103.157.81.202 Threat Intelligence and Host Information

Share on:

Mar 12, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
Tags: Brute-Force, Bruteforce, Nextray, SSH, Scanner, Webattack, brute-force, bruteforce, cowrie, cyber security, ioc, malicious, phishing, scanning, smtp, ssh, tcp, tsec
View other sources: Spamhaus VirusTotal
Contained within other IP sets: blocklist_de, blocklist_de_ssh, blocklist_net_ua
Country: Indonesia
Network: AS58369 fiber networks indonesia
Noticed: 50 times
Protcols Attacked: SSH
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10443 1234 13579 1701 1723 19000 1925 1935 2000 20000 2002 2008 2021 2048 2049 2062 2064 2067 2082 2086 2087 2150 2181 2201 2222 22222 2259 2320 2332 2379 2382 2404 2455 2480 25 2548 2556 2558 2563 2570 26 2628 27015 2762 2985 3052 3074 3094 3098 3099 3333 35000 389 443 444 4443 4500 465 5001 5002 5005 5006 5010 515 5222 5400 5432 554 5801 587 5900 6036 636 6443 7001 777 7979 80 8000 8006 8081 8083 8084 8086 8090 8099 8111 82 8443 8500 8554 8880 8888 90 9000 9001 9010 9088 91 9191 9500 990 993

CVEs Detected

CVE-2006-20001 CVE-2017-15710 CVE-2017-15715 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2019-0196 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10098 CVE-2019-17567 CVE-2019-9517 CVE-2020-11993 CVE-2020-13938 CVE-2020-1927 CVE-2020-1934 CVE-2020-35452 CVE-2020-9490 CVE-2021-26690 CVE-2021-26691 CVE-2021-33193 CVE-2021-34798 CVE-2021-39275 CVE-2021-40438 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436

Map

Whois Information

inetnum: 103.157.80.0 - 103.157.81.255
netname: IDNIC-KOMISIYUDISIAL-ID
descr: Komisi Yudisial RI
descr: Government / Direct member IDNIC
descr: Jl. Kramat Raya No.57
descr: Senen, Kramat
descr: Jakarta Pusat 10450
admin-c: HSP12-AP
tech-c: HSP12-AP
country: ID
mnt-by: MNT-APJII-ID
mnt-irt: IRT-KOMISIYUDISIAL-ID
mnt-routes: MAINT-ID-KOMISIYUDISIAL
status: ASSIGNED PORTABLE
last-modified: 2020-10-15T02:44:17Z
irt: IRT-KOMISIYUDISIAL-ID
address: Komisi Yudisial RI
address: Jl. Kramat Raya No.57
address: Senen, Kramat
address: Jakarta Pusat 10450
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: HSP12-AP
tech-c: HSP12-AP
mnt-by: MAINT-ID-KOMISIYUDISIAL
last-modified: 2020-10-15T01:32:38Z
person: Heri Sanjaya Putra
address: Komisi Yudisial RI
address: Jl. Kramat Raya No.57
address: Senen, Kramat
address: Jakarta Pusat 10450
country: ID
phone: +62-21-3905876
e-mail: [email protected]
nic-hdl: HSP12-AP
mnt-by: MNT-APJII-ID
fax-no: +62-21-3906215
last-modified: 2020-10-15T01:03:07Z
route: 103.157.80.0/23
descr: Route object of Komisi Yudisial RI
origin: AS141113
mnt-by: MAINT-ID-KOMISIYUDISIAL
country: ID
last-modified: 2020-10-16T01:55:14Z
route: 103.157.80.0/23
descr: Route object for 103.157.80.0/23
country: ID
origin: AS58369
mnt-by: MAINT-FIBERNET-ID
last-modified: 2023-03-06T03:18:12Z

Links to attack logs

bruteforce-ip-list-2022-10-19 bruteforce-ip-list-2021-12-01 bruteforce-ip-list-2021-12-30

Links to attack logs

bruteforce-ip-list-2022-10-19 bruteforce-ip-list-2021-12-01 bruteforce-ip-list-2021-12-30