IOC Radar
IPMediumSignal 69/100

103.245.16.102

Location
IndonesiaIndonesia
Jakarta, JI
ASN
AS46023
PT Honeycom Kreasi Pratama
First Seen
Sep 12, 2025
Last Seen
May 26, 2026
Sep 12
First Seen
273d ago
May 26
Last Seen
17d ago
7
Reports
source reports
69%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

13 techniques

Network Information

CountryIDIndonesia
RegionJakarta, JI
ASNAS46023
OrganizationPT Honeycom Kreasi Pratama

IP Category

Proxy
Proxy server

Feed Intelligence Summary

7 reports69% confidence
7
Source reports
69%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbad web botblog spambotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcecredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosdenial of serviceexploitation activityexploited hosthackinghttpididentity & access exploitationimageindicatorindonesiainjection activityinjection attacksmalicious ipmalwaremssqlnetworkpassword attacksportscanproxyrangereconnaissanceresearchedscannerscannersservice scanspamsql injectiont1059.003t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1499.001t1499.002t1595.001t1595.002t1595.003targeting databasetcpvultrweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 26May 26

Threat Activity Heatmap

· Peak: 2026-05-26
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
7
Reports
First seenSep 12, 2025
Last seenMay 26, 2026
GeolocationID
CountryIndonesia
LocationJakarta, JI
ASNAS46023
OrgPT Honeycom Kreasi Pratama
Coords-7.2484, 112.7419
Proxy

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MSSQL on Vultr Paris (France) honeypot
raw
inetnum: 103.245.16.0 - 103.245.19.255 netname: IDNIC-HONEYCOM-ID descr: PT Honeycom Kreasi Pratama descr: Corporate / Direct Member IDNIC descr: JL. Kebon Jeruk 70A, RT008/015 descr: Jakarta 11480, Indonesia admin-c: HKW10-AP tech-c: HKW10-AP country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-HONEYCOM-ID mnt-routes: MAINT-ID-HONEYCOM status: ASSIGNED PORTABLE last-modified: 2015-11-05T07:35:13Z source: APNIC irt: IRT-HONEYCOM-ID address: PT Honeycom address: JL. Kebon Jeruk 70A, RT008/015 address: Jakarta 11480, Indonesia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HKW10-AP tech-c: HKW10-AP auth: # Filtered mnt-by: MAINT-ID-HONEYCOM last-modified: 2026-03-09T15:38:36Z source: APNIC person: Hendra Kusuma Widjaja address: Jalan Kebon Jeruk 70A, RT 008/015 address: Jakarta 11480, Indonesia country: ID phone: +62-21-53673189 e-mail: [email protected] nic-hdl: HKW10-AP mnt-by: MAINT-ID-HONEYCOM last-modified: 2015-11-05T07:39:32Z source: APNIC inetnum: 103.245.16.0 - 103.245.19.255 netname: IDNIC-HONEYCOM-ID descr: PT Honeycom Kreasi Pratama descr: Corporate / Direct Member IDNIC descr: JL. Kebon Jeruk 70A, RT008/015 descr: Jakarta 11480, Indonesia admin-c: HKW10-AP tech-c: HKW10-AP country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-HONEYCOM-ID mnt-routes: MAINT-ID-HONEYCOM status: ASSIGNED PORTABLE last-modified: 2015-11-05T07:35:13Z source: IDNIC irt: IRT-HONEYCOM-ID address: PT Honeycom address: JL. Kebon Jeruk 70A, RT008/015 address: Jakarta 11480, Indonesia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HKW10-AP tech-c: HKW10-AP auth: # Filtered mnt-by: MAINT-ID-HONEYCOM last-modified: 2015-10-16T09:10:17Z source: IDNIC person: Hendra Kusuma Widjaja address: Jalan Kebon Jeruk 70A, RT 008/015 address: Jakarta 11480, Indonesia country: ID phone: +62-21-53673189 e-mail: [email protected] nic-hdl: HKW10-AP mnt-by: MAINT-ID-HONEYCOM last-modified: 2015-11-05T07:39:32Z source: IDNIC
references
https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrparis-mssql-bruteforce-ip-list-2026-04-16/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 9 months ago · Last seen 17 days ago
Appeared in 7 threat reports