103.157.81.203 Threat Intelligence and Host Information

Share on:
Mar 12, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
  • Tags: Brute-Force, Bruteforce, Nextray, SSH, Scanner, Telnet, Webattack, attack, brute-force, bruteforce, cowrie, cyber security, digital ocean, ioc, login, malicious, phishing, scanner, scanners, scanning, smtp, ssh, tcp, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: Indonesia
  • Network: AS58369 fiber networks indonesia
  • Noticed: 50 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Spain, Turkey, Ukraine, United Kingdom, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: agis.link

Open Ports Detected

100 10001 110 1111 1234 1250 143 1701 1723 19000 1925 1935 20 2000 20000 2001 2002 2008 2010 2012 2048 2049 2052 2053 2054 2058 2059 2060 2061 2064 2066 2068 2070 2077 2079 2080 2081 2082 2083 2086 2087 21 2100 2126 2181 2202 2222 22222 2223 2233 2259 2266 2320 2323 2332 2345 2352 2375 2376 2379 2404 2455 25 2506 2525 2551 2561 2562 2563 2568 2572 2598 2650 27015 27017 2761 2762 2806 2985 3074 3092 3099 3479 35000 443 444 4443 450 465 5001 5005 5006 5007 5009 5010 51 515 5222 5432 554 5672 5801 587 5900 5938 6005 6036 636 7010 7071 7979 80 8000 8006 8069 8081 8082 8083 8084 8090 8099 8111 8181 82 8443 8500 8554 8728 8787 8801 8810 8878 888 8880 8887 8989 9000 9001 9010 9045 9082 9084 91 9500 990 993 995 999 9992

Map

Whois Information

  • inetnum: 103.157.80.0 - 103.157.81.255
  • netname: IDNIC-KOMISIYUDISIAL-ID
  • descr: Komisi Yudisial RI
  • descr: Government / Direct member IDNIC
  • descr: Jl. Kramat Raya No.57
  • descr: Senen, Kramat
  • descr: Jakarta Pusat 10450
  • admin-c: HSP12-AP
  • tech-c: HSP12-AP
  • country: ID
  • mnt-by: MNT-APJII-ID
  • mnt-irt: IRT-KOMISIYUDISIAL-ID
  • mnt-routes: MAINT-ID-KOMISIYUDISIAL
  • status: ASSIGNED PORTABLE
  • last-modified: 2020-10-15T02:44:17Z
  • irt: IRT-KOMISIYUDISIAL-ID
  • address: Komisi Yudisial RI
  • address: Jl. Kramat Raya No.57
  • address: Senen, Kramat
  • address: Jakarta Pusat 10450
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: HSP12-AP
  • tech-c: HSP12-AP
  • mnt-by: MAINT-ID-KOMISIYUDISIAL
  • last-modified: 2020-10-15T01:32:38Z
  • person: Heri Sanjaya Putra
  • address: Komisi Yudisial RI
  • address: Jl. Kramat Raya No.57
  • address: Senen, Kramat
  • address: Jakarta Pusat 10450
  • country: ID
  • phone: +62-21-3905876
  • e-mail: [email protected]
  • nic-hdl: HSP12-AP
  • mnt-by: MNT-APJII-ID
  • fax-no: +62-21-3906215
  • last-modified: 2020-10-15T01:03:07Z
  • route: 103.157.80.0/23
  • descr: Route object of Komisi Yudisial RI
  • origin: AS141113
  • mnt-by: MAINT-ID-KOMISIYUDISIAL
  • country: ID
  • last-modified: 2020-10-16T01:55:14Z
  • route: 103.157.80.0/23
  • descr: Route object for 103.157.80.0/23
  • country: ID
  • origin: AS58369
  • mnt-by: MAINT-FIBERNET-ID
  • last-modified: 2023-03-06T03:18:12Z

Links to attack logs

dolondon-ssh-bruteforce-ip-list-2022-06-24 dosing-ssh-bruteforce-ip-list-2022-06-15 vultrparis-ssh-bruteforce-ip-list-2022-07-03 vultrmadrid-ssh-bruteforce-ip-list-2022-07-02 dotoronto-ssh-bruteforce-ip-list-2022-07-04