IOC Radar
IPMediumSignal 60/100

103.117.57.134

Location
IndonesiaIndonesia
Cicurug, Banten
ASN
AS136052
BYOIP PT. Cloud Hosting Indonesia
First Seen
Jan 20, 2025
Last Seen
Jun 6, 2026
Jan 20
First Seen
517d ago
Jun 6
Last Seen
15d ago
26
Reports
source reports
60%
Confidence
medium
Found in 26 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
60%
Signal Score
60 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

59 techniques

Network Information

CountryIDIndonesia
RegionCicurug, Banten
ASNAS136052
OrganizationBYOIP PT. Cloud Hosting Indonesia

Feed Intelligence Summary

26 reports60% confidence
26
Source reports
60%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningaggressive-detectionapacheapache attackeraptasiaatif feedattackattack source ipattacker-ipaustraliaauthenticationauthentication attackauthentication attemptauthentication attemptsauthentication failureauthentication-attemptsautomated attackautomated attacksbad reputationbad web botbanlist feedbinary defenseblacklisted ip addressesblocklist_allblog spambotnetbotnet activitybotnet activity detectedbotnet communicationbrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute-forcebruteforcec&c communicationc2c2 communicationchinacisco devicecliftoncloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcompromised systemconnection-resetcowrie datacowrie honeypotcredential accesscredential harvestingcredential stuffingcredential-stuffingctadata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksddos potentialdecoy systemdenial of servicedevice managementdigital oceandistributed attacksemerging threatsenterprise networkingeuropeexploit kit activityexploitationexploitation activityexploited hostfail2ban triggeredfailed authenticationfinlandfranceftpftp brute forceftp brute-forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerhttpsididentity & access exploitationindonesiainformation technologyinitial accessinjection activityinjection attacksiot securityiot targetedit infrastructurekill-chain exploitationkill-chain reconnaissancelamplateral movementlcialinux-server-attackslogin attacklogin attemptlogin attemptslogin failurelow-riskmalaysiamalicious activitymalicious softwaremalicious trafficmalicious-activitymalwaremalware distributionnetworknetwork accessnetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork security monitoringnetwork service scanningnorth americanoticeoceaniaopenctiosintpassword attackpassword attackspassword sprayingpassword-guessingphishingphishing attackping of deathpolandport-scanningpossible botnet infectionprocess injectionprotocol exploitationprotocol-probingproxyransomwarereconnaissanceremote accessremote access attemptremote servicesresearchedresource hijackingscannerscannersscanning activitysecurity operationssecurity policyservice exploitationservice scansftp attacksftp exploitation attemptssingaporesmb brute forcesmtp abusesmtp brute forcesocial engineeringsocradar honeypotsoftware developmentspamsshssh attackssh monitoringswedent-pott1005t1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1053t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1539t1552.001t1555t1563t1565t1566t1566.001t1566.002t1566.003t1573t1573.001t1588t1589t1592t1595t1595.001t1595.002t1595.003tcp protocoltcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeudp scanunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized login attemptsunited kingdomunited statesvalid accountsweb app attackweb application attackweb brute forceweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
60
SIGNAL
Signal Score
60%
Confidence
26
Reports
First seenJan 20, 2025
Last seenJun 6, 2026
GeolocationID
CountryIndonesia
LocationCicurug, Banten
ASNAS136052
OrgBYOIP PT. Cloud Hosting Indonesia
Coords-6.8421, 106.7240

VirusTotal

Not checked

WHOIS

description
timestamp=2026-04-07 03:28:00,594 CC=ID ASN=136052 PT Cloud Hosting Indonesia latitude=-6.175 longitude=106.8286
raw
inetnum: 103.117.57.0 - 103.117.57.255 netname: IDNIC-IDCLOUDHOST-ID descr: PT Cloud Hosting Indonesia descr: Corporate / Direct Member IDNIC descr: Pinus Raya Reni Jaya AG-1 No.01 descr: Pamulang Barat, Pamulang descr: Tangerang Selatan, Banten country: ID admin-c: APS20-AP tech-c: APS20-AP status: ASSIGNED NON-PORTABLE mnt-by: MNT-APJII-ID mnt-irt: IRT-IDCLOUDHOST-ID last-modified: 2023-03-28T05:13:22Z source: APNIC irt: IRT-IDCLOUDHOST-ID address: PT Cloud Hosting Indonesia address: Jl. Bojonggenteng No. 2 address: Sukabumi, Jawa Barat e-mail: [email protected] abuse-mailbox: [email protected] admin-c: APS20-AP tech-c: APS20-AP auth: # Filtered mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2025-09-04T04:51:35Z source: APNIC person: Alfian Pamungkas Sakawiguna address: Jl. Bojonggenteng No.2 address: Sukabumi, Jawa Barat country: ID phone: +62-266-620073 e-mail: [email protected] nic-hdl: APS20-AP mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2017-01-23T07:34:14Z source: APNIC route: 103.117.57.0/24 descr: Route Object of BYOIP PT. Cloud Hosting Indonesia origin: AS136052 mnt-by: MAINT-ID-JARAKSA last-modified: 2023-03-28T05:15:03Z source: APNIC inetnum: 103.117.56.0 - 103.117.57.255 netname: IDNIC-JARAKSA-ID descr: PT Jaya Raksa Santosa descr: Corporate / Direct Member IDNIC descr: Home Industri Bandung Bersatu descr: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang descr: Saguling, Bandung Barat, Bandung - Jawa Barat 40560 admin-c: APS32-AP tech-c: APS32-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-JARAKSA mnt-irt: IRT-JARAKSA-ID mnt-routes: MAINT-ID-JARAKSA status: ALLOCATED PORTABLE last-modified: 2023-03-28T05:05:12Z source: IDNIC irt: IRT-JARAKSA-ID address: PT. JAYA RAKSA SANTOSA address: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang address: Saguling, Bandung Barat, Bandung - Jawa Barat 40560 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: APS32-AP tech-c: APS32-AP auth: # Filtered mnt-by: MAINT-ID-JARAKSA last-modified: 2023-03-28T05:05:12Z source: IDNIC person: Alfian Pamungkas Sakawiguna address: Tatar Lokacitra, Jalan Lokasurya No.10 RT/RW 001/003, Bojonghaleuang address: Saguling, Bandung Barat, Bandung - Jawa Barat 40560 country: ID phone: +6281809028894 e-mail: [email protected] nic-hdl: APS32-AP mnt-by: MAINT-ID-JARAKSA last-modified: 2023-03-28T05:05:41Z source: IDNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 15 days ago
Appeared in 26 threat reports