IOC Radar
IPMediumSignal 29/100

103.172.196.131

Location
IndonesiaIndonesia
Banyuwangi, East Java
ASN
AS142394
Csnet
First Seen
Jan 12, 2025
Last Seen
Apr 7, 2026
Jan 12
First Seen
520d ago
Apr 7
Last Seen
69d ago
12
Reports
source reports
29%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryIDIndonesia
RegionBanyuwangi, East Java
ASNAS142394
OrganizationCsnet

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

12 reports29% confidence
12
Source reports
29%
Confidence score
Category tags
access controlactive scanactive scanningasiabank securitybotnetbotnet activitycommand and controlcommunication protocoldata encryptiondata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedistributed attacksencryptionenumerationexploitation activityfinancefinancial institutionfinancial servicesidindonesiainformation gatheringinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklateral movementmalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork enumerationnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisopen port discoveryprocess injectionproxyreconnaissanceresearchedscanscannerscanning activitysecurity policyt1016t1018t1021.002t1040t1046t1055t1071.001t1077t1078t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1589t1595t1595.001t1595.002t1595.003tcp protocolthreat intelligencethreat preventionvpnvulnerability scan

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
12
Reports
First seenJan 12, 2025
Last seenApr 7, 2026
GeolocationID
CountryIndonesia
LocationBanyuwangi, East Java
ASNAS142394
OrgCsnet
Coords0.0000, 0.0000
ProxyVPN

VirusTotal

Not checked

WHOIS

description
proxy-proxy_http search result.
raw
inetnum: 103.172.196.0 - 103.172.197.255 netname: CSNET-ID descr: PT Cahaya Solusindo Internusa descr: Internet Service Provider descr: Jl Letjen S Parman No.58 RT.001/002 descr: Pakis, Banyuwangi, Jawa Timur 68419 admin-c: MAP12-AP tech-c: MAP12-AP remarks: Send Spam & Abuse Report to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-CSNET mnt-irt: IRT-CSNET-ID mnt-routes: MAINT-ID-CSNET status: ALLOCATED PORTABLE last-modified: 2022-08-24T07:19:11Z source: APNIC irt: IRT-CSNET-ID address: PT Cahaya Solusindo Internusa address: Jl Letjen S Parman No.58 RT.001/002 address: Pakis, Banyuwangi, Jawa Timur 68419 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: MAP12-AP tech-c: MAP12-AP auth: # Filtered mnt-by: MAINT-ID-CSNET last-modified: 2021-09-03T07:32:15Z source: APNIC person: M Adi Prasetyo address: Jl Letjen S Parman No.58 RT.001/002 address: Pakis, Banyuwangi, Jawa Timur 68419 country: ID phone: +62-81282-417610 e-mail: [email protected] nic-hdl: MAP12-AP mnt-by: MAINT-ID-CSNET last-modified: 2021-09-03T07:32:29Z source: APNIC inetnum: 103.172.196.0 - 103.172.197.255 netname: CSNET-ID descr: PT Cahaya Solusindo Internusa descr: Internet Service Provider descr: Jl Letjen S Parman No.58 RT.001/002 descr: Pakis, Banyuwangi, Jawa Timur 68419 admin-c: MAP12-AP tech-c: MAP12-AP remarks: Send Spam & Abuse Report to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-CSNET mnt-irt: IRT-CSNET-ID mnt-routes: MAINT-ID-CSNET status: ALLOCATED PORTABLE last-modified: 2022-08-24T07:21:14Z source: IDNIC irt: IRT-CSNET-ID address: PT Cahaya Solusindo Internusa address: Jl Letjen S Parman No.58 RT.001/002 address: Pakis, Banyuwangi, Jawa Timur 68419 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: MAP12-AP tech-c: MAP12-AP auth: # Filtered mnt-by: MAINT-ID-CSNET last-modified: 2021-10-27T02:36:05Z source: IDNIC person: M Adi Prasetyo address: Jl Letjen S Parman No.58 RT.001/002 address: Pakis, Banyuwangi, Jawa Timur 68419 country: ID phone: +62-81282-417610 e-mail: [email protected] nic-hdl: MAP12-AP mnt-by: MAINT-ID-CSNET last-modified: 2021-10-27T02:36:19Z source: IDNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 12 threat reports