103.146.100.40 Threat Intelligence and Host Information

Share on:
Mar 12, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Nextray, Scanner, Webattack, brute-force, bruteforce, cyber security, ioc, malicious, phishing, scanning, smtp, ssh, tcp, tsec
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_de, blocklist_de_ssh

  • Country: Hong Kong
  • Network: AS63889 cloud iv limited
  • Noticed: 21 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: www.100dama.com hui.dfzj89.xyz xinyuejr58.xyz www.longdaoguoji.cn htzj.yoogy.cn htzj.sh-tuolan.cn www.youbaor.cn www.gxzj.buzz www.gxzj.xyz 8.gxzj.xyz www.gxzj.in yigou.xzj58.com www.htzj.buzz g.xzj58.com guox.hy1205.xyz gx.hy1205.xyz gx.zx68.pw guo.xiny31.com gx03.dxo13x9.cn gx01.dxo13x9.cn gx88.dxo13x9.cn gx.dzf1z0.cn www.dzf1z0.cn guox.dzf1z0.cn

Open Ports Detected

3389 443 80 8888

CVEs Detected

CVE-2006-20001 CVE-2015-9253 CVE-2017-7272 CVE-2017-7963 CVE-2018-19395 CVE-2018-19396 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9641 CVE-2022-2097 CVE-2022-31628 CVE-2022-31629 CVE-2022-36760 CVE-2022-37436 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286

Map

Whois Information

  • inetnum: 103.146.100.0 - 103.146.100.255
  • netname: zun
  • descr: zun
  • country: HK
  • admin-c: RILA4-AP
  • tech-c: RILA4-AP
  • abuse-c: AM2649-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-M369INTONETLIMITED-HK
  • mnt-irt: IRT-M369INTONETLIMITED-HK
  • last-modified: 2021-10-05T04:10:59Z
  • irt: IRT-M369INTONETLIMITED-HK
  • address: NA
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: RILA4-AP
  • tech-c: RILA4-AP
  • mnt-by: MAINT-M369INTONETLIMITED-HK
  • last-modified: 2022-10-27T08:27:02Z
  • role: ABUSE M369INTONETLIMITEDHK
  • address: NA
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: RILA4-AP
  • tech-c: RILA4-AP
  • nic-hdl: AM2649-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-10-27T08:27:34Z
  • role: R369 IntoNet Limited administrator
  • address: ABC
  • country: HK
  • phone: +852-6793094
  • e-mail: [email protected]
  • admin-c: RILA4-AP
  • tech-c: RILA4-AP
  • nic-hdl: RILA4-AP
  • mnt-by: MAINT-M369INTONETLIMITED-HK
  • last-modified: 2020-02-22T10:35:24Z
  • route: 103.146.100.0/24
  • origin: AS140212
  • descr: 369 IntoNet Limited
  • mnt-by: MAINT-M369INTONETLIMITED-HK
  • last-modified: 2021-10-20T01:39:47Z
  • route: 103.146.100.0/24
  • notify: [email protected]
  • origin: AS63889
  • descr: 369 IntoNet Limited
  • mnt-by: MAINT-M369INTONETLIMITED-HK
  • last-modified: 2020-11-25T05:24:24Z

Links to attack logs

bruteforce-ip-list-2022-03-16 bruteforce-ip-list-2022-03-10