103.98.104.157 Threat Intelligence and Host Information

Jun 14, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.98.104.157 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 31/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force

  • Tags: brute force, cowrie, ssh

  • JARM: 15d3fd16d29d29d00042d43d000000fe02290512647416dcf0a400ccbc0b6b

  • View other sources: Spamhaus VirusTotal

  • Country: Indonesia
  • Network: AS136821 pt trimedia setiya data
  • Noticed: 3 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia
  • Passive DNS Results: blog-test.netray.id dev-billing.netray.id cs.netray.id meet.atmatech.id hr.atmatech.net hr.netray.id

Open Ports Detected

3128 443 5222 5269 80 8000 8001 8069 8080 8081 8443 8888 9100

CVEs Detected

CVE-2006-20001 CVE-2007-3205 CVE-2007-4723 CVE-2009-0796 CVE-2009-2299 CVE-2011-1176 CVE-2011-2688 CVE-2012-3526 CVE-2012-4001 CVE-2012-4360 CVE-2013-0941 CVE-2013-0942 CVE-2013-2220 CVE-2013-2765 CVE-2013-4365 CVE-2017-8923 CVE-2017-9118 CVE-2017-9120 CVE-2018-1172 CVE-2018-19131 CVE-2018-19132 CVE-2019-10241 CVE-2019-10247 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12522 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12528 CVE-2019-12529 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-11022 CVE-2020-11023 CVE-2020-11945 CVE-2020-14058 CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 CVE-2020-25097 CVE-2020-27216 CVE-2020-27218 CVE-2020-27223 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 CVE-2021-21702 CVE-2021-21703 CVE-2021-21704 CVE-2021-21705 CVE-2021-21706 CVE-2021-21707 CVE-2021-21708 CVE-2021-28116 CVE-2021-28165 CVE-2021-28169 CVE-2021-28651 CVE-2021-28652 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 CVE-2021-34428 CVE-2021-46784 CVE-2022-2047 CVE-2022-2048 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31625 CVE-2022-31626 CVE-2022-31628 CVE-2022-31629 CVE-2022-31630 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2022-37454 CVE-2022-41318 CVE-2023-25690 CVE-2023-26048 CVE-2023-26049 CVE-2023-27522 CVE-2023-31122 CVE-2023-36478 CVE-2023-36479 CVE-2023-40167 CVE-2023-44487 CVE-2023-45802 CVE-2023-46724 CVE-2023-46728 CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-49288 CVE-2023-50269 CVE-2023-5824 CVE-2024-4577 CVE-2024-5458

Map

Whois Information

  • inetnum: 103.98.104.0 - 103.98.105.255
  • netname: IDNIC-3MEDIA-ID
  • descr: PT TRIMEDIA SETIYA DATA
  • descr: Corporate / Direct Member IDNIC
  • descr: Grand Serpong Residence
  • descr: Kota Tangerang Selatan
  • descr: Banten 15414
  • admin-c: MSP10-AP
  • tech-c: MSP10-AP
  • country: ID
  • mnt-by: MNT-APJII-ID
  • mnt-routes: MAINT-ID-3MEDIA
  • mnt-irt: IRT-3MEDIA-ID
  • status: ASSIGNED PORTABLE
  • last-modified: 2019-04-12T07:40:04Z
  • irt: IRT-3MEDIA-ID
  • address: TRIMEDIA SETIYA DATA
  • address: Grand Serpong Residence
  • address: Kota Tangerang Selatan
  • address: Banten 15414
  • e-mail: hostmaster@setiyadata.com
  • abuse-mailbox: abuse@setiyadata.com
  • admin-c: MSP10-AP
  • tech-c: MSP10-AP
  • mnt-by: MAINT-ID-3MEDIA
  • last-modified: 2018-05-31T22:31:45Z
  • person: Moho Setiya Putra
  • address: Grand Serpong Residence
  • address: Kota Tangerang Selatan, Banten
  • country: ID
  • phone: +62-21-29051204
  • e-mail: hostmaster@setiyadata.com
  • nic-hdl: MSP10-AP
  • mnt-by: MNT-APJII-ID
  • fax-no: +62-21-29051204
  • last-modified: 2017-08-03T08:20:24Z
  • route: 103.98.104.0/23
  • descr: Route object of PT. TRIMEDIA SETIYA DATA
  • descr: Corporate / Direct Member IDNIC
  • descr: Kota Tangerang Selatan
  • origin: AS136821
  • mnt-by: MAINT-ID-3MEDIA
  • last-modified: 2019-04-12T07:41:51Z
  • inetnum: 103.98.104.0 - 103.98.105.255
  • netname: IDNIC-3MEDIA-ID
  • descr: PT TRIMEDIA SETIYA DATA
  • descr: Corporate / Direct Member IDNIC
  • descr: Grand Serpong Residence
  • descr: Kota Tangerang Selatan
  • descr: Banten 15414
  • admin-c: MSP10-AP
  • tech-c: MSP10-AP
  • country: ID
  • mnt-by: MNT-APJII-ID
  • mnt-routes: MNT-APJII-ID
  • mnt-irt: IRT-IDNIC-ID
  • status: ASSIGNED PORTABLE
  • last-modified: 2017-08-03T09:43:57Z
  • irt: IRT-IDNIC-ID
  • address: Kuningan Barat Gedung Cyber
  • address: Cyber Building
  • address: Jl. Kuningan Barat No.8
  • address: Jakarta Selatan 12710
  • e-mail: abuse@idnic.net
  • abuse-mailbox: abuse@idnic.net
  • admin-c: GH4-AP
  • tech-c: GH4-AP
  • mnt-by: MNT-APJII-ID
  • last-modified: 2023-08-28T06:56:03Z
  • person: Moho Setiya Putra
  • address: Grand Serpong Residence
  • address: Kota Tangerang Selatan, Banten
  • country: ID
  • phone: +62-21-29051204
  • e-mail: hostmaster@setiyadata.com
  • nic-hdl: MSP10-AP
  • mnt-by: MNT-APJII-ID
  • fax-no: +62-21-29051204
  • last-modified: 2017-08-03T08:20:24Z

Links to attack logs

digitaloceansingapore-ssh-bruteforce-ip-list-2024-06-09

Share on: