IOC Radar
IPMediumSignal 78/100

103.142.62.35

Location
IndonesiaIndonesia
Kraton Lor, Central Java
ASN
AS139372
Institut Agama Islam Negeri Pekalongan
First Seen
Apr 27, 2025
Last Seen
May 31, 2026
Apr 27
First Seen
414d ago
May 31
Last Seen
15d ago
27
Reports
source reports
78%
Confidence
medium
Found in 27 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

53 techniques

Network Information

CountryIDIndonesia
RegionKraton Lor, Central Java
ASNAS139372
OrganizationInstitut Agama Islam Negeri Pekalongan

IP Category

Proxy
Proxy server

Feed Intelligence Summary

27 reports78% confidence
27
Source reports
78%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapacheapache attackeraptasiaattackattacker ipattacker-ipaustraliabad reputationbad web botblacklisted ipblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcebrute_forcec2ciscocisco devicecisco exploitation attemptscode executioncode injectioncommand & controlcommand and controlcommand executioncommunication protocolcompromised hostconnected devicesconpotconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredential_stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdhcpdionaeadionaea honeypotdistributed attackselasticpot honeypotelasticsearchelasticsearch monitoringemailencryptionenterprise networkingexploitexploitation activityexploitation attemptsexploited hostfattftpftp brute forceftp_attackhackinghoneytrap honeypothttp attackhttp brute forcehttp scannerhttp scanninghttpsics securityididentity & access exploitationimapindiaindicatorindonesiaindustrial control systemsindustrial iotinfected systeminformation gatheringinfrastructure acquisitionreconnaissanceinjection activityinjection attacksinternet of thingsintrusion detectioniociot analyticsiot applicationsiot platformsiot securityiot targetediot/ics attackipphoney honeypotlamplamp stack attacklateral movementldapmailoney honeypotmalaysiamalicious activitymalicious domainmalicious linksmalicious network activitymalicious softwaremalicious trafficmalicious_trafficmalwaremalware behaviourmalware capturemalware distributionmalware filtermssqlnetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork monitoringnetwork protocolnetwork scanningnetwork securityntpoceaniaopenctioracleoracle databasep0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathpossible mirai variantpostgresprocess injectionprotocol exploitationproxyransomwarerdp_attackreconnaissancereconnaissance_activityredisremote accessremote servicesresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationservice attackservice scansftpsftp activitysftp attacksftp attemptsipsip scanningsmart devicessmbsmb_attacksmtpsmtp brute forcesnmpsocial engineeringsocks5socks5 proxysocradar honeypotspamsql injectionsql_attacksshssh attackssh monitoringssh_attackt-pott1005t1016t1021t1021.001t1021.002t1040t1041t1046t1055t1059t1059.003t1059.004t1059.005t1059.007t1068t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1189t1190t1203t1204.001t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1505.004t1563t1565t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1587.001t1589t1590.001t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnettelnet threattelnet_attackthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp port scanvalid accountsvncvnc protocolvoidtrapvoipvoip attackweb app attackweb application attackweb attackweb exploitationweb securityweb spamweb trafficweb_application_attack

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
27
Reports
First seenApr 27, 2025
Last seenMay 31, 2026
GeolocationID
CountryIndonesia
LocationKraton Lor, Central Java
ASNAS139372
OrgInstitut Agama Islam Negeri Pekalongan
Coords-6.1728, 106.8272
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 103.142.62.0 - 103.142.62.255 netname: IDNIC-IAINPEKALONGAN-ID descr: Institut Agama Islam Negeri Pekalongan descr: Education / Direct member IDNIC descr: Jl Kusuma Bangsa No 9 descr: Panjang Pekalongan Utara Kota Pekalongan descr: Kabupaten Pekalongan admin-c: AR675-AP tech-c: AR675-AP country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-IAINPEKALONGAN-ID mnt-routes: MAINT-ID-IAINPEKALONGAN status: ASSIGNED PORTABLE last-modified: 2019-08-19T10:54:55Z source: APNIC irt: IRT-IAINPEKALONGAN-ID address: IAIN Pekalongan address: Jl Kusuma Bangsa No 9 Panjang Pekalongan Utara Kota Pekalongan address: Kabupaten Pekalongan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AR675-AP tech-c: AR675-AP auth: # Filtered mnt-by: MAINT-ID-IAINPEKALONGAN last-modified: 2026-03-09T15:38:36Z source: APNIC person: Akhmad Riyadi address: Jl Kusuma Bangsa No 9 address: Panjang Pekalongan Utara Kota Pekalongan address: Jawa Tengah,51141 Indonesia country: ID phone: +62-285-412575 e-mail: [email protected] nic-hdl: AR675-AP mnt-by: MNT-APJII-ID fax-no: +62-285-423418 last-modified: 2019-08-05T09:52:11Z source: APNIC route: 103.142.62.0/24 descr: Institut Agama Islam Negeri Pekalongan descr: Education / Direct member IDNIC descr: Jl Kusuma Bangsa No 9 Panjang Pekalongan Utara Kota Pekalongan origin: AS139372 mnt-by: MAINT-ID-IAINPEKALONGAN last-modified: 2019-08-28T06:54:39Z source: APNIC
references
https://purplesynapz.com/, https://github.com/telekom-security/tpotce, https://voidvendor.com/intel, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 15 days ago
Appeared in 27 threat reports