IPMediumSignal 40/100
103.227.187.11
Location
IndonesiaPenganjuran Krajan, East Java
ASN
AS142370
PT Ard Management Group
First Seen
Feb 14, 2025
Last Seen
Jun 3, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryIndonesia
IndonesiaRegionPenganjuran Krajan, East Java
ASNAS142370
OrganizationPT Ard Management Group
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
12 reports40% confidence
12
Source reports
40%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiabad reputationbad web botbotnetbotnet activitybotnet iocsbotnet miraibotnet propagationbrute forcebrute force attackerbrute-forcecommand and controlcommunication protocolconnected devicescredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attackddos attacksdenial of servicedevice managementdistributed attacksexploitationexploitation activityexploited hostgorillabothackingididentity & access exploitationindicatorindonesiaindustrial iotinitial accessinjection activityinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4irclinuxmalicious softwaremalwaremirai botnetmirai internetnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawprocess injectionprotocol exploitationproxyreconnaissanceresearchedscannerscanning activitysecurity policysmart devicessshssh attackt1021t1021.001t1040t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110.002t1190t1203t1486t1496t1497t1497.001t1498.001t1499.002t1499.003t1565t1595.001t1595.002t1595.003tcp protocoltelnet threatthingsthreat actorthreat preventiontor nodetwitterweb app attackxmrig
Activity Timeline
Jun 3Jun 3
Threat Activity Heatmap
· Peak: 2026-06-03LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
40
SIGNAL
Signal Score
40%
Confidence
12
Reports
First seenFeb 14, 2025
Last seenJun 3, 2026
GeolocationID
CountryIndonesia
LocationPenganjuran Krajan, East Java
ASNAS142370
OrgPT Ard Management Group
Coords0.0000, 0.0000
Proxy
VirusTotal
Not checked
WHOIS
- description
- proxy-proxy_http search result.
- raw
- inetnum: 103.227.186.0 - 103.227.187.255 netname: IDNIC-ARDMGMT-ID descr: PT Ard Management Group descr: Corporate / Direct Member IDNIC descr: H Sahri Dusun Krajan, Kel. Kradenan, Kec. Purwoharjo descr: Kab. Banyuwangi, Jawa Timur admin-c: MAH16-AP tech-c: MAH16-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-ARDMGMT-ID mnt-routes: MAINT-ID-ARDMGMT status: ASSIGNED PORTABLE last-modified: 2023-06-22T10:09:28Z source: APNIC irt: IRT-ARDMGMT-ID address: H Sahri Dusun Krajan, Kel. Kradenan, Kec. Purwoharjo address: Kab. Banyuwangi, Jawa Timur e-mail: [email protected] abuse-mailbox: [email protected] admin-c: MAH16-AP tech-c: MAH16-AP mnt-by: MAINT-ID-ARDMGMT auth: # Filtered last-modified: 2023-06-22T09:43:42Z source: APNIC person: Mohammad Abdul Hafid address: H Sahri Dusun Krajan, Kel. Kradenan, Kec. Purwoharjo address: Kab. Banyuwangi, Jawa Timur country: ID e-mail: [email protected] phone: +6283847397019 nic-hdl: MAH16-AP mnt-by: MAINT-ID-ARDMGMT last-modified: 2023-06-22T09:38:47Z source: APNIC route: 103.227.187.0/24 descr: Route object for 103.227.187.0/24 origin: AS142370 mnt-by: MAINT-ID-MSN country: ID last-modified: 2023-07-14T06:40:07Z source: APNIC inetnum: 103.227.186.0 - 103.227.187.255 netname: IDNIC-ARDMGMT-ID descr: PT Ard Management Group descr: Corporate / Direct Member IDNIC descr: H Sahri Dusun Krajan, Kel. Kradenan, Kec. Purwoharjo descr: Kab. Banyuwangi, Jawa Timur admin-c: MAH16-AP tech-c: MAH16-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-ARDMGMT-ID mnt-routes: MAINT-ID-ARDMGMT status: ASSIGNED PORTABLE last-modified: 2023-07-13T08:43:50Z source: IDNIC irt: IRT-ARDMGMT-ID address: H Sahri Dusun Krajan, Kel. Kradenan, Kec. Purwoharjo address: Kab. Banyuwangi, Jawa Timur e-mail: [email protected] abuse-mailbox: [email protected] admin-c: MAH16-AP tech-c: MAH16-AP mnt-by: MAINT-ID-ARDMGMT auth: # Filtered last-modified: 2023-07-13T08:43:50Z source: IDNIC person: Mohammad Abdul Hafid address: H Sahri Dusun Krajan, Kel. Kradenan, Kec. Purwoharjo address: Kab. Banyuwangi, Jawa Timur country: ID e-mail: [email protected] phone: +6283847397019 nic-hdl: MAH16-AP mnt-by: MAINT-ID-ARDMGMT last-modified: 2023-07-13T08:44:18Z source: IDNIC route: 103.227.187.0/24 descr: Route object for 103.227.187.0/24 origin: AS142370 mnt-by: MAINT-ID-MSN last-modified: 2023-07-14T04:02:57Z source: IDNIC
- references
- https://1275.ru/ioc/gs-25-19131-mirai-botnet-iocs_11023, https://1275.ru/ioc/gs-25-19129-mirai-botnet-iocs_11015, https://1275.ru/ioc/gs-25-19128-mirai-botnet-iocs_11001, https://1275.ru/ioc/gs-25-19127-mirai-botnet-iocs_10989, https://1275.ru/ioc/gs-25-19125-mirai-botnet-iocs_10956, https://1275.ru/ioc/gs-25-19126-mirai-botnet-iocs_10970, https://1275.ru/ioc/gs-25-18122-mirai-botnet-iocs_10913, https://1275.ru/ioc/gs-25-18120-mirai-botnet-iocs_10854, https://1275.ru/ioc/gs-25-18119-mirai-botnet-iocs_10829, https://1275.ru/ioc/gs-25-18118-mirai-botnet-iocs_10825, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs-2_10696, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs_10682, https://1275.ru/ioc/gs-25-17113-mirai-botnet-iocs_10658, https://1275.ru/ioc/gs-25-17112-mirai-botnet-iocs_10640, https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 9 days ago
Appeared in 12 threat reports