180.93.30.82 Threat Intelligence and Host Information

Share on:
Apr 18, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1021.004 - SSH, T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
  • Tags: Brute-Force, Bruteforce, Nextray, SSH, Telnet, attack, cowrie, cyber security, digital ocean, ioc, login, malicious, phishing, scanner, scanners, ssh, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: Viet Nam
  • Network: AS7602 saigon postel corporation
  • Noticed: 19 times
  • Protcols Attacked: ssh
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Spain, Turkey, Ukraine, United Kingdom, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 1 37c2fee0cc33f8e198b6823111e13d9bf5f8a40e0feb51e30cb7b09653e736a1

Open Ports Detected

443 5432

CVEs Detected

CVE-2017-12172 CVE-2017-15098 CVE-2017-15099 CVE-2017-7484 CVE-2017-7485 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2018-1053 CVE-2018-1058 CVE-2018-10915 CVE-2018-10925 CVE-2018-1115 CVE-2019-10127 CVE-2019-10128 CVE-2019-10130 CVE-2019-10208 CVE-2019-10210 CVE-2019-10211 CVE-2019-9193 CVE-2020-10733 CVE-2020-14350 CVE-2020-1720 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2021-23214 CVE-2021-23222 CVE-2021-32027 CVE-2021-32028 CVE-2021-43767 CVE-2022-32548

Map

Whois Information

  • inetnum: 180.93.0.0 - 180.93.255.255
  • netname: SPT-VN
  • descr: Saigon Postel Corporation
  • descr: 10 Co Giang, Cau Ong Lanh Ward, District 1, Ho Chi Minh City, Vietnam
  • country: VN
  • admin-c: NTKD1-AP
  • tech-c: NBAD1-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-VN-VNNIC
  • mnt-irt: IRT-VNNIC-AP
  • mnt-lower: MAINT-VN-SPT
  • mnt-routes: MAINT-VN-SPT
  • last-modified: 2022-09-20T07:13:33Z
  • irt: IRT-VNNIC-AP
  • address: Ha Noi, VietNam
  • phone: +84-24-35564944
  • fax-no: +84-24-37821462
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: NTTT1-AP
  • tech-c: NTTT1-AP
  • mnt-by: MAINT-VN-VNNIC
  • last-modified: 2017-11-08T09:40:06Z
  • person: Nguyen Ba Anh Dung
  • address: SPT-VN
  • country: VN
  • phone: +84-2854041168
  • phone: +84-834554344
  • e-mail: [email protected]
  • nic-hdl: NBAD1-AP
  • mnt-by: MAINT-VN-VNNIC
  • last-modified: 2022-09-20T06:31:10Z
  • person: Nguyen Thi Kim Dan
  • nic-hdl: NTKD1-AP
  • e-mail: [email protected]
  • address: SPT-VN
  • address: 10 Co Giang, Dist.1, Ho Chi Minh City
  • phone: +84-28-54040121
  • country: VN
  • mnt-by: MAINT-VN-SPT
  • last-modified: 2022-09-20T06:34:22Z
  • route: 180.93.0.0/16
  • descr: SPT-VN
  • origin: AS7602
  • mnt-by: MAINT-VN-SPT
  • last-modified: 2022-09-24T18:46:28Z

Links to attack logs

vultrmadrid-ssh-bruteforce-ip-list-2023-02-23 vultrmadrid-ssh-bruteforce-ip-list-2023-02-18 dofrank-ssh-bruteforce-ip-list-2023-03-12 bruteforce-ip-list-2023-03-13 bruteforce-ip-list-2023-02-15 dotoronto-ssh-bruteforce-ip-list-2023-03-21 vultrwarsaw-ssh-bruteforce-ip-list-2023-02-21 vultrparis-ssh-bruteforce-ip-list-2023-03-14 dolondon-ssh-bruteforce-ip-list-2023-03-11 dolondon-ssh-bruteforce-ip-list-2023-02-15