103.138.69.197 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
  • Tags: Bruteforce, Nextray, SSH, aws, cowrie, cyber security, fail2ban, ioc, la, lafusioncenter, louisiana, malicious, phishing, scanners, ssh, tsec
  • View other sources: Spamhaus VirusTotal

  • Country: Indonesia
  • Network: AS138842 pt internetwork komunikasi indonesia
  • Noticed: 41 times
  • Protcols Attacked: ssh
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: api.remee.id amorpayment.suryadata.com www.amorpayment.suryadata.com www.mkg.suryadata.com mkg.suryadata.com www.apimkg.suryadata.com apimkg.suryadata.com kumago.id www.api.ayola.id api.ayola.id www.tms.suryadata.com tms.suryadata.com www.activity.suryadata.com activity.suryadata.com www.maxi.suryadata.com maxi.suryadata.com www.miso-api.suryadata.com miso-api.suryadata.com miso.suryadata.com www.miso.suryadata.com necisbk.suryadata.com necis.suryadata.com www.necisbk.suryadata.com www.necis.suryadata.com www.necisapi.suryadata.com necisapi.suryadata.com fin.suryadata.com finadm.suryadata.com www.fin.suryadata.com www.finadm.suryadata.com www.ss.suryadata.com ss.suryadata.com www.bkss.suryadata.com bkss.suryadata.com www.member.suryadata.com deskera.suryadata.com www.deskera.suryadata.com member.suryadata.com memberapi.suryadata.com www.memberapi.suryadata.com bck.suryadata.com www.bck.suryadata.com rmd.suryadata.com www.rmd.suryadata.com fin888.suryadata.com www.fin888.suryadata.com www.sndbtx.suryadata.com sndbtx.suryadata.com www.behaestex.suryadata.com behaestex.suryadata.com

Map

Whois Information

  • inetnum: 103.138.68.0 - 103.138.69.255
  • netname: INTERNETWORK-ID
  • descr: PT. Internetwork Komunikasi Indonesia
  • descr: Internet Service Provider
  • descr: Epicentrum Walk 5th Floor A540
  • descr: Jl. H.R. Rasuna Said, Jakarta Selatan 12960
  • admin-c: EH212-AP
  • tech-c: EH212-AP
  • country: ID
  • mnt-by: MNT-APJII-ID
  • mnt-irt: IRT-INTERNETWORK-ID
  • mnt-routes: MAINT-ID-INTERNETWORK
  • status: ALLOCATED PORTABLE
  • last-modified: 2019-04-15T10:41:51Z
  • irt: IRT-INTERNETWORK-ID
  • address: PT. Internetwork Komunikasi Indonesia
  • address: Epicentrum Walk 5th Floor A540
  • address: Jl. H.R. Rasuna Said
  • address: Jakarta Selatan 12960
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: EH212-AP
  • tech-c: EH212-AP
  • mnt-by: MAINT-ID-INTERNETWORK
  • last-modified: 2019-04-15T10:37:29Z
  • person: Edi Hermawan
  • address: Delissdin Green Residence, Blok C1
  • address: Jl. Raya Muchtar, Sawangan, Depok 16511
  • address: Jawa Barat, Indonesia
  • country: ID
  • phone: +62-21-56957923
  • e-mail: [email protected]
  • nic-hdl: EH212-AP
  • mnt-by: MNT-APJII-ID
  • fax-no: +62-21-56957923
  • last-modified: 2019-04-12T10:14:24Z
  • route: 103.138.68.0/23
  • descr: Route Object of PT. Internetwork Komunikasi Indonesia
  • descr: Internet Service Provider
  • descr: Epicentrum Walk 5th Floor A540
  • descr: Jl. H.R. Rasuna Said
  • descr: Jakarta Selatan 12960
  • origin: AS138842
  • mnt-by: MAINT-ID-INTERNETWORK
  • last-modified: 2019-04-18T02:45:28Z
  • inetnum: 103.138.68.0 - 103.138.69.255
  • netname: INTERNETWORK-ID
  • descr: PT. Internetwork Komunikasi Indonesia
  • descr: Internet Service Provider
  • descr: Epicentrum Walk 5th Floor A540
  • descr: Jl. H.R. Rasuna Said, Jakarta Selatan 12960
  • admin-c: EH212-AP
  • tech-c: EH212-AP
  • country: ID
  • mnt-by: MNT-APJII-ID
  • mnt-irt: IRT-INTERNETWORK-ID
  • mnt-routes: MAINT-ID-INTERNETWORK
  • status: ALLOCATED PORTABLE
  • last-modified: 2020-07-15T02:39:38Z
  • irt: IRT-INTERNETWORK-ID
  • address: PT. Internetwork Komunikasi Indonesia
  • address: Epicentrum Walk 5th Floor A540
  • address: Jl. H.R. Rasuna Said
  • address: Jakarta Selatan 12960
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: EH212-AP
  • tech-c: EH212-AP
  • mnt-by: MAINT-ID-INTERNETWORK
  • last-modified: 2020-07-15T02:39:38Z
  • person: Edi Hermawan
  • address: Delissdin Green Residence, Blok C1
  • address: Jl. Raya Muchtar, Sawangan, Depok 16511
  • address: Jawa Barat, Indonesia
  • country: ID
  • phone: +62-21-56957923
  • e-mail: [email protected]
  • nic-hdl: EH212-AP
  • mnt-by: MNT-APJII-ID
  • fax-no: +62-21-56957923
  • last-modified: 2020-07-15T02:39:38Z

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-02-02 bruteforce-ip-list-2021-01-14 bruteforce-ip-list-2021-01-29