IOC Radar
IPMediumSignal 27/100

117.54.218.100

Location
IndonesiaIndonesia
Jakarta, JK
ASN
AS9340
PT IndoInternet
First Seen
Nov 4, 2024
Last Seen
Mar 27, 2026
Nov 4
First Seen
597d ago
Mar 27
Last Seen
89d ago
6
Reports
source reports
27%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryIDIndonesia
RegionJakarta, JK
ASNAS9340
OrganizationPT IndoInternet

Feed Intelligence Summary

6 reports27% confidence
6
Source reports
27%
Confidence score
Category tags
abuseaccessactive scanningadbhoney activityadbhoney honeypotasiaattackbotnetbrute forcecommand and controlcommunication protocolcowriecowrie activitycowrie attackcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdecoy systemdionaeadionaea activitydionaea attackdionaea honeypotdistributed attacksemailftp brute forcegithubgroupshoneytrap activityhoneytrap honeypotidindexindicatorindonesiainformation technologylamplamp attacklamp stack attackmailoney activitymailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork securityphishingphishing attackphishing trapprocess injectionpythonreconnaissanceresearchedresource hijackingscannerscriptscripting attackssentrypeer activitysentrypeer botnetsftpsftp activitysftp attacksipsip scanningslugsocial engineeringsshssh attackssh monitoringsurface webt1040t1041t1055t1059t1059.004t1059.007t1071.001t1078t1078.001t1078.004t1110t1110.001t1110.002t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertanner attacktelecommunicationsthreat actorthreat detectionthreat intelligencetpotcevoipvoip attackweb attackweb exploitation

Activity Timeline

1 total obs
Mar 27Mar 27

Threat Activity Heatmap

· Peak: 2026-03-27
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
6
Reports
First seenNov 4, 2024
Last seenMar 27, 2026
GeolocationID
CountryIndonesia
LocationJakarta, JK
ASNAS9340
OrgPT IndoInternet
Coords-6.1830, 106.7577

VirusTotal

Not checked

WHOIS

description
2025-02-02T07:23:34.098Z Honeypot : Tanner : Source: 117.54.218.100 : Port: 80 Post Data: {'version': '0.6.0', 'response': {'message': {'detection': {'version': '0.6.0', 'order': 1, 'name': 'index', 'type': 1}, 'sess_uuid': 'f86abd6f-9653-4ee7-b4fb-466962599560'}}}
raw
inetnum: 117.54.0.0 - 117.54.255.255 netname: INDONET-ID descr: IndoInternet Network country: ID admin-c: RN65-AP tech-c: RN65-AP remarks: Send Spam & Abuse report to: [email protected] mnt-by: MNT-APJII-ID mnt-irt: IRT-INDONET-ID mnt-lower: MAINT-INDONET-ID status: ALLOCATED PORTABLE last-modified: 2016-05-11T09:31:22Z source: APNIC irt: IRT-INDONET-ID address: PT. IndoInternet address: Grha Citra Caraka Lt. M address: Jl. Gatot Subroto Kav 52 address: Jakarta 12710 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: RN65-AP tech-c: RN65-AP auth: # Filtered mnt-by: MAINT-INDONET-ID last-modified: 2019-03-08T04:45:29Z source: APNIC person: Indonet Hostmaster address: Grha Citra Caraka Lt.M address: Jl. jend. Gatot Subroto Kav 52 address: Jakarta 12710 country: ID phone: +62-21-5268164 fax-no: +62-21-5271850 e-mail: [email protected] nic-hdl: RN65-AP mnt-by: MAINT-INDONET-ID last-modified: 2008-09-04T07:29:17Z source: APNIC route: 117.54.0.0/16 descr: Route Object PT IndoInternet descr: Business Enabler Service Provider descr: Rumah Indonet, Rempoa Raya no. 11 Ciputat origin: AS9340 country: ID remarks: Send Abuse and Spam Report to : [email protected] notify: [email protected] mnt-by: MAINT-INDONET-ID last-modified: 2011-07-14T08:48:53Z source: APNIC inetnum: 117.54.0.0 - 117.54.255.255 netname: INDONET-ID descr: IndoInternet Network country: ID admin-c: RI-AP tech-c: BSS1-AP remarks: Send Spam & Abuse report to: [email protected] mnt-by: MNT-APJII-ID mnt-irt: IRT-INDONET-ID mnt-lower: MAINT-INDONET-ID status: ALLOCATED PORTABLE last-modified: 2024-12-11T07:18:32Z source: IDNIC irt: IRT-INDONET-ID address: PT. IndoInternet address: Cyber Building, 8th Flr address: Jl. Kuningan Barat no 8 address: Jakarta 12710 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: RI-AP tech-c: RI-AP auth: # Filtered mnt-by: MAINT-INDONET-ID last-modified: 2024-07-17T08:45:25Z source: IDNIC person: Budi Santoso Supriatna address: Jakarta country: ID phone: +622127555222 e-mail: [email protected] nic-hdl: BSS1-AP mnt-by: MNT-APJII-ID last-modified: 2024-07-18T08:00:54Z source: IDNIC person: Rahman Isnaini RsT address: PT INDO Internet address: Cyber Bld, 8 flr address: Jl. Kuningan Barat no 8, Jakarta country: ID phone: +62-21-52960202 fax-no: +62-21-52960303 e-mail: [email protected] nic-hdl: RI-AP mnt-by: MAINT-INDONET-ID last-modified: 2024-04-05T07:36:10Z source: IDNIC route: 117.54.0.0/16 descr: Route Object PT IndoInternet descr: Business Enabler Service Provider descr: Rumah Indonet, Rempoa Raya no. 11 Ciputat origin: AS9340 country: ID remarks: Send Abuse and Spam Report to : [email protected] notify: [email protected] mnt-by: MAINT-INDONET-ID last-modified: 2024-12-10T04:59:17Z source: IDNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 6 threat reports