103.152.242.19 Threat Intelligence and Host Information

Share on:

Mar 12, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

Mitre ATT&CK IDs: T1110 - Brute Force
Tags: 0xBFKX, Bruteforce, Nextray, SSH, Telnet, attack, bruteforce, cowrie, cyber security, fail2ban, ioc, la, lafusioncenter, login, louisiana, malicious, phishing, scanner, ssh, tsec
View other sources: Spamhaus VirusTotal
Contained within other IP sets: haley_ssh
Country: Indonesia
Network: AS139456 pt dewaweb
Noticed: 50 times
Protcols Attacked: SSH
Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: mv.wmshil.com www.mv.wmshil.com www.harrasima-staging.wmslogs.com harrasima-staging.wmslogs.com www.wmslogs.com www.newweb.harrasima.com newweb.harrasima.com harrasimacoid.simbbr.id www.harrasimacoid.simbbr.id harrasima.simbbr.id www.harrasima.simbbr.id www.harrasima.co.id harrasima.co.id gen.simbbr.id www.gen.simbbr.id www.xlms.wmshil.com xlms.wmshil.com www.gatewayx12-staging.wmslogs.com gatewayx12-staging.wmslogs.com www.extwelve.wmslogs.com extwelve.wmslogs.com www.harrasima.wmslogs.com harrasima.wmslogs.com www.wmshil.com wmshil.com csswmslog.harrasima.com www.csswmslog.harrasima.com www.simbbr.id simbbr.id wmslog.harrasima.com www.wmslog.harrasima.com test.harrasima.com www.test.harrasima.com www.harrasima.com harrasima.com laravel.wmshil.com www.laravel.wmshil.com demo.wmshil.com www.demo.wmshil.com test.wmshil.com www.test.wmshil.com app.wmshil.com www.app.wmshil.com hse.wmshil.com www.hse.wmshil.com wmslogs.com harrasima.dewaweb.cloud www.status.easycloud.co.id status.easycloud.co.id www.private.easycloud.co.id private.easycloud.co.id www.devserver.easycloud.co.id devserver.easycloud.co.id www.server.easycloud.co.id server.easycloud.co.id

Open Ports Detected

2077 2082 2087 2095 2096 443 7080 80 995

Map

Whois Information

inetnum: 103.152.242.0 - 103.152.243.255
netname: IDNIC-ALAMJAYA-ID
descr: Yayasan Alam Jaya Sakti
descr: Corporate / Direct Member IDNIC
descr: DEWAWEB
descr: AKR Tower - 16th Floor
descr: Jl. Panjang no. 5, Kebon Jeruk
descr: Jakarta Barat 11530
descr: Jakarta 12870
country: ID
admin-c: EB151-AP
tech-c: EB151-AP
abuse-c: AA1727-AP
status: ASSIGNED PORTABLE
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-PTAMI
mnt-irt: IRT-ALAM-JAYA-ID
last-modified: 2020-07-17T12:55:16Z
irt: IRT-ALAM-JAYA-ID
address: YAYASAN ALAM JAYA SAKTI
address: DEWAWEB
address: AKR Tower - 16th Floor
address: Jl. Panjang no. 5, Kebon Jeruk
address: Jakarta Barat 11530
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: EB151-AP
tech-c: EB151-AP
mnt-by: MAINT-ID-PTAMI
last-modified: 2023-02-24T04:30:35Z
role: ABUSE ALAMJAYAID
address: YAYASAN ALAM JAYA SAKTI
address: DEWAWEB
address: AKR Tower - 16th Floor
address: Jl. Panjang no. 5, Kebon Jeruk
address: Jakarta Barat 11530
country: ZZ
phone: +000000000
e-mail: [email protected]
admin-c: EB151-AP
tech-c: EB151-AP
nic-hdl: AA1727-AP
abuse-mailbox: [email protected]
mnt-by: APNIC-ABUSE
last-modified: 2020-07-22T04:39:12Z
person: Edy Budiman
address: AKR Tower - 16th Floor
address: Jl Panjang No 5 Kebon Jeruk
address: Jakarta Barat 11530
country: ID
phone: +62-21-22124702
e-mail: [email protected]
nic-hdl: EB151-AP
mnt-by: MNT-APJII-ID
last-modified: 2019-11-26T12:50:26Z

Links to attack logs

bruteforce-ip-list-2021-08-05 bruteforce-ip-list-2021-10-02 bruteforce-ip-list-2021-03-22 bruteforce-ip-list-2021-02-05 bruteforce-ip-list-2020-10-01 bruteforce-ip-list-2021-03-10 bruteforce-ip-list-2021-08-11 bruteforce-ip-list-2020-09-27 bruteforce-ip-list-2021-01-06