IOC Radar
IPMediumSignal 41/100

119.92.188.29

Location
PhilippinesPhilippines
Pasay, National Capital Region
ASN
AS9299
Holcim Philippines
First Seen
Apr 4, 2023
Last Seen
Jun 2, 2026
Apr 4
First Seen
1168d ago
Jun 2
Last Seen
13d ago
14
Reports
source reports
41%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryPHPhilippines
RegionPasay, National Capital Region
ASNAS9299
OrganizationHolcim Philippines

IP Category

Proxy
Proxy server

Feed Intelligence Summary

14 reports41% confidence
14
Source reports
41%
Confidence score
Category tags
active scanactive scanningaerospace & defenseasiabad web botbotnetbotnet activitybotnet iocsbotnet miraibotnet propagationbrute forcebrute force attackbrute force attackercivil servicescommand and controlcommunication protocolcommunication technologiescompromise ipv4connected devicescredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attackddos attacksdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedevice managementdistributed attacksexploitationexploitation activityexploited hostgorillabotgovernment technologyhead floodsidentity & access exploitationindustrial iotinitial accessinjection activityinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4ipv4 portirckillnetlinuxmalicious softwaremalwaremilitary operationsmirai botnetmirai internetmobile carriersmobile networksnational securitynetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawpassword attacksphphilippinesprocess injectionprotocol exploitationproxypublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesresearchedscannerscanning activitysmart devicesspamssh attackt1021t1021.001t1040t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1497t1497.001t1498t1498.001t1499t1499.002t1499.003t1565t1595.001t1595.002t1595.003tcp protocoltelecom servicestelecommunicationstelnet threatthingsthreat actortoggletor nodetwitterweb spamxmrig

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
14
Reports
First seenApr 4, 2023
Last seenJun 2, 2026
GeolocationPH
CountryPhilippines
LocationPasay, National Capital Region
ASNAS9299
OrgHolcim Philippines
Coords14.5764, 121.0390
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 119.92.188.16 - 119.92.188.31 netname: I-Gate descr: 101534936_HOLCIM PHILIPPINES, INC. descr: This space has been assigned as STATIC country: PH admin-c: NA185-AP tech-c: NOC36-AP abuse-c: AP713-AP status: ASSIGNED NON-PORTABLE mnt-by: PHIX-NOC-AP mnt-irt: IRT-PLDT-PH last-modified: 2024-08-07T02:22:42Z source: APNIC irt: IRT-PLDT-PH address: Philippine Long Distance Telephone Company address: 6/F Innolab Building address: Boni Avenue, Mandaluyong City address: Philippines e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NA185-AP tech-c: NA185-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: PHIX-NOC-AP last-modified: 2025-07-30T13:06:33Z source: APNIC role: ABUSE PLDTPH country: ZZ address: Philippine Long Distance Telephone Company address: 6/F Innolab Building address: Boni Avenue, Mandaluyong City address: Philippines phone: +000000000 e-mail: [email protected] admin-c: NA185-AP tech-c: NA185-AP nic-hdl: AP713-AP remarks: Generated from irt object IRT-PLDT-PH remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-30T13:07:19Z source: APNIC person: Nilo Agir nic-hdl: NA185-AP e-mail: [email protected] address: 6/F Innolab Building, Boni Avenue, Mandaluyong City phone: +632-584-1045 country: PH mnt-by: PHIX-NOC-AP last-modified: 2011-04-27T01:43:18Z source: APNIC person: PLDT APNIC NOC nic-hdl: NOC36-AP e-mail: [email protected] address: NFCSM-PLDT, 6/F Innolab Bldg, Boni Ave, Mandaluyong City, MM, Philippnes 1550 phone: +632-584-0201 country: PH mnt-by: PHIX-NOC-AP last-modified: 2017-02-01T02:28:01Z source: APNIC
references
https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200, https://1275.ru/ioc/7957/gs-565-mirai-botnet-iocs/, https://securityresearch.samadkhawaja.com/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 13 days ago
Appeared in 14 threat reports