103.57.222.159 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 103.57.222.159 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 36/100

Host and Network Information

• Mitre ATT&CK IDs: T1110 - Brute Force

• Tags: brute force, cowrie, heralding, honeytrap, LAMP, malicious, sftp, ssh

• View other sources: Spamhaus VirusTotal

• Country: Vietnam
• Network:
• Noticed: 3 times
• Protocols Attacked: SSH
• Countries Attacked: Australia
• Passive DNS Results: www.xethuduc.com xethuduc.com xeanphutravel.com xehoangkhai.com xevietthang.com xevannam.com xethuany.com xedinhnhan.com xethanhtrung.com xethuky.com xehamy.com xetuphau.com xephuongsa.com xephuocthanh.com xethientrung.com xevuhuong.com xetaynguyen.com www.quanghong.vn quanghong.vn drug.lovemama.vn www.drug.lovemama.vn www.test.bongchuachay.net test.bongchuachay.net www.tkmproduction.com tkmproduction.com www.bongchuachay.net bongchuachay.net www.shopee.lovemama.vn shopee.lovemama.vn www.hoyahc.vn hoyahc.vn www.chongthamga.com m.chongthamga.com www.m.chongthamga.com www.chongthamga.xyz salegiatot.com www.salegiatot.com www.lich.itseovn.com www.rachongtham.com chongthamga.com rachongtham.com test.gachongtham.net www.test.gachongtham.net chongthamga.xyz www.itseovn.com www.milistore.net www.news.gachongtham.net news.gachongtham.net store.gachongtham.net www.store.gachongtham.net gachongtham.net www.gachongtham.net gachongthamcotton.net www.gachongthamcotton.net ruthamcautphcm.info milistore.net itseovn.com lich.itseovn.com www.vieaurora.com.vn vieaurora.com.vn nguyendecor.com www.nguyendecor.com

Open Ports Detected

111 20000 27017 61616 80

CVEs Detected

CVE-2014-8180 CVE-2018-20804 CVE-2019-20923 CVE-2019-20925 CVE-2019-2386 CVE-2019-2389 CVE-2019-2390 CVE-2019-2392 CVE-2019-2393 CVE-2020-7921 CVE-2020-7923 CVE-2020-7928 CVE-2020-7929 CVE-2021-20330 CVE-2021-20333 CVE-2021-32036

Map

Whois Information

• inetnum: 103.57.220.0 - 103.57.223.255
• netname: INET-VN
• descr: iNET Media Company Limited
• descr: 247 Cau Giay Str, Cau Giay Dist, Ha Noi
• admin-c: TK664-AP
• tech-c: NMH38-AP
• country: VN
• mnt-by: MAINT-VN-VNNIC
• mnt-lower: MAINT-VN-VNNIC
• mnt-irt: IRT-VNNIC-AP
• status: ALLOCATED PORTABLE
• last-modified: 2024-05-08T14:55:11Z
• irt: IRT-VNNIC-AP
• address: Ha Noi, VietNam
• phone: +84-24-35564944
• fax-no: +84-24-37821462
• e-mail: hm-changed@vnnic.vn
• abuse-mailbox: hm-changed@vnnic.vn
• admin-c: NTTT1-AP
• tech-c: NTTT1-AP
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2017-11-08T09:40:06Z
• person: Nguyen Minh Hai
• address: INET-VN
• country: VN
• phone: +84-24-38385588
• e-mail: support@inet.vn
• nic-hdl: NMH38-AP
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2024-05-08T14:51:00Z
• person: Tran Kien
• address: iNET Corporation Company
• address: No 247 Cau Giay, Dich Vong ward, Cau Giay district, Ha Noi City
• country: VN
• phone: +84-24-38385588
• e-mail: domain@inet.vn
• nic-hdl: TK664-AP
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2021-10-05T08:09:32Z
• route: 103.57.220.0/22
• descr: INET-VN
• origin: AS7643
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2015-11-30T04:00:43Z

Links to attack logs

bruteforce-ip-list-2025-06-15