IOC Radar
IPMediumSignal 27/100

103.151.226.33

Location
IndonesiaIndonesia
Margahayukencana, JB
ASN
AS140429
URBANACCESS
First Seen
Feb 22, 2025
Last Seen
Apr 7, 2026
Feb 22
First Seen
474d ago
Apr 7
Last Seen
65d ago
12
Reports
source reports
27%
Confidence
medium
1/91
VirusTotal
detections
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryIDIndonesia
RegionMargahayukencana, JB
ASNAS140429
OrganizationURBANACCESS

IP Category

Proxy
Proxy server

Feed Intelligence Summary

12 reports27% confidence
12
Source reports
27%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiabad reputationbad web botbotnetbotnet activitybotnet iocsbotnet miraibotnet propagationbrute forcecommand and controlcommunication protocolconnected devicescredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attackddos attacksdenial of servicedevice managementdistributed attacksencryptionexploitationexploitation activitygorillabothttps proxyididentity & access exploitationindicatorindonesiaindustrial iotinitial accessinjection activityinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4irclinuxmalicious softwaremalwaremirai botnetmirai internetnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawprocess injectionprotocol exploitationproxyreconnaissanceresearchedscannerscanning activitysecurity policysmart devicesssh attacksslt1021t1021.001t1040t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110.002t1190t1203t1486t1496t1497t1497.001t1498.001t1499.002t1499.003t1565t1595.001t1595.002t1595.003tcp protocoltelnet threatthingsthreat actorthreat preventiontor nodetwitterxmrig

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
12
Reports
First seenFeb 22, 2025
Last seenApr 7, 2026
GeolocationID
CountryIndonesia
LocationMargahayukencana, JB
ASNAS140429
OrgURBANACCESS
Coords-6.9217, 107.6071
Proxy

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

raw
inetnum: 103.151.226.0 - 103.151.227.255 netname: URBANACCESS-ID descr: PT. MEDIA DISTRIBUSI PRIMA descr: Internet Service Provider descr: Jalan Kangkung Kidul 18 descr: Bandung, Jawa Barat 40263 country: ID admin-c: UAH1-AP tech-c: UAH1-AP abuse-c: AU107-AP status: ALLOCATED PORTABLE mnt-by: MNT-APJII-ID mnt-routes: MAINT-ID-URBANACCESS mnt-irt: IRT-URBANACCESS-ID last-modified: 2020-06-03T03:12:36Z source: APNIC irt: IRT-URBANACCESS-ID address: PT. MEDIA DISTRIBUSI PRIMA address: Urban Internet Access address: Jalan Kangkung Kidul 18 address: Bandung 40263 address: Jawa Barat - Indonesia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: UAH1-AP tech-c: UAH1-AP auth: # Filtered mnt-by: MAINT-ID-URBANACCESS last-modified: 2020-04-08T07:19:38Z source: APNIC role: ABUSE URBANACCESSID address: PT. MEDIA DISTRIBUSI PRIMA address: Urban Internet Access address: Jalan Kangkung Kidul 18 address: Bandung 40263 address: Jawa Barat - Indonesia country: ZZ phone: +000000000 e-mail: [email protected] admin-c: UAH1-AP tech-c: UAH1-AP nic-hdl: AU107-AP remarks: Generated from irt object IRT-URBANACCESS-ID abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2020-06-03T03:12:36Z source: APNIC person: Urban Access Hostmaster address: Jalan Kangkung Kidul 18 address: Bandung 40263 address: Jawa Barat - Indonesia country: ID phone: +62-22-30508008 e-mail: [email protected] nic-hdl: UAH1-AP mnt-by: MNT-APJII-ID fax-no: +62-22-30508008 last-modified: 2020-04-08T07:13:56Z source: APNIC route: 103.151.226.0/23 descr: Route Object of URBANACCESS descr: PT. MEDIA DISTRIBUSI PRIMA descr: Jalan Kangkung Kidul 18 descr: Bandung 40263 origin: AS140429 mnt-by: MAINT-ID-URBANACCESS last-modified: 2020-09-10T04:27:32Z source: APNIC inetnum: 103.151.226.0 - 103.151.227.255 netname: URBANACCESS-ID descr: PT. MEDIA DISTRIBUSI PRIMA descr: Internet Service Provider descr: Jalan Kangkung Kidul 18 descr: Bandung, Jawa Barat 40263 country: ID admin-c: UAH1-AP tech-c: UAH1-AP status: ALLOCATED PORTABLE mnt-by: MNT-APJII-ID mnt-routes: MAINT-ID-URBANACCESS mnt-irt: IRT-URBANACCESS-ID last-modified: 2020-08-13T03:34:20Z source: IDNIC irt: IRT-URBANACCESS-ID address: PT. MEDIA DISTRIBUSI PRIMA address: Urban Internet Access address: Jalan Kangkung Kidul 18 address: Bandung 40263 address: Jawa Barat - Indonesia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: UAH1-AP tech-c: UAH1-AP auth: # Filtered mnt-by: MAINT-ID-URBANACCESS last-modified: 2020-08-13T03:34:20Z source: IDNIC person: Urban Access Hostmaster address: Jalan Kangkung Kidul 18 address: Bandung 40263 address: Jawa Barat - Indonesia country: ID phone: +62-22-30508008 e-mail: [email protected] nic-hdl: UAH1-AP mnt-by: MNT-APJII-ID fax-no: +62-22-30508008 last-modified: 2020-08-13T03:34:20Z source: IDNIC
references
https://1275.ru/ioc/gs-25-19131-mirai-botnet-iocs_11023, https://1275.ru/ioc/gs-25-19129-mirai-botnet-iocs_11015, https://1275.ru/ioc/gs-25-19128-mirai-botnet-iocs_11001, https://1275.ru/ioc/gs-25-19127-mirai-botnet-iocs_10989, https://1275.ru/ioc/gs-25-19125-mirai-botnet-iocs_10956, https://1275.ru/ioc/gs-25-19126-mirai-botnet-iocs_10970, https://1275.ru/ioc/gs-25-18122-mirai-botnet-iocs_10913, https://1275.ru/ioc/gs-25-18120-mirai-botnet-iocs_10854, https://1275.ru/ioc/gs-25-18119-mirai-botnet-iocs_10829, https://1275.ru/ioc/gs-25-18118-mirai-botnet-iocs_10825, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs-2_10696, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs_10682, https://1275.ru/ioc/gs-25-17113-mirai-botnet-iocs_10658, https://1275.ru/ioc/gs-25-17112-mirai-botnet-iocs_10640, https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 12 threat reports