IPMediumSignal 100/100
103.23.199.16
Location
IndonesiaCicurug, West Java
ASN
AS136052
CV. Satria Prima Persada
First Seen
Feb 28, 2025
Last Seen
Apr 24, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryIndonesia
IndonesiaRegionCicurug, West Java
ASNAS136052
OrganizationCV. Satria Prima Persada
IP Category
⬢
Hosting
Hosting provider
Feed Intelligence Summary
15 reports99% confidence
15
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaattackaustraliaauthenticationauthentication attemptsauthentication failuresautomated attackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcecommand and controlcowrie honeypotcredential accesscredential stuffingcredential stuffing attemptsctadata exfiltrationdata store exposuredecoy systemdistributed attackseuropeexploitation activityfail2ban triggeredftpftp brute forcehackingididentity & access exploitationindicatorindonesiainjection activitylogin attacklogin attacksmalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork intrusion detectionnetwork scanningnetwork security monitoringoceaniapassword attackspassword crackingphishingprocess injectionreconnaissanceresearchedscannersecurity eventsecurity operationssftp attacksshssh attackssh monitoringt1021t1021.001t1021.002t1021.006t1041t1055t1059t1071.001t1078t1078.001t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.002t1499.003t1565t1589t1589.002t1595t1595.001t1595.002t1595.003threat actorthreat intelligencetor nodeunauthorized access attemptsunited kingdom
Activity Timeline
Apr 24Apr 24
Threat Activity Heatmap
· Peak: 2026-04-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) signifies a critical and immediate threat to organizational security. The IPv4 address `103.23.199.16` has a maximal threat score of 100, indicating it is unequivocally associated with highly malicious activities. Its observed behaviors, including extensive brute-force attacks, credential stuffing attempts, and network scanning, are typical precursors to unauthorized access and system compromise. Failure to address this IOC promptly could lead to severe consequ…
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
15
Reports
First seenFeb 28, 2025
Last seenApr 24, 2026
GeolocationID
CountryIndonesia
LocationCicurug, West Java
ASNAS136052
OrgCV. Satria Prima Persada
Coords-6.8420, 106.7230
Hosting
VirusTotal
Not checked
WHOIS
- description
- Banned by Fail2Ban [sshd]
- raw
- inetnum: 103.23.198.0 - 103.23.199.255 netname: IDNIC-SATRIAPRIMA-ID descr: CV. Satria Prima Persada descr: Corporate / Direct Member IDNIC descr: Jalan Suka Karya I Nomor 104, Cicaheum descr: Bandung, Jawa Barat admin-c: NP367-AP tech-c: NP367-AP country: ID mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-SATRIAPRIMA mnt-irt: IRT-SATRIAPRIMA-ID status: ALLOCATED PORTABLE last-modified: 2022-10-22T00:22:44Z source: APNIC irt: IRT-SATRIAPRIMA-ID address: CV. Satria Prima Persada e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NP367-AP tech-c: NP367-AP auth: # Filtered mnt-by: MAINT-ID-SATRIAPRIMA last-modified: 2025-09-04T05:06:04Z source: APNIC person: Nanda Pramudian address: Jalan Suka Karya I Nomor 104 address: Bandung, Jawa Barat country: ID phone: +62-821-9869-0525 e-mail: [email protected] nic-hdl: NP367-AP mnt-by: MNT-APJII-ID last-modified: 2022-10-22T00:18:47Z source: APNIC inetnum: 103.23.199.0 - 103.23.199.255 netname: IDNIC-IDCLOUDHOST-ID descr: PT Cloud Hosting Indonesia descr: Corporate / Direct Member IDNIC descr: Pinus Raya Reni Jaya AG-1 No.01 descr: Pamulang Barat, Pamulang descr: Tangerang Selatan, Banten admin-c: APS20-AP tech-c: APS20-AP country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-IDCLOUDHOST-ID mnt-routes: MAINT-ID-IDCLOUDHOST status: ASSIGNED NON-PORTABLE last-modified: 2022-10-26T09:07:34Z source: IDNIC irt: IRT-IDCLOUDHOST-ID address: PT Cloud Hosting Indonesia address: Jl. Bojonggenteng No. 2 address: Sukabumi, Jawa Barat e-mail: [email protected] abuse-mailbox: [email protected] admin-c: APS20-AP tech-c: APS20-AP auth: # Filtered mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2017-01-23T07:33:21Z source: IDNIC person: Alfian Pamungkas Sakawiguna address: Jl. Bojonggenteng No.2 address: Sukabumi, Jawa Barat country: ID phone: +62-266-620073 e-mail: [email protected] nic-hdl: APS20-AP mnt-by: MAINT-ID-IDCLOUDHOST last-modified: 2017-01-23T07:34:14Z source: IDNIC
- references
- https://github.com/telekom-security/tpotce, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 15 threat reports