesh
  • country: IN
  • phone: +911795650850
  • e-mail: askus@airitindia.com
  • admin-c: AIIP1-AP
  • tech-c: AIIP1-AP
  • nic-hdl: AIIP1-AP
  • mnt-by: MAINT-AIRITINDIA-IN
  • last-modified: 2011-11-05T17:29:11Z
  • route: 103.11.83.0/24
  • descr: Esto Broadband
  • notify: askus@airitindia.com
  • origin: AS135817
  • mnt-by: MAINT-AIRITINDIA-IN
  • last-modified: 2020-07-05T02:16:54Z

Links to attack logs

doamsterdam-telnet-bruteforce-ip-list-2022-12-01

Share on: