103.159.132.70 Threat Intelligence and Host Information

Share on:
Mar 12, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

  • Mitre ATT&CK IDs: T1036 - Masquerading, T1055 - Process Injection, T1059 - Command and Scripting Interpreter, T1105 - Ingress Tool Transfer, T1140 - Deobfuscate/Decode Files or Information, T1547 - Boot or Logon Autostart Execution, T1566 - Phishing, T1574 - Hijack Execution Flow, TA0011 - Command and Control
  • Tags: Bronze President, Cobalt Strike, Malware, Mustang Panda, Nextray, RedDelta, asia, belarus, bruteforce, cisco secure, cobalt strike, cyber security, digital ocean, february, implant, ioc, iocs hashes, june, malicious, march, meterpreter, mssql, mustang panda, myanmar, panda, phishing, plugx, plugx implant, reddelta, russia, shellcode, ukraine, umbrella, urls

  • View other sources: Spamhaus VirusTotal

  • Country: Malaysia
  • Network: AS55720 gigabit hosting sdn bhd
  • Noticed: 16 times
  • Protcols Attacked: mssql
  • Countries Attacked: Canada, China, Czechia, Denmark, Estonia, France, Germany, Hong Kong, Latvia, Lithuania, Mongolia, Myanmar, Norway, Poland, Romania, Russian Federation, Taiwan, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

80

Map

Whois Information

  • inetnum: 103.159.132.0 - 103.159.133.255
  • netname: FBP-MY
  • descr: Furcop Blockchain PLT
  • country: MY
  • org: ORG-FBP1-AP
  • admin-c: FBPA1-AP
  • tech-c: FBPA1-AP
  • abuse-c: AF701-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-FBP-MY
  • mnt-routes: MAINT-FBP-MY
  • mnt-irt: IRT-FBP-MY
  • last-modified: 2021-06-16T13:03:51Z
  • irt: IRT-FBP-MY
  • address: 2nd Floor Lot 10524 Jalan Tun Jugah, Kuching Sarawak 93350
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: FBPA1-AP
  • tech-c: FBPA1-AP
  • mnt-by: MAINT-FBP-MY
  • last-modified: 2023-01-24T13:24:01Z
  • organisation: ORG-FBP1-AP
  • org-name: Furcop Blockchain PLT
  • country: MY
  • address: 2nd Floor Lot 10524 Jalan Tun Jugah
  • phone: +601131954547
  • fax-no: +601131954547
  • e-mail: [email protected]
  • mnt-ref: APNIC-HM
  • mnt-by: APNIC-HM
  • last-modified: 2020-11-16T12:59:19Z
  • role: ABUSE FBPMY
  • address: 2nd Floor Lot 10524 Jalan Tun Jugah, Kuching Sarawak 93350
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: FBPA1-AP
  • tech-c: FBPA1-AP
  • nic-hdl: AF701-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-01-24T13:24:47Z
  • role: Furcop Blockchain PLT administrator
  • address: 2nd Floor Lot 10524 Jalan Tun Jugah, Kuching Sarawak 93350
  • country: MY
  • phone: +082752749
  • fax-no: +082752749
  • e-mail: [email protected]
  • admin-c: FBPA1-AP
  • tech-c: FBPA1-AP
  • nic-hdl: FBPA1-AP
  • mnt-by: MAINT-FBP-MY
  • last-modified: 2020-11-30T06:30:19Z
  • route: 103.159.132.0/24
  • origin: AS55720
  • descr: Furcop Blockchain PLT
  • mnt-by: MAINT-FBP-MY
  • last-modified: 2021-06-11T13:12:46Z

Links to attack logs

dofrank-mssql-bruteforce-ip-list-2022-06-19