103.69.112.37 Threat Intelligence and Host Information

Nov 16, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.69.112.37 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

  • Tags: brute force, Bruteforce, Brute-Force, cowrie, ssh, SSH

  • View other sources: Spamhaus VirusTotal

  • Country: India
  • Network: AS132996 threesa infoway pvt.ltd.
  • Noticed: 6 times
  • Protcols Attacked: ssh
  • Countries Attacked: Australia

Open Ports Detected

100 1000 10134 102 1023 1024 10243 1025 10250 104 10443 10554 1063 1080 1099 11 110 11000 111 11112 11210 11211 113 11300 11371 1153 119 1200 12000 122 1234 12345 13 1311 1366 139 1400 14147 14265 143 1433 14344 1471 15 1515 1521 1599 16010 16030 1604 1660 16992 16993 17 1723 175 179 1800 1801 18245 1883 19 19000 1901 19071 1911 1925 1935 195 1962 1981 2000 20000 2001 2002 2003 2008 20256 2052 20547 2055 2058 2062 2063 2067 2069 2077 2081 2082 2083 2086 2087 21 21025 2121 21379 2150 2154 2181 22 221 2222 2223 23 23023 2320 2332 23424 2345 2351 2375 2376 2379 2404 2455 2480 25 25001 25105 2549 2550 2554 25565 2557 2567 2569 26 2626 2628 264 2701 27017 2761 2762 28015 28017 3000 30002 30003 3001 3050 3052 3055 3057 3059 3060 3066 3067 3068 3071 3074 3077 3078 3084 3087 3088 3091 3093 3094 3097 3109 311 3113 3115 3117 3118 3119 3128 32400 3260 3268 3269 3270 3299 3306 33060 3307 3310 3337 3352 3388 3389 3403 35000 3541 3542 3551 3561 3568 37 37215 3749 37777 3790 3791 3794 389 3922 4000 4002 4010 4022 4040 4063 4064 4100 4118 4157 41800 4190 4242 427 4282 43 4321 4369 44158 443 4430 4433 444 4443 4444 448 44818 4500 4506 4545 4567 4643 465 4664 4747 4782 47990 4840 4848 4899 49 4911 49152 49153 4949 5000 50000 5001 5005 50050 5007 50070 5010 50100 5025 503 5050 51106 51235 515 5172 5201 5209 5222 5269 52869 53 5357 5400 541 54138 5432 548 55000 554 55442 55443 5555 55554 55580 5569 5601 5602 5604 5800 5801 5858 587 58749 5900 5901 5908 5909 593 5938 59417 5984 5985 5986 6000 60001 6001 60010 6002 6003 60030 6008 60129 6080 61613 61616 62078 6264 6308 631 636 6379 6511 6601 6605 6633 666 6664 6667 6668 6697 6998 70 7001 7003 7017 7080 7171 7218 7443 7444 7465 7474 7548 7634 7657 7700 771 7777 7779 789 79 7989 80 8000 8001 8008 8009 8010 8030 8034 8037 8040 8042 8046 8048 8054 8056 8060 8069 8072 808 8080 8081 8085 8086 8087 8089 8095 8096 8098 8099 81 8111 8112 8118 8123 8140 8181 8184 8190 8200 8236 8282 8291 83 8333 8334 8383 84 8401 8404 8407 8412 8415 8421 8427 8430 8442 8443 85 8500 8545 8554 8575 8649 8666 8728 873 8779 8789 8790 8791 88 8800 8803 8805 8811 8820 8821 8823 8827 8830 8832 8834 8837 8843 8844 8858 8860 8862 8880 8888 8889 89 8935 8990 8993 8999 9000 9001 9009 9017 902 9030 9034 9037 9049 9051 9080 9082 9090 9091 9092 9093 9096 9099 9100 9108 9136 9151 9160 9199 9200 9201 9202 9205 9210 9212 9218 9219 9306 9389 9418 9443 95 9500 9530 9595 9600 9633 9690 9743 9761 98 9869 9898 992 993 9943 9944 995 9966 9981 9990 9992 9994 9998 9999

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

  • inetnum: 103.69.112.0 - 103.69.115.255
  • netname: THREESAB
  • descr: Threesa Broadband
  • admin-c: MA997-AP
  • tech-c: MA997-AP
  • country: IN
  • mnt-by: MAINT-IN-IRINN
  • mnt-irt: IRT-THREESAB-IN
  • mnt-routes: MAINT-IN-THREESAB
  • status: ASSIGNED PORTABLE
  • last-modified: 2016-07-15T09:55:49Z
  • irt: IRT-THREESAB-IN
  • address: shop No.4,First Floor,Anand Ram Laghu sankul Vasant Vihar,Mumbai,Maharashtra-400610
  • e-mail: yogeshmbhoir@threesabroadband.com
  • abuse-mailbox: yogeshmbhoir@threesabroadband.com
  • admin-c: MA997-AP
  • tech-c: MA997-AP
  • mnt-by: MAINT-IN-THREESAB
  • last-modified: 2016-07-15T10:04:56Z
  • role: manager admin
  • address: shop No.4,First Floor,Anand Ram Laghu sankul Vasant Vihar,Mumbai,Maharashtra-400610
  • country: IN
  • phone: +91 02265999964
  • e-mail: yogeshmbhoir@threesabroadband.com
  • admin-c: YB640-AP
  • tech-c: YB640-AP
  • nic-hdl: MA997-AP
  • mnt-by: MAINT-IN-THREESAB
  • last-modified: 2016-07-15T10:04:19Z
  • route: 103.69.112.0/24
  • descr: Threesa Broadband
  • origin: AS132996
  • mnt-by: MAINT-IN-IRINN
  • notify: yogesh@threesabroadband.com
  • last-modified: 2016-07-18T05:23:41Z

Links to attack logs

digitaloceansingapore-ssh-bruteforce-ip-list-2023-11-12

Share on: