103.221.221.247 Threat Intelligence and Host Information

May 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.221.221.247 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Tags: attack, Bruteforce, Brute-Force, cowrie, cyber security, ioc, login, malicious, Nextray, phishing, scanner, ssh, SSH, Telnet
JARM: 27d27d27d00027d00042d42d0000007d20e9b9a3e87aa1ec17cb4d646ce9a5
View other sources: Spamhaus VirusTotal
Contained within other IP sets: blocklist_net_ua, haley_ssh

Country: Vietnam
Network:
Noticed: 50 times
Protocols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: skypress.online www.logspath.com logspath.com sebufa.com www.sebufa.com cv.maixuanviet.com game.maixuanviet.com luyenthithukhoa.vn www.luyenthithukhoa.vn static.luyenthithukhoa.vn maixuanviet.com www.maixuanviet.com web.maixuanviet.com kanuhong.com khanhlinhphoto.com

Malware Detected on Host

Count: 418 69ff7c72c13559cbea3ede5ccd5ed55f8248eb4a4b5da1c9b61e679692292129 e73d0dd172bb3a1220a12d00def5787ca9c24755b0597e6282283dcdab8535f0 0186b63ac8a5c280a6f6b1b1871a26177ff6668ff35adfe0ba73d36679bd21a6 071a7016fc0dfbc43942b9b9b056839c23937b38f3a4d3fde693f7ae49577b7e 031223af843139179451c019081ec440dba5757cee82a65076cbd17292f06ef8 50351e6d541f57fccb0261514acb43cb905e4f6dde7e8716ce1b82df7d3c4867 6fa0c6858688e1c0cbc9072c9d371f2183e0bf0c30a1187453cbbe080e0167ca 8ac29489154a4c39e74070063ce71bfada00cd9883466c1e28cd1e66cab1b56c feec12c64c8bf47ae20dc197ac1c5f0c087c89e9a72a054ba82a20bf6266b447 64d3d585c41577b0cfa2f9c63035a95ac785f9b5aeefeaba2490110c84aa7d00

Map

Whois Information

inetnum: 103.221.220.0 - 103.221.223.255
netname: AZDIGI-VN
descr: AZDIGI Corporation
descr: 768 Nguyen Thi Dinh Str, Thach My Loi, quan 2, TP HCM
admin-c: HL3382-AP
tech-c: PNT3-AP
country: VN
mnt-by: MAINT-VN-VNNIC
mnt-lower: MAINT-VN-VNNIC
mnt-irt: IRT-VNNIC-AP
status: ALLOCATED PORTABLE
last-modified: 2017-06-14T10:50:35Z
irt: IRT-VNNIC-AP
address: Ha Noi, VietNam
phone: +84-24-35564944
fax-no: +84-24-37821462
e-mail: hm-changed@vnnic.vn
abuse-mailbox: hm-changed@vnnic.vn
admin-c: NTTT1-AP
tech-c: NTTT1-AP
mnt-by: MAINT-VN-VNNIC
last-modified: 2017-11-08T09:40:06Z
person: Hoang Long
address: AZDIGI Corporation
country: VN
phone: +84-4976908908
e-mail: hoanglong@azdigi.com
nic-hdl: HL3382-AP
mnt-by: MAINT-VN-VNNIC
last-modified: 2017-06-14T10:51:20Z
person: Pham Ngoc Thach
address: AZDIGI-VN
country: VN
phone: +84-933840265
e-mail: thachpham@azdigi.com
nic-hdl: PNT3-AP
mnt-by: MAINT-VN-VNNIC
last-modified: 2017-06-14T10:47:07Z
route: 103.221.220.0/22
descr: AZDIGI-VN
origin: AS63760
mnt-by: MAINT-VN-VNNIC
last-modified: 2022-09-12T08:46:43Z

Links to attack logs

Share on: