103.82.93.126 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 103.82.93.126 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

• Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

• Tags: atif feed, banlist feed, binary defense, Brute-Forc, brute force, Bruteforce, Brute-Force, cisco, cowrie, email, honeytrap, info, LAMP, mailoney, malicious, notice, sftp, ssh, SSH

• JARM: 27d40d40d00040d00042d43d0000007d20e9b9a3e87aa1ec17cb4d646ce9a5

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 10 times
• Protocols Attacked: ssh
• Countries Attacked: Australia
• Passive DNS Results: thelookrestaurant.com a016c5cc81acee061af04b69ffc8991a.duckdns.org www.a016c5cc81acee061af04b69ffc8991a.duckdns.org eb845e5b129f234376644f5a22e1f97d.duckdns.org www.eb845e5b129f234376644f5a22e1f97d.duckdns.org www.f398827eb350ce994845093b36f7e330.duckdns.org f398827eb350ce994845093b36f7e330.duckdns.org www.c61625934c4c92c52d22caa756ea2868.duckdns.org c61625934c4c92c52d22caa756ea2868.duckdns.org www.e5f8506389345d89e762cb9cc25fa4ca.duckdns.org e5f8506389345d89e762cb9cc25fa4ca.duckdns.org bc8c3a1d385b423d20bee0fa899b75f4.duckdns.org www.bc8c3a1d385b423d20bee0fa899b75f4.duckdns.org f1e9222943cfb84e21af0ea9c74abba6.duckdns.org www.f1e9222943cfb84e21af0ea9c74abba6.duckdns.org www.ddfd2392e7d0f3f0b79ec43162c4feed.duckdns.org ddfd2392e7d0f3f0b79ec43162c4feed.duckdns.org www.c2abbea0d6ceb60b717fc80522d97018.duckdns.org c2abbea0d6ceb60b717fc80522d97018.duckdns.org www.bebe6dac75f910227c384d0b10b9dfba.duckdns.org bebe6dac75f910227c384d0b10b9dfba.duckdns.org ab34869758498580b55e61feb1b413ae.duckdns.org www.ab34869758498580b55e61feb1b413ae.duckdns.org kokisoyokoktegelyo.xyz www.kokisoyokoktegelyo.xyz

Open Ports Detected

22 80

Whois Information

• inetnum: 103.82.92.0 - 103.82.93.255
• netname: IDNIC-SITUSKREATIF-ID
• descr: PT Situs Kreatif Indonesia
• descr: Corporate / Direct Member IDNIC
• descr: Digital Marketing And Data Analisa
• descr: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang
• descr: Saguling, Bandung Barat, Bandung - Jawa Barat 40561
• admin-c: APS30-AP
• tech-c: APS30-AP
• country: ID
• mnt-by: MNT-APJII-ID
• mnt-lower: MAINT-ID-SITUSKREATIF
• mnt-irt: IRT-SITUSKREATIF-ID
• mnt-routes: MAINT-ID-SITUSKREATIF
• status: ALLOCATED PORTABLE
• last-modified: 2023-02-05T16:51:07Z
• irt: IRT-SITUSKREATIF-ID
• address: PT. Situs Kreatif Indonesia
• address: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang
• address: Saguling, Bandung Barat, Bandung - Jawa Barat 40561
• e-mail: management@situskreatif.my.id
• abuse-mailbox: abuse@situskreatif.my.id
• admin-c: APS30-AP
• tech-c: APS30-AP
• mnt-by: MAINT-ID-SITUSKREATIF
• last-modified: 2023-02-05T16:07:00Z
• person: Alfian Pamungkas Sakawiguna
• address: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang
• address: Saguling, Bandung Barat, Bandung - Jawa Barat 40561
• country: ID
• e-mail: management@situskreatif.my.id
• phone: +6208112260345
• nic-hdl: APS30-AP
• mnt-by: MAINT-ID-SITUSKREATIF
• last-modified: 2023-02-05T16:01:17Z
• inetnum: 103.82.92.0 - 103.82.93.255
• netname: IDNIC-SITUSKREATIF-ID
• descr: PT Situs Kreatif Indonesia
• descr: Corporate / Direct Member IDNIC
• descr: Digital Marketing And Data Analisa
• descr: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang
• descr: Saguling, Bandung Barat, Bandung - Jawa Barat 40561
• admin-c: APS30-AP
• tech-c: APS30-AP
• country: ID
• mnt-by: MNT-APJII-ID
• mnt-lower: MAINT-ID-SITUSKREATIF
• mnt-irt: IRT-SITUSKREATIF-ID
• mnt-routes: MAINT-ID-SITUSKREATIF
• status: ALLOCATED PORTABLE
• last-modified: 2023-02-06T02:05:16Z
• irt: IRT-SITUSKREATIF-ID
• address: PT. Situs Kreatif Indonesia
• address: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang
• address: Saguling, Bandung Barat, Bandung - Jawa Barat 40561
• e-mail: management@situskreatif.my.id
• abuse-mailbox: abuse@situskreatif.my.id
• admin-c: APS30-AP
• tech-c: APS30-AP
• mnt-by: MAINT-ID-SITUSKREATIF
• last-modified: 2023-02-06T02:05:16Z
• person: Alfian Pamungkas Sakawiguna
• address: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang
• address: Saguling, Bandung Barat, Bandung - Jawa Barat 40561
• country: ID
• e-mail: management@situskreatif.my.id
• phone: +6208112260345
• nic-hdl: APS30-AP
• mnt-by: MAINT-ID-SITUSKREATIF
• last-modified: 2023-02-06T02:05:23Z
• route: 103.82.92.0/23
• descr: PT. SITUS KREATIF INDONESIA
• origin: AS136052
• mnt-by: MAINT-ID-SITUSKREATIF
• country: ID
• last-modified: 2023-02-10T08:44:23Z

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-02-16 digitaloceansingapore-ssh-bruteforce-ip-list-2025-02-20 digitaloceansingapore-ssh-bruteforce-ip-list-2025-02-11 digitaloceansingapore-ssh-bruteforce-ip-list-2025-03-11 digitaloceansingapore-ssh-bruteforce-ip-list-2025-02-03 digitaloceantoronto-ssh-bruteforce-ip-list-2025-01-18