103.214.79.14 Threat Intelligence and Host Information

May 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.214.79.14 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Tags: bruteforce, cowrie, cyber security, ioc, malicious, Nextray, phishing, ssh, SSH, tsec
View other sources: Spamhaus VirusTotal

Country: Nepal
Network:
Noticed: 38 times
Protocols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: portal.cwc.com.np support.cwc.com.np hms.cwc.com.np

Malware Detected on Host

Count: 1 69618b30ef0211b70b1165d75765f2ba905194131641825b6ccf5d95b80b4988

Map

Whois Information

inetnum: 103.214.76.0 - 103.214.79.255
netname: SCIG-HK
descr: Digital Policy Office
country: HK
geoloc: 22.27602 114.17515
org: ORG-OOTG1-AP
admin-c: IA545-AP
tech-c: TC153-AP
status: ALLOCATED PORTABLE
abuse-c: AS2440-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-HK-SCIG
mnt-routes: MAINT-HK-SCIG
mnt-irt: IRT-SCIG-HK
last-modified: 2024-07-30T23:40:13Z
irt: IRT-SCIG-HK
address: Cheung Sha Wan
address: Hong Kong
e-mail: opa3cis@scig.gov.hk
abuse-mailbox: opa3cis@scig.gov.hk
admin-c: AC259-AP
tech-c: TC153-AP
mnt-by: MAINT-HK-SCIG
last-modified: 2025-02-05T01:28:34Z
organisation: ORG-OOTG1-AP
org-name: Digital Policy Office
org-type: LIR
country: HK
address: HKSAR Government - (DAP)233
address: 2003A, 20/F, Tsuen Wan Government Offices,
address: 38 Sai Lau Kok Road, Tsuen Wan N.T.
phone: +852-2417-6176
fax-no: +852-3741-2127
e-mail: ibs.admin@scig.gov.hk
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2024-07-31T12:55:15Z
role: ABUSE SCIGHK
country: ZZ
address: Cheung Sha Wan
address: Hong Kong
phone: +000000000
e-mail: opa3cis@scig.gov.hk
admin-c: AC259-AP
tech-c: TC153-AP
nic-hdl: AS2440-AP
abuse-mailbox: opa3cis@scig.gov.hk
mnt-by: APNIC-ABUSE
last-modified: 2025-02-05T01:29:14Z
person: IBS ADMIN
address: Tsuen Wan Government Offices
address: 38 Sai Lau Kok Road, Tsuen Wan
country: HK
phone: +852-2417-6384
e-mail: ibs.admin@scig.gov.hk
nic-hdl: IA545-AP
mnt-by: MAINT-HK-SCIG
last-modified: 2024-02-01T02:16:21Z
person: Technical Contact CIS
nic-hdl: TC153-AP
e-mail: tech-c@scig.gov.hk
address: Cheung Sha Wan
address: Kowloon
address: Hong Kong
phone: +852-8104-0032
fax-no: +852-2574-3799
country: HK
mnt-by: MAINT-HK-SCIG
last-modified: 2024-02-01T02:09:25Z
route: 103.214.79.0/24
descr: Digital Policy Office, HKSARG
origin: AS198949
mnt-by: MAINT-HK-SCIG
last-modified: 2024-08-02T02:55:55Z
route: 103.214.79.0/24
origin: AS9732
descr: Digital Policy Office, HKSARG
mnt-by: MAINT-HK-SCIG
last-modified: 2024-08-02T02:51:19Z

Links to attack logs

****** vultrmadrid-ssh-bruteforce-ip-list-2022-11-30 ****** ******

Share on: