103.210.21.242

Summary (Bottom Line Up Front)

Malicious activity detected from 103.210.21.242 (HK, AS135377). 152 events observed across SSH, TCP, TCP/SYN. AI verdict: NOISE.

SSH TCP TCP/SYN
PROTO_ABUSE
Activity Timeline
INITIAL REPORT2026-05-26T16:48:33Z
Source: Analyst Manual Entry
Malicious activity detected from 103.210.21.242 (HK, AS135377). 152 events observed across SSH, TCP, TCP/SYN. AI verdict: NOISE.
Technical details
Protocols: SSH, TCP, TCP/SYN
Attack types: PROTO_ABUSE
Unique destination ports: 1
Active window: 2026-05-05 10:23:57.854484 to 2026-05-26 11:58:24.323662
Top patterns: ssh_exploit_banner
IOCs
IP:103.210.21.242
ASN:135377
COUNTRY:HK
Recommendations
  • Block 103.210.21.242 at perimeter firewall
  • Monitor other traffic from AS135377
  • Review correlated attacker profiles for campaign links
Threat Assessment
Threat Level LOW
AI Verdict NOISE
Confidence 95%
Total Events 152
AbuseIPDB 100/100
Indicators of Compromise
ip 103.210.21.242
asn 135377
country HK
Captured Payloads (1)
medium PROTO_ABUSE SSH:2200 
SSH-2.0-libssh