103.162.30.118 Threat Intelligence and Host Information

Sep 23, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.162.30.118 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: Nextray, SSH, cyber security, ioc, malicious, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Vietnam
  • Network: AS135967 bach kim network solutions join stock company
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 7 c32a15c7953b08b8d35d7f227c9de3f3a9bfe910bebfb53a9bd3e442147dd12f 09cdb875e27e2a4f45ae7737fd7e89f8667ab8c46cada4f39c404cd4b6ecfc31 d13f8b7e629b5b81b74e46299918091e8df567f98ddc17612c8c3355d777f31a e31ceb0241648a697082148dc53a829d57afefbb292b0a354d7c82c0830a9c90 93b8719b737859fdee0402a9daf5e251d0026f217d725881bf276ab56fc87636 a2cc1bf8651cac60a3b81a0df5f9884281a1fd398a3233f72189033f9f57b5e4 a14e3d200f836a9d098f6570b0f995ec6a1dc9849f21f4c6cbfaa32f62b07284

Open Ports Detected

10000 111 22 8888

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

  • inetnum: 103.162.30.0 - 103.162.31.255
  • netname: O2TECH-VN
  • descr: O2 VIETNAM TECHNOLOGY JOINT STOCK COMPANY
  • descr: 3 Floor, CT2, Le Van Luong, Nhan Chinh Ward, Thanh Xuan District, Ha Noi
  • admin-c: PDT13-AP
  • tech-c: PDT13-AP
  • country: VN
  • mnt-by: MAINT-VN-VNNIC
  • mnt-lower: MAINT-VN-VNNIC
  • mnt-irt: IRT-VNNIC-AP
  • status: ALLOCATED PORTABLE
  • last-modified: 2021-01-26T02:07:21Z
  • irt: IRT-VNNIC-AP
  • address: Ha Noi, VietNam
  • phone: +84-24-35564944
  • fax-no: +84-24-37821462
  • e-mail: hm-changed@vnnic.vn
  • abuse-mailbox: hm-changed@vnnic.vn
  • admin-c: NTTT1-AP
  • tech-c: NTTT1-AP
  • mnt-by: MAINT-VN-VNNIC
  • last-modified: 2017-11-08T09:40:06Z
  • person: Pham Duy Tam
  • address: 6 Floor, 169 Nguyen Ngoc Vu, Trung Hoa Ward, Cau Giay District, Ha Noi city
  • country: VN
  • phone: +84-2473028118
  • e-mail: tampd@bkns.vn
  • nic-hdl: PDT13-AP
  • mnt-by: MAINT-VN-VNNIC
  • last-modified: 2021-01-26T01:57:36Z

Links to attack logs

dosing-telnet-bruteforce-ip-list-2021-08-25

Share on: