103.164.63.79 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 103.164.63.79 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 37/100

Host and Network Information

• Tags: 103.164.63.79, 32, 32-bit, 64-bit, 93.190.8.212, AgentTesla, arm, ascii, AsyncRAT, bashlite, bettershaders.com, Crunexy, CrunexyStealer, doc, dropped-by-PrivateLoader, elf, encrypted, exe, Formbook, gafgyt, GuLoader, hajime, LummaStealer, mips, mirai, Mozi, PowerShellDiscordStealer, rar, Shaderify, shaderify.com, shellscript, SocGholish, x86-64, zip

• View other sources: Spamhaus VirusTotal

• Country: Hong Kong
• Network: AS142032 high family technology co. limited
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: www.amxnqus.com www.aqmsdke.com www.asnwmj.ink www.awxvrkmf.com www.aswdcve.com www.asmcnwd.com www.qxsbcmuf.com www.asdvejc.com www.kmdlvje.com www.asjcnfes.com www.adbfhum.com www.kjzm1ks1.com www.asdvger.com www.ktehd2.com www.pgfjrdv.com www.samqwnxw.com www.shuiwujumq.com www.plekemwq.com www.kjzm1ks11.com www.shuijtyb2.com www.kmdnjcd.com asjnwdq.com ajshqde.com aasdefj.com sjfdfa.com sbqhdq.com ndsjwwe.com xhrtjde2.com askqjq.com askdwm.com phfgysn2.com jhklask.com asmjwf.com baswjd.com ctrrtytj2.com busette2.com xfghrtys2.com phrnjtz2.com asmdk.com asmdwo.com asjwqo.com nkwqdq.com asbndw.com akfemw.com dtyupjsj2.com basjwe.com bcsnwd.com asuejd.com asmndc.com bshdk.com bdhwkq.com asoefme.com asmwr.com bshcw.com bshadw.com amsdwro.com tutybykiy2.com msnsdej.com mdwnsdw2dk.com psteyyu2.com ksnwsd2d.com asmdwef.com mdfjnef.com zhjetbei2.com whytfg.com asjdme.com asndbwj.com asfnwjw.com mkslwx.com qgrjed.com yhdfmwwd9.com euytdt.com ruidixs.com www.aokdemc.com asjwmslw.com lksmnqs.com www.btyrtr2.com wurtct2.com cyuitd2.com asjcnfes.com muycx2.com yufehy2.com kmdnjcd.com www.asjdwof.com moitrg2.com yohrth2.com bkoul2.com acdfkfm.com kmdlvje.com asjdwof.com tjhty2.com dhtrhu2.com zmak1ia.com ukjsdmfl.com kakzm1s.com www.asmdjwkc.com asmdjwkc.com www.plksdnh.com plksdnh.com asdas1a1.com kjzm1ks11.com kjzm1ks1.com asdvger.com adbfhum.com jouyrt2.com asdvejc.com dfdbfw.com chjtrx2.com asdmencw.com asmcnwd.com asdwmks.com asqzxvdw.com saznqsdq.com awxvrkmf.com amxnqus.com shuiwujumq.com qxsbcmuf.com berteu2.com ndfjwms.com aswdcve.com mpubr2.com pgfjrdv.com jksdmsnfsw.ink aqmsdke.com plekemwq.com guierti2.com dfjgasdg.com samqwnxw.com zgtrjy2.com yyyshuiyl.com ergtdfxgy.com asnwmj.ink aokdemc.com shuijtyb2.com btyrtr2.com dhdnwkql.com ktehd2.com kasjqsd.com www.kasjqsd.com mpaymo.shop

Open Ports Detected

21 22 443 80 888

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

• inetnum: 103.164.62.0 - 103.164.63.255
• netname: VAPELINE1-HK
• descr: VAPELINE TECHNOLOGY(HK).,LIMITED
• country: HK
• org: ORG-VA24-AP
• admin-c: VTA7-AP
• tech-c: VTA7-AP
• abuse-c: AV497-AP
• status: ALLOCATED PORTABLE
• mnt-by: APNIC-HM
• mnt-lower: MAINT-VAPELINE1-HK
• mnt-routes: MAINT-VAPELINE1-HK
• mnt-irt: IRT-VAPELINE1-HK
• last-modified: 2021-03-15T00:28:00Z
• irt: IRT-VAPELINE1-HK
• address: RM4 16/F HO KING COMM CTR 2-16 FAYUEN ST, MOMGKOK KLN HongKong 000000
• e-mail: abuse@255.hk
• abuse-mailbox: abuse@255.hk
• admin-c: VTA7-AP
• tech-c: VTA7-AP
• mnt-by: MAINT-VAPELINE1-HK
• last-modified: 2024-04-02T13:07:24Z
• organisation: ORG-VA24-AP
• org-name: VAPELINE TECHNOLOGY(HK).,LIMITED
• org-type: LIR
• country: HK
• address: RM4 16/F HO KING COMM CTR 2-16 FAYUEN ST
• phone: +852-5317-7085
• e-mail: data@vapeline-idc.com
• mnt-ref: APNIC-HM
• mnt-by: APNIC-HM
• last-modified: 2023-09-05T02:18:28Z
• role: ABUSE VAPELINE1HK
• address: RM4 16/F HO KING COMM CTR 2-16 FAYUEN ST, MOMGKOK KLN HongKong 000000
• country: ZZ
• phone: +000000000
• e-mail: abuse@255.hk
• admin-c: VTA7-AP
• tech-c: VTA7-AP
• nic-hdl: AV497-AP
• abuse-mailbox: abuse@255.hk
• mnt-by: APNIC-ABUSE
• last-modified: 2024-04-02T13:08:19Z
• role: VAPELINE TECHNOLOGYHKLIMITED administrator
• address: RM4 16/F HO KING COMM CTR 2-16 FAYUEN ST, MOMGKOK KLN HongKong 000000
• country: HK
• phone: +852-5317-7085
• e-mail: data@vapeline-idc.com
• admin-c: VTA7-AP
• tech-c: VTA7-AP
• nic-hdl: VTA7-AP
• mnt-by: MAINT-VAPELINE1-HK
• last-modified: 2021-03-14T16:30:33Z