103.229.124.54 Threat Intelligence and Host Information

Share on:
Mar 12, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
  • Tags: Brute-Force, Bruteforce, Nextray, SSH, Telnet, attack, cowrie, cyber security, fail2ban, ioc, la, lafusioncenter, login, louisiana, malicious, phishing, scanner, ssh, tsec
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: Taiwan
  • Network: AS55933 cloudie limited
  • Noticed: 50 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: cctv5.uk a8tv.cc msi.wf s11.wf leyu8.in 10yayu.com 18yayu.com 19yayu.com leyu.gs 9snk.com 6bck.com 6cbk.com 6cck.com ly5881.com ly5887.com ly5889.com 2zvv.com 9dcc.com bg9788.com 11yayu.com 16yayu.com 15yayu.com ly338.cc ly339.cc ly226.cc 14yayu.com 2000.lol ozb13.cc ozb.im yibai4567.com 0zb3.com ozb10.com ozb3.com g2.yt ly2829.com ly1819.com 13yayu.com ozb12.com 17yayu.com 12yayu.com major.vg rng8.wf od7879.com od9382.com od6789.com od9372.com od7327.com od3456.com od033.com od0001.com od4178.com od4567.com od3279.com od3628.com od055.com od044.com exing001.com exing04.com exing03.com lejing5678.com lejing4567.com lejing6789.com lejing3456.com gogo4567.com aiying4567.com 8lejing.com 5lejing.com 8aiying.com 9lejing.com boyu5678.com boyu1234.com boyu4567.com boyu3456.com bbv6789.com bbv3456.com bbv5678.com bbv4567.com 4lejing.com 3lejing.com 6aiying.com 3aiying.com 1lejing.com od3270.com od2710.com od2819.com od2736.com kb044.com kb4791.com od002.com od011.com gogo6789.com boyu2345.com boyu6789.com yibai5678.com yibai6789.com yayu6789.com aiying3456.com aiying5678.com aiying6789.com 7lejing.com od3178.com od4722.com 2lejing.com 7aiying.com 4aiying.com yibai3456.com 2aiying.com 1aiying.com od4177.com od3268.com od9273.com od8276.com kb8237.com kb099.com kb7879.com kb4879.com kb3726.com od066.com od077.com od088.com od099.com exing01.com od5678.com exing02.com yayu001.com yayu0001.com

Open Ports Detected

135 445 80

CVEs Detected

CVE-2010-1899 CVE-2010-2730 CVE-2010-3972

Map

Whois Information

  • inetnum: 103.229.124.0 - 103.229.124.255
  • netname: MAINT-DHRC-TW
  • descr: Hosted in Cloudie Network in Hong Kong
  • country: HK
  • geoloc: 22.335066 114.19588
  • admin-c: DHRC1-AP
  • tech-c: DHRC1-AP
  • abuse-c: AD986-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-DHRC-TW
  • mnt-irt: IRT-DHRC-TW
  • last-modified: 2021-04-27T17:02:01Z
  • irt: IRT-DHRC-TW
  • address: No.2 WenChang street PingDeLi BeiTun distance TaiZhong city, TaiZhong TaiZhong
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: DHRC1-AP
  • tech-c: DHRC1-AP
  • mnt-by: MAINT-DHRC-TW
  • last-modified: 2023-02-07T11:22:51Z
  • role: ABUSE DHRCTW
  • address: No.2 WenChang street PingDeLi BeiTun distance TaiZhong city, TaiZhong TaiZhong
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: DHRC1-AP
  • tech-c: DHRC1-AP
  • nic-hdl: AD986-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-02-07T11:23:22Z
  • address: No.2 WenChang street PingDeLi BeiTun distance TaiZhong city, TaiZhong TaiZhong
  • country: TW
  • phone: +886-0933643674
  • fax-no: +886-0933643674
  • e-mail: [email protected]
  • admin-c: DHRC1-AP
  • tech-c: DHRC1-AP
  • nic-hdl: DHRC1-AP
  • mnt-by: MAINT-DHRC-TW
  • last-modified: 2014-04-11T02:04:32Z
  • route: 103.229.124.0/23
  • origin: AS55933
  • mnt-by: MAINT-HVISCL-HK
  • last-modified: 2020-01-24T10:56:14Z

Links to attack logs

bruteforce-ip-list-2021-08-24 bruteforce-ip-list-2021-08-28 bruteforce-ip-list-2021-08-25 bruteforce-ip-list-2021-08-02

Links to attack logs

bruteforce-ip-list-2021-08-24 bruteforce-ip-list-2021-08-28 bruteforce-ip-list-2021-08-25 bruteforce-ip-list-2021-08-02