IOC Radar
IPHighVerifiedSignal 48/100

118.99.84.197

Location
IndonesiaIndonesia
Surabaya, Jawa Timur
ASN
AS17451
BIZNET
First Seen
Jun 16, 2025
Last Seen
Jan 18, 2026
Jun 16
First Seen
371d ago
Jan 18
Last Seen
155d ago
6
Reports
source reports
48%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryIDIndonesia
RegionSurabaya, Jawa Timur
ASNAS17451
OrganizationBIZNET

Feed Intelligence Summary

6 reports48% confidence
6
Source reports
48%
Confidence score
Category tags
active scanningantispamasiaattackbotnetbrute forcebrute force attackbrute_forcecommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationdistributed attacksftpftp_bruteforcehttp scannerhttp_scanhttps_scanindicatorindonesialog4jmalicious activitymalicious softwaremalwarenetworknetwork attack attemptsnetwork scanningnetwork securitynetwork service scanningnorth americapassword attackspossible botnet activityprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedscripting attacksspamsql injection attemptssh attackssh_bruteforcet1021t1021.001t1040t1046t1055t1059t1059.007t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.002t1499.003t1563t1565t1595t1595.001t1595.002t1595.003telnet threattelnet_bruteforcethreat actorunauthorized accessunauthorized access attemptunited statesweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Jan 18Jan 18

Threat Activity Heatmap

· Peak: 2026-01-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
6
Reports
First seenJun 16, 2025
Last seenJan 18, 2026
Verified IOC
GeolocationID
CountryIndonesia
LocationSurabaya, Jawa Timur
ASNAS17451
OrgBIZNET
Coords-7.2490, 112.7507

VirusTotal

Not checked

WHOIS

description
2025-07-05T02:41:20.065Z Honeypot : Heralding : Source: 118.99.84.197 : Username/Password: ADmin/password Port: 1080 Message: 2025-07-05 02:41:20.065491,2bb9525a-343b-491a-95e0-72e6655bfb3b,65d68cbb-3d7e-4748-bbff-a86a208ee5e5,118.99.84.197,59032,99.18.26.18,1080,socks5,ADmin,password,
raw
inetnum: 118.99.64.0 - 118.99.127.255 netname: BIZNET-AP descr: Biznet Networks descr: Internet Service Provider descr: Jakarta, Indonesia country: ID admin-c: AA590-AP tech-c: AA590-AP remarks: Send Spam & Abuse report to: [email protected] status: ALLOCATED PORTABLE mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-BIZNET mnt-irt: IRT-BIZNET-ID last-modified: 2021-07-09T08:51:18Z source: APNIC irt: IRT-BIZNET-ID address: Biznet Networks address: Midplaza 2, 8th Floor address: Jl. Jend Sudirman Kav 10-11 address: Jakarta 10220 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: BA18-AP tech-c: BA18-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-ID-BIZNET last-modified: 2025-03-12T13:07:30Z source: APNIC person: Agus Ariyanto nic-hdl: AA590-AP e-mail: [email protected] address: Midplaza 2, 8th Floor address: Jl. Jend Sudirman Kav 10-11 address: Jakarta, Indonesia phone: +62-21-57998888 fax-no: +62-21-5700580 country: ID mnt-by: MAINT-ID-BIZNET last-modified: 2008-09-04T07:54:14Z source: APNIC inetnum: 118.99.84.0 - 118.99.84.255 netname: Biznet_Metronet descr: Biznet_Metronet descr: Malang country: ID admin-c: AA590-AP tech-c: AA590-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-ID-BIZNET mnt-irt: IRT-BIZNET-ID last-modified: 2022-03-15T21:30:42Z source: IDNIC irt: IRT-BIZNET-ID address: Biznet Networks address: Midplaza 2, 8th Floor address: Jl. Jend Sudirman Kav 10-11 address: Jakarta 10220 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: BA18-AP tech-c: BA18-AP auth: # Filtered mnt-by: MAINT-ID-BIZNET last-modified: 2024-08-22T04:54:11Z source: IDNIC person: Agus Ariyanto nic-hdl: AA590-AP e-mail: [email protected] address: Midplaza 2, 8th Floor address: Jl. Jend Sudirman Kav 10-11 address: Jakarta, Indonesia phone: +62-21-57998888 fax-no: +62-21-5700580 country: ID mnt-by: MAINT-ID-BIZNET last-modified: 2008-09-04T07:54:14Z source: IDNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 5 months ago
Appeared in 6 threat reports