IOC Radar
IPMediumSignal 28/100

116.254.98.30

Location
IndonesiaIndonesia
Jakarta, Jakarta
ASN
AS45700
SpaceX Starlink
First Seen
Jan 6, 2025
Last Seen
Apr 21, 2026
Jan 6
First Seen
524d ago
Apr 21
Last Seen
54d ago
9
Reports
source reports
28%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryIDIndonesia
RegionJakarta, Jakarta
ASNAS45700
OrganizationSpaceX Starlink

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

9 reports28% confidence
9
Source reports
28%
Confidence score
Category tags
active scanactive scanningasiaattackbotnetbotnet activitybotnet iocsbotnet miraibotnet propagationbrute forcecommand and controlcommunication protocolconnected devicescowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attacksdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringexploitationexploitation activitygorillabotididentity & access exploitationindonesiaindustrial iotinitial accessinjection activityinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4irclinuxmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemiraimirai botnetmirai internetnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawphishingphishing attackprocess injectionprotocol exploitationproxyreconnaissanceresearchedresource hijackingscanning activitysentrypeer botnetsftp attacksmart devicessocial engineeringssh attackssh monitoringt1021t1021.001t1040t1041t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110.002t1190t1203t1204.002t1486t1496t1497t1497.001t1498.001t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet threatthingsthreat actorthreat intelligencetor nodetwittervoipvoip attackvpnxmrig

Activity Timeline

1 total obs
Apr 21Apr 21

Threat Activity Heatmap

· Peak: 2026-04-21
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
9
Reports
First seenJan 6, 2025
Last seenApr 21, 2026
GeolocationID
CountryIndonesia
LocationJakarta, Jakarta
ASNAS45700
OrgSpaceX Starlink
Coords-6.1728, 106.8272
ProxyVPN

VirusTotal

Not checked

WHOIS

raw
inetnum: 116.254.96.0 - 116.254.99.255 netname: NAPINFO descr: PT. NAP Info Lintas Nusa descr: NAP.Net.id - Network Access Point country: ID admin-c: HNIL1-AP tech-c: GW8177-AP mnt-by: MNT-APJII-ID mnt-irt: IRT-NAPNET-ID mnt-routes: MNT-APJII-ID status: ALLOCATED PORTABLE last-modified: 2024-05-25T02:47:52Z source: APNIC irt: IRT-NAPNET-ID address: PT. NAP Info Lintas Nusa address: Suite 101 AB Annex Building, Plaza Kuningan address: H.R. Rasuna Said, Kav. C 11-14. address: Jakarta Selatan, DKI 12940 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HNIL1-AP tech-c: HNIL1-AP auth: # Filtered mnt-by: MAINT-ID-NAPINFO last-modified: 2018-05-31T22:31:21Z source: APNIC person: Gunawan Wicaksono nic-hdl: GW8177-AP e-mail: [email protected] address: PT. NAP Info Lintas Nusa address: Suite 101 AB Annex Building, Plaza Kuningan. address: Jalan. H.R. Rasuna Said, Kav. C 11-14. address: Jakarta Selatan, DKI 12940 phone: +62-(21)-252-8888 fax-no: +62-(21)-252-5555 country: ID mnt-by: MAINT-ID-NAPINFO last-modified: 2008-09-04T07:29:17Z source: APNIC person: hostmaster nap info lintas nusa address: PT. NAP INFO LINTAS NUSA address: Suite 101 AB Annex Building, Plaza Kuningan address: H.R. Rasuna Said, Kav. C 11-14. address: Jakarta Selatan, DKI 12940 country: ID phone: +62-(21)-252-8888 fax-no: +62-(21)-252-5555 e-mail: [email protected] e-mail: [email protected] nic-hdl: HNIL1-AP mnt-by: MAINT-ID-NAPINFO last-modified: 2020-09-30T04:35:02Z source: APNIC route: 116.254.98.0/24 descr: Advertise Via NAP Info Lintas Nusa descr: Starlink origin: AS45700 mnt-by: MNT-APJII-ID last-modified: 2024-05-27T16:44:51Z source: APNIC inetnum: 116.254.96.0 - 116.254.99.255 netname: NAPINFO descr: PT. NAP Info Lintas Nusa descr: NAP.Net.id - Network Access Point country: ID admin-c: HNIL1-AP tech-c: GW8177-AP mnt-by: MNT-APJII-ID mnt-irt: IRT-NAPNET-ID mnt-routes: MNT-APJII-ID status: ALLOCATED PORTABLE last-modified: 2024-05-25T02:49:25Z source: IDNIC irt: IRT-NAPNET-ID address: PT. NAP Info Lintas Nusa address: Suite 101 AB Annex Building, Plaza Kuningan address: H.R. Rasuna Said, Kav. C 11-14. address: Jakarta Selatan, DKI 12940 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HNIL1-AP tech-c: HNIL1-AP auth: # Filtered mnt-by: MAINT-ID-NAPINFO last-modified: 2016-08-22T09:12:06Z source: IDNIC person: Gunawan Wicaksono nic-hdl: GW8177-AP e-mail: [email protected] address: PT. NAP Info Lintas Nusa address: Suite 101 AB Annex Building, Plaza Kuningan. address: Jalan. H.R. Rasuna Said, Kav. C 11-14. address: Jakarta Selatan, DKI 12940 phone: +62-(21)-252-8888 fax-no: +62-(21)-252-5555 country: ID mnt-by: MAINT-ID-NAPINFO last-modified: 2008-09-04T07:29:17Z source: IDNIC person: hostmaster nap info lintas nusa address: PT. NAP INFO LINTAS NUSA address: Suite 101 AB Annex Building, Plaza Kuningan address: H.R. Rasuna Said, Kav. C 11-14. address: Jakarta Selatan, DKI 12940 country: ID phone: +62-(21)-252-8888 fax-no: +62-(21)-252-5555 e-mail: [email protected] e-mail: [email protected] nic-hdl: HNIL1-AP mnt-by: MAINT-ID-NAPINFO last-modified: 2020-09-30T04:36:36Z source: IDNIC
references
https://1275.ru/ioc/gs-25-19131-mirai-botnet-iocs_11023, https://1275.ru/ioc/gs-25-19129-mirai-botnet-iocs_11015, https://1275.ru/ioc/gs-25-19128-mirai-botnet-iocs_11001, https://1275.ru/ioc/gs-25-19127-mirai-botnet-iocs_10989, https://1275.ru/ioc/gs-25-19125-mirai-botnet-iocs_10956, https://1275.ru/ioc/gs-25-19126-mirai-botnet-iocs_10970, https://1275.ru/ioc/gs-25-18122-mirai-botnet-iocs_10913, https://1275.ru/ioc/gs-25-18120-mirai-botnet-iocs_10854, https://1275.ru/ioc/gs-25-18119-mirai-botnet-iocs_10829, https://1275.ru/ioc/gs-25-18118-mirai-botnet-iocs_10825, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs-2_10696, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs_10682, https://1275.ru/ioc/gs-25-17113-mirai-botnet-iocs_10658, https://1275.ru/ioc/gs-25-17112-mirai-botnet-iocs_10640, https://github.com/telekom-security/tpotce, https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 9 threat reports