103.30.117.202 Threat Intelligence and Host Information
Jan 11, 2024
ipinfopage
General
IP Address
103.30.117.202
Location
🇮🇳 India
Network
AS24186
Threat Score
65/100
Attack Intelligence
MITRE ATT&CK Techniques
T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Open Ports Detected
21
Geographic Location
Country
India
City
Unknown
Region
Unknown
Coordinates
21.9974, 79.0011
Network Information
ASN
AS24186
Organization
RailTel Corporation of India Ltd
Network
AS24186 RailTel Corporation of India Ltd
WHOIS Information
inetnum
103.30.116.0 - 103.30.119.255
netname
RAILTEL-IN
descr
Railtel
country
IN
admin-c
NA1011-AP
tech-c
NA1011-AP
abuse-c
NA1011-AP
status
ALLOCATED PORTABLE
mnt-by
MAINT-IN-RAILTEL
mnt-lower
MAINT-IN-RAILTEL
mnt-routes
MAINT-IN-RAILTEL
mnt-irt
IRT-RAILTEL-IN
last-modified
2021-01-14T08:45:18Z
irt
IRT-RAILTEL-IN
address
East Kidwai Nagar, New Delhi-110023
e-mail
ipadmin@railtel.in
abuse-mailbox
abuse@railtelindia.com
person
Network Administrator
phone
+91 11 22900600
nic-hdl
NA1011-AP
fax-no
+91 11 22900699
route
103.30.117.0/24
origin
AS24186
Attack Logs
| Date | Target Location | Protocol | Link |
|---|---|---|---|
| 2024-01-10 | Singapore | SSH | View Log |
- Country: India
- Network: AS24186 railtel corporation of india ltd
- Noticed: 5 times
- Protcols Attacked: ssh
- Countries Attacked: Australia
Malware Detected on Host
Count: 1 8dbee4363c67670923bfdfcd7c424298bf6d4020beaaa4a03b609b5635033806
CVEs Detected
CVE-2006-20001 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-27522
Disclaimer
This page contains threat intelligence information for the IPv4 address 103.30.117.202 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.