IPMediumSignal 25/100

`119.95.123.229`

Location

Philippines

Quezon City, 00

ASN

AS9299

Philippine Long Distance Telephone Company

First Seen

Feb 8, 2025

Last Seen

Apr 22, 2026

Feb 8

First Seen

493d ago

Apr 22

Last Seen

54d ago

Reports

source reports

25%

Confidence

medium

Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

25%

Signal Score

25 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

26 techniques

Network Information

Country

Philippines

RegionQuezon City, 00

ASNAS9299

OrganizationPhilippine Long Distance Telephone Company

IP Category

⟲

Proxy

Proxy server

Feed Intelligence Summary

8 reports25% confidence

Source reports

25%

Confidence score

Category tags

abuseactive scanactive scanningasiabad reputationbotnetbotnet activitybotnet iocsbotnet miraibotnet propagationbrute forcecommand and controlcommunication protocolconnected devicescredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attacksdenial of servicedevice managementdistributed attacksexploitationexploitation activitygorillabotidentity & access exploitationindicatorindustrial iotinitial accessinjection activityinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4irclinuxmalicious softwaremalwaremirai botnetmirai internetnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawphphilippinesprocess injectionprotocol exploitationproxyreconnaissanceresearchedscanning activitysmart devicesssh attackt1021t1021.001t1040t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110.002t1190t1203t1486t1496t1497t1497.001t1498.001t1499.002t1499.003t1565t1595.001t1595.002t1595.003tcp protocoltelnet threatthingsthreat actortor nodetwitterxmrig

Activity Timeline

1 total obs

Apr 22Apr 22

Threat Activity Heatmap

· Peak: 2026-04-22

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, currently registers a low threat intelligence score, indicating that it does not pose an immediate, high-severity threat based on its current profile. While its whitelist status is "No," its score below 25 suggests a low-risk classification for this specific data point. Without corroborating evidence of direct malicious activity within our environment, its mere inclusion in threat intelligence feeds does not by itself indicate hostile behavior…

Threat ScoreLow Risk

SIGNAL

Signal Score

25%

Confidence

Reports

First seenFeb 8, 2025

Last seenApr 22, 2026

GeolocationPH

CountryPhilippines

LocationQuezon City, 00

ASNAS9299

OrgPhilippine Long Distance Telephone Company

Coords14.6513, 121.0492

Proxy

VirusTotal

Not checked

WHOIS

raw: inetnum: 119.95.0.0 - 119.95.127.255 netname: Residential_DSL descr: HOME_DSL descr: This space has been assigned as DYNAMIC country: PH admin-c: NOC36-AP tech-c: NOC36-AP abuse-c: AP713-AP status: ASSIGNED NON-PORTABLE remarks: assigned 20210707 mnt-by: PHIX-NOC-AP mnt-irt: IRT-PLDT-PH last-modified: 2023-08-01T03:42:10Z source: APNIC irt: IRT-PLDT-PH address: Philippine Long Distance Telephone Company address: 6/F Innolab Building address: Boni Avenue, Mandaluyong City address: Philippines e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NA185-AP tech-c: NA185-AP auth: # Filtered remarks: [email protected] was validated on 2025-01-10 mnt-by: PHIX-NOC-AP last-modified: 2025-04-14T05:51:00Z source: APNIC role: ABUSE PLDTPH country: ZZ address: Philippine Long Distance Telephone Company address: 6/F Innolab Building address: Boni Avenue, Mandaluyong City address: Philippines phone: +000000000 e-mail: [email protected] admin-c: NA185-AP tech-c: NA185-AP nic-hdl: AP713-AP remarks: Generated from irt object IRT-PLDT-PH remarks: [email protected] was validated on 2025-01-10 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-01-10T03:05:13Z source: APNIC person: PLDT APNIC NOC nic-hdl: NOC36-AP e-mail: [email protected] address: NFCSM-PLDT, 6/F Innolab Bldg, Boni Ave, Mandaluyong City, MM, Philippnes 1550 phone: +632-584-0201 country: PH mnt-by: PHIX-NOC-AP last-modified: 2017-02-01T02:28:01Z source: APNIC
references: https://1275.ru/ioc/gs-25-19131-mirai-botnet-iocs_11023, https://1275.ru/ioc/gs-25-19129-mirai-botnet-iocs_11015, https://1275.ru/ioc/gs-25-19128-mirai-botnet-iocs_11001, https://1275.ru/ioc/gs-25-19127-mirai-botnet-iocs_10989, https://1275.ru/ioc/gs-25-19125-mirai-botnet-iocs_10956, https://1275.ru/ioc/gs-25-19126-mirai-botnet-iocs_10970, https://1275.ru/ioc/gs-25-18122-mirai-botnet-iocs_10913, https://1275.ru/ioc/gs-25-18120-mirai-botnet-iocs_10854, https://1275.ru/ioc/gs-25-18119-mirai-botnet-iocs_10829, https://1275.ru/ioc/gs-25-18118-mirai-botnet-iocs_10825, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs-2_10696, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs_10682, https://1275.ru/ioc/gs-25-17113-mirai-botnet-iocs_10658, https://1275.ru/ioc/gs-25-17112-mirai-botnet-iocs_10640, https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200

`119.95.123.229`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy