103.97.1.234 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 103.97.1.234 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• JARM: 20d19d20d21d20d20c42d43d0000008c26d6c456227bcc1252650b5be7aca6

• View other sources: Spamhaus VirusTotal

• Country: Hong Kong
• Network: AS133115 hk kwaifong group limited
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: gd9555.com gdcwqdq5.com g62.com mtc82.vip hsx60.com 2345k.com cp079.com cp984.com 2378kj.com mtc98.vip mtc46.vip mtc45.vip www.732828.com 762828.com agc576.com cp231.com 732828.com mtc24.vip bf908.com gd8288.com gd738.com www.gd628.com hx107.com cscdawww.com hch48.com qh223.com ss0107.com ss0105.com ss0122.com ss0104.com ss0134.com ss0202.com ss0121.com ss0109.com ss0127.com ss0131.com ss0130.com ss0117.com pg1113.com pg1119.com pg336.com pg396.com pg1118.com pg780.com pg125.com pg022.com mtc34.vip gm5522.com dt347.com yw930.com gd9933.com ss0126.com bf1555.com pg270.com 1983.app hx44.app gm7666.com ac3.app pg260.com yx022.com ws533.com tc191.com tin03.com tin02.com tin01.com ac-2.a1-anti-ddos.com

Open Ports Detected

22 2233 3000 3050 3443 443 5222 5555 6443 6668 7443 7777 789 80 8055 808 81 82 8424 8443 88 8877 8888 9002 9443 9600 9943 999

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-20372 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-23017 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

• inetnum: 103.97.0.0 - 103.97.3.255
• netname: HKKFGL-HK
• descr: HK Kwaifong Group Limited
• country: HK
• org: ORG-HKIS1-AP
• admin-c: HKGL1-AP
• tech-c: HKGL1-AP
• status: ALLOCATED PORTABLE
• abuse-c: AH819-AP
• mnt-by: APNIC-HM
• mnt-lower: MAINT-HKKF-HK
• mnt-routes: MAINT-HKKF-HK
• mnt-irt: IRT-HKKF-HK
• last-modified: 2022-12-01T05:57:17Z
• irt: IRT-HKKF-HK
• address: Kwai Chung, NT., Hong Kong
• e-mail: kwaifong33@gmail.com
• abuse-mailbox: kwaifong33@gmail.com
• admin-c: HKGL1-AP
• tech-c: HKGL1-AP
• mnt-by: MAINT-HKKF-HK
• last-modified: 2023-08-09T02:14:33Z
• organisation: ORG-HKIS1-AP
• org-name: HK Kwaifong Group Limited
• org-type: LIR
• country: HK
• address: Room 801 Join-In Hang Sing Centre
• address: 2-16 kai Fung Crescent
• address: Kwai Chung, NT
• phone: +85231885386
• e-mail: kwaifong33@gmail.com
• mnt-ref: APNIC-HM
• mnt-by: APNIC-HM
• last-modified: 2023-09-05T02:16:15Z
• role: ABUSE HKKFHK
• address: Kwai Chung, NT., Hong Kong
• country: ZZ
• phone: +000000000
• e-mail: kwaifong33@gmail.com
• admin-c: HKGL1-AP
• tech-c: HKGL1-AP
• nic-hdl: AH819-AP
• abuse-mailbox: kwaifong33@gmail.com
• mnt-by: APNIC-ABUSE
• last-modified: 2023-08-09T02:15:19Z
• role: HK Kwaifong Group Limited - network administrator
• address: Kai Chung,Kow Loon, HONGKONG
• country: HK
• phone: +85231885386
• e-mail: kwaifong33@gmail.com
• admin-c: HKIS1-AP
• tech-c: HKIS1-AP
• nic-hdl: HKGL1-AP
• mnt-by: MAINT-HKKF-HK
• fax-no: +85231885389
• last-modified: 2020-11-13T08:09:21Z