IPMediumSignal 39/100
103.146.203.212
Location
IndonesiaCicurug, West Java
ASN
AS136052
PT Cloud Hosting Indonesia
First Seen
Jul 8, 2025
Last Seen
Jun 6, 2026
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
39%
Signal Score
39 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryIndonesia
IndonesiaRegionCicurug, West Java
ASNAS136052
OrganizationPT Cloud Hosting Indonesia
Feed Intelligence Summary
23 reports39% confidence
23
Source reports
39%
Confidence score
Category tags
abuseaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningapacheapache attackeraptasiaattackattacker-ipaustraliaauthenticationauthentication abuseauthentication attackautomated attackautomated brute forcebad reputationbad web botblocklistblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcebruteforcec2 communicationciscocisco devicecivil servicescommand & controlcommand and controlcommunication protocolcompromise attemptcompromised credentialscompromised hostcompromised systemscowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attackddos attacksdecoy systemdenial of servicedevice managementdictionary attackdistributed attacksemerging threatsenterprise networkingeuropeexfiltrationexploitexploitationexploitation activityexploitation attemptexploited hostexternal attackexternal ipexternal remote servicesexternal threatfinlandfranceftpftp brute forceftp brute-forcegermanygovernment technologyhackinghoneynet connecthoneytrap honeypothttp brute forceididentity & access exploitationindicatorindonesiainformation technologyinitial accessinjection activityiocit infrastructurelamplamp server targetinglateral movementlogin attacklogin attemptlogin brute forcemalicious activitymalicious loginmalicious script executionmalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware distributionnetworknetwork accessnetwork attacksnetwork boundarynetwork enumerationnetwork infrastructurenetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork trafficnetwork traffic analysisnorth americaoceaniaopenctipassword attackpassword attackspassword crackingpassword sprayingphishingping of deathpolandprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedscannerscanning activitysecurity operationssecurity policyself-signedservice scansftpsftp access attemptsftp attacksmb brute forcesmtp brute forcesocial engineeringsoftware developmentspamsshssh attackssh monitoringswedent1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1078.002t1078.003t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1550t1550.002t1555t1555.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1567t1573t1573.001t1583t1583.001t1588t1588.002t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tcptcp protocoltcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp scanunauthorized accessunauthorized access attemptunauthorized loginunauthorized login attemptunited statesvalid accountsvncvoidtrapvulnerability scanvulnerability-exploitationweb app attackweb application attackweb exploitationweb spam
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
39
SIGNAL
Signal Score
39%
Confidence
23
Reports
First seenJul 8, 2025
Last seenJun 6, 2026
GeolocationID
CountryIndonesia
LocationCicurug, West Java
ASNAS136052
OrgPT Cloud Hosting Indonesia
Coords-6.1728, 106.8272
VirusTotal
Not checked
WHOIS
- description
- Score: 100/100 | Detector: threat_feed | Label: reported_abuse | Tags: reported_abuse, abuseipdb
- raw
- inetnum: 103.146.203.0 - 103.146.203.255 netname: IDNIC-IDCLOUDHOST-ID descr: PT Cloud Hosting Indonesia descr: Corporate / Direct Member IDNIC descr: Pinus Raya Reni Jaya AG-1 No.01 descr: Pamulang Barat, Pamulang descr: Tangerang Selatan, Banten admin-c: APS20-AP tech-c: APS20-AP country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-IDCLOUDHOST-ID mnt-routes: MAINT-ID-IDCLOUDHOST status: ASSIGNED NON-PORTABLE last-modified: 2021-08-24T03:04:37Z source: APNIC irt: IRT-IDCLOUDHOST-ID address: PT Cloud Hosting Indonesia address: Jl. Bojonggenteng No. 2 address: Sukabumi, Jawa Barat e-mail: [email protected] abuse-mailbox: [email protected] admin-c: APS20-AP tech-c: APS20-AP auth: # Filtered mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2026-03-09T15:38:37Z source: APNIC person: Alfian Pamungkas Sakawiguna address: Jl. Bojonggenteng No.2 address: Sukabumi, Jawa Barat country: ID phone: +62-266-620073 e-mail: [email protected] nic-hdl: APS20-AP mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2017-01-23T07:34:14Z source: APNIC inetnum: 103.146.203.0 - 103.146.203.255 netname: IDNIC-IDCLOUDHOST-ID descr: PT Cloud Hosting Indonesia descr: Corporate / Direct Member IDNIC descr: Pinus Raya Reni Jaya AG-1 No.01 descr: Pamulang Barat, Pamulang descr: Tangerang Selatan, Banten admin-c: APS20-AP tech-c: APS20-AP country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-IDCLOUDHOST-ID mnt-routes: MAINT-ID-IDCLOUDHOST status: ASSIGNED NON-PORTABLE last-modified: 2021-08-24T03:13:38Z source: IDNIC irt: IRT-IDCLOUDHOST-ID address: PT Cloud Hosting Indonesia address: Jl. Bojonggenteng No. 2 address: Sukabumi, Jawa Barat e-mail: [email protected] abuse-mailbox: [email protected] admin-c: APS20-AP tech-c: APS20-AP auth: # Filtered mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2017-01-23T07:33:21Z source: IDNIC person: Alfian Pamungkas Sakawiguna address: Jl. Bojonggenteng No.2 address: Sukabumi, Jawa Barat country: ID phone: +62-266-620073 e-mail: [email protected] nic-hdl: APS20-AP mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2017-01-23T07:34:14Z source: IDNIC
- references
- https://voidvendor.com/intel, https://github.com/telekom-security/tpotce, https://redpiranha.net, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-19/, https://jamesbrine.com.au, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-18/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-16/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-15/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-13/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-12/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-11/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-10/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-09/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-08/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-07/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-06/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-05/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-04/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-03/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-02/, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-01/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-30/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-29/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-28/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-27/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-25/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-24/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-23/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-22/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-21/, https://jamesbrine.com.au/bruteforce-ip-list-2025-07-20/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 11 months ago · Last seen 8 days ago
Appeared in 23 threat reports