IOC Radar
IPHighVerifiedSignal 55/100

128.1.227.61

Location
IndonesiaIndonesia
Jakarta, Jakarta Raya
ASN
AS21859
ZENLA-1
First Seen
Jul 4, 2023
Last Seen
Jun 19, 2026
Jul 4
First Seen
1088d ago
Jun 19
Last Seen
7d ago
5
Reports
source reports
55%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

71 techniques

Network Information

CountryIDIndonesia
RegionJakarta, Jakarta Raya
ASNAS21859
OrganizationZENLA-1

IP Category

Proxy
Proxy server

Feed Intelligence Summary

5 reports55% confidence
5
Source reports
55%
Confidence score
Category tags
abuseack scanactive scanactive scanningadbhoney honeypotasiaattackaustraliabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcec2 communicationcode executioncommand & controlcommand and controlcommand executioncommand injectioncommunication protocolcompromised hostconpot honeypotcontainer securitycowrie honeypotcowrie interactionscowrie ssh attackcowrie ssh attackscredential accesscredential attackcredential harvestingcredential stuffingcurldata encryptiondata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase login attemptdatabase securitydcerpcddosddos attackddos probeddospotdecoy systemdenial of servicedionaea honeypotdionaea interactionsdionaea malware samplesdistributed attacksdnsdns attackdockerelasticpot honeypotelasticsearchelasticsearch monitoringencryptionenumerationexfiltrationexploitexploit attemptsexploit targetingexploitation activityexploitation attemptexploitation of vulnerabilityexploited hostextortionfailed login attemptsfattfatt signaturesfilefin scanftpftp attackftp brute forcegalahgluttongopothackinghellpothoneytrap activityhoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshttp attackhttp brute forcehttp probinghttp scannerhttpsicmpics securityididentity & access exploitationimapinbound scanindonesiaindustrial control systemsinitial accessinjection activityinjection attacksinternet-facingintrusion detectioniociot securityiot/ics attackipphoney honeypotkibanalateral movementlog4potmailoney honeypotmailoney interactionsmalicious activitymalicious file transfermalicious network activitymalicious softwaremalwaremalware analysismalware behaviourmalware capturemalware downloadmalware propagationmanualmasscan activitymedpotmssqlnetworknetwork attacksnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnmap scan detectednull scanoceaniap0fp0f network fingerprintingp0f os fingerprintingp0f signaturespassword attackspassword sprayingphishingphishing attackphishing trappossible vulnerability probingpotential exploit targetingpotential reconnaissance activityprivilege escalationprocess injectionprotocol exploitationproxyproxy accessransomwarercereconnaissanceredis honeypotremote accessremote code executionremote servicesresearchedresource hijackingscannerscanning activityscripting attackssensor-taggedsentrypeer botnetsentrypeer interactionsserver exploitationservice discoveryservice scanshell accessshell access attemptsippsmtpsmtp brute forcesmtp probingsmtp scanningsnaresocial engineeringsoftware exploitationspamsql injectionsql injection attemptssh attackssh monitoringstealth scansuricata alertsuricata alertssyn scansystem disruptiont1005t1016t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1027t1040t1046t1053t1055t1059t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.004t1083t1087t1087.001t1087.002t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1195t1203t1204.002t1486t1490t1496t1499.001t1499.002t1499.003t1505.002t1550t1550.002t1550.003t1555t1555.003t1563t1565t1566t1566.001t1566.002t1566.003t1572t1583t1588t1588.002t1588.006t1595t1595.001t1595.002t1595.003tannertanner interactionstargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotudp port scanudp scanunauthorized accessunauthorized login attemptvnc protocolvoipvoip attackvulnerability scanweb app attackweb application attackweb application attacksweb application scanweb attackweb exploitationweb login attemptweb shellweb shell detectionweb shell uploadweb spamweb trafficwgetwordpotxmas scan

Activity Timeline

1 total obs
Jun 19Jun 19

Threat Activity Heatmap

· Peak: 2026-06-19
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
5
Reports
First seenJul 4, 2023
Last seenJun 19, 2026
Verified IOC
GeolocationID
CountryIndonesia
LocationJakarta, Jakarta Raya
ASNAS21859
OrgZENLA-1
Coords-6.2087, 106.8455
Proxy

VirusTotal

Not checked

WHOIS

description
Observed making inbound scans on 2026-05-26 18:42:28

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 3 years ago · Last seen 7 days ago
Appeared in 5 threat reports