103.144.242.52 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 103.144.242.52 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

• Tags: Brute-Force, Bruteforce, Nextray, SSH, cyber security, ioc, malicious, phishing

• View other sources: Spamhaus VirusTotal

• Country: Hong Kong
• Network: AS136970 yisu cloud ltd
• Noticed: 1 times
• Protcols Attacked: ssh
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: admin.laishanvip.com 58455545.vip 58456518.vip 58457052.vip 58456360.vip 58451631.vip 58455387.vip 58459168.vip 58455140.vip 58457390.vip 58458763.vip 58455597.vip 58457314.vip 58451125.vip 58455533.vip 58454283.vip 8335845.vip 1515845.vip 9945845.vip 9985845.vip 8345845.vip 3725845.vip 1955845.vip 9065845.vip 1735845.vip 9185845.vip 8285845.vip 7775845.vip 6545845.vip 7335845.vip 3825845.vip www.58455712.vip 58451790.vip 58458689.vip 58451732.vip 58459020.vip www.58456142.vip 58458404.vip 58453313.vip www.58456133.vip 58459947.vip 58454764.vip www.58451790.vip www.58457337.vip www.58453313.vip 58458107.vip 58455712.vip 58456142.vip www.58451732.vip 58457337.vip www.58459799.vip www.58454764.vip www.58458689.vip www.58458107.vip 58452250.vip 58459799.vip 58456133.vip www.58452250.vip www.58459947.vip www.58459020.vip www.58458404.vip www.9665845.vip www.3875845.vip www.3345845.vip 9725845.vip 9035845.vip www.4565845.vip 1015845.vip 1715845.vip www.1055845.vip 3875845.vip www.1785845.vip 9665845.vip 4565845.vip 3345845.vip 7245845.vip 1035845.vip www.1565845.vip www.1035845.vip www.9035845.vip 1925845.vip 1725845.vip www.1015845.vip www.1715845.vip 1565845.vip 1055845.vip www.1925845.vip 1785845.vip www.7245845.vip www.9725845.vip www.1725845.vip

Open Ports Detected

3306 80

Map

Whois Information

• inetnum: 103.144.242.0 - 103.144.243.255
• netname: CYIDC-HK
• descr: CHUANG YUN INTERNET CO,.LIMITED
• country: HK
• org: ORG-CYIC1-AP
• admin-c: CYIC1-AP
• tech-c: CYIC1-AP
• abuse-c: AC1643-AP
• status: ALLOCATED PORTABLE
• mnt-by: APNIC-HM
• mnt-lower: MAINT-CYIDC-HK
• mnt-routes: MAINT-CYIDC-HK
• mnt-irt: IRT-CYIDC-HK
• last-modified: 2020-05-20T13:03:52Z
• irt: IRT-CYIDC-HK
• address: KWAI SHING IND BUILDING TAI LIN PAI RD KWAI CHUNG, hongkong hongkong
• e-mail: zcfivy@qq.com
• abuse-mailbox: zcfivy@qq.com
• admin-c: CYIC1-AP
• tech-c: CYIC1-AP
• mnt-by: MAINT-CYIDC-HK
• last-modified: 2023-07-30T03:17:59Z
• organisation: ORG-CYIC1-AP
• org-name: CHUANG YUN INTERNET CO,.LIMITED
• org-type: LIR
• country: HK
• address: RM 023 9/F KWAI SHING IND BUILDING
• address: TAI LIN PAI RD KWAI CHUNG
• phone: +85253075685
• e-mail: kitty.hong@foxmail.com
• mnt-ref: APNIC-HM
• mnt-by: APNIC-HM
• last-modified: 2023-09-05T02:17:57Z
• role: ABUSE CYIDCHK
• address: KWAI SHING IND BUILDING TAI LIN PAI RD KWAI CHUNG, hongkong hongkong
• country: ZZ
• phone: +000000000
• e-mail: zcfivy@qq.com
• admin-c: CYIC1-AP
• tech-c: CYIC1-AP
• nic-hdl: AC1643-AP
• abuse-mailbox: zcfivy@qq.com
• mnt-by: APNIC-ABUSE
• last-modified: 2023-07-30T03:18:15Z
• role: CHUANG YUN INTERNET COLIMITED administrator
• address: KWAI SHING IND BUILDING TAI LIN PAI RD KWAI CHUNG, hongkong hongkong
• country: HK
• phone: +85253075685
• e-mail: service@wwdcoin.net
• admin-c: CYIC1-AP
• tech-c: CYIC1-AP
• nic-hdl: CYIC1-AP
• mnt-by: MAINT-CYIDC-HK
• last-modified: 2019-11-05T05:41:39Z
• route: 103.144.242.0/24
• origin: AS136970
• descr: CHUANG YUN INTERNET CO,.LIMITED
• mnt-by: MAINT-CYIDC-HK
• last-modified: 2022-04-08T09:39:48Z

Links to attack logs

dotoronto-ssh-bruteforce-ip-list-2023-02-11