IOC Radar
IPMediumSignal 29/100

202.137.17.151

Location
IndonesiaIndonesia
Central Jakarta, JK
ASN
AS9905
LINKNET
First Seen
Jan 20, 2021
Last Seen
Apr 7, 2026
Jan 20
First Seen
1982d ago
Apr 7
Last Seen
78d ago
15
Reports
source reports
29%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryIDIndonesia
RegionCentral Jakarta, JK
ASNAS9905
OrganizationLINKNET

IP Category

Proxy
Proxy server

Feed Intelligence Summary

15 reports29% confidence
15
Source reports
29%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaerospace & defenseantispamasiaattackbad reputationbotnetbotnet activitybrute forcecivil servicescommand and controlcommunication protocolcommunication technologiescompromised credentialscowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securityddosdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityexploitation attemptexploitation attemptsgovernment technologyhead floodsheralding attack patternidentity & access exploitationindonesiainjection activityiot securitykillnetlateral movementlog4jmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmilitary operationsmobile carriersmobile networksnational securitynetworknetwork scanningnetwork securityphishingphishing attackprocess injectionproxypublic administrationpublic infrastructurepublic policypython script activityreconnaissanceregulatory agenciesremote accessresearchedresource hijackingscannerscanning activitysecurity policysentrypeer botnetsftp access attemptsftp attacksip brute forcesocial engineeringspamssh attackssh monitoringt1021t1040t1041t1055t1059t1071.001t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1498t1499t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1583t1595t1595.001t1595.002t1595.003tannertargeting databasetelecom servicestelecommunicationsthreat actorthreat intelligencethreat preventiontor nodevoipvoip attack

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
15
Reports
First seenJan 20, 2021
Last seenApr 7, 2026
GeolocationID
CountryIndonesia
LocationCentral Jakarta, JK
ASNAS9905
OrgLINKNET
Coords-6.1741, 106.8296
Proxy

VirusTotal

Not checked

WHOIS

description
proxy-proxy_http search result.
raw
inetnum: 202.137.16.0 - 202.137.19.255 netname: LINKNET-ID descr: PT. LINKNET descr: Internet Service Provider country: ID admin-c: RS188-AP tech-c: IR1-AP mnt-by: MNT-APJII-ID mnt-irt: IRT-IDNIC-ID mnt-lower: MAINT-ID-LINKNET status: ALLOCATED PORTABLE remarks: spam and abuse report : [email protected], [email protected] last-modified: 2015-12-01T22:27:45Z source: APNIC irt: IRT-IDNIC-ID address: INDONESIA NETWORK INFORMATION CENTER address: Cyber Building 11th Floor address: Jl. Kuningan Barat No.8 address: Jakarta Selatan 12710 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IA55-AP tech-c: IH123-AP auth: # Filtered mnt-by: MNT-APJII-ID last-modified: 2018-05-31T22:29:03Z source: APNIC person: Irvan Rianto nic-hdl: IR1-AP e-mail: [email protected] address: Citra Graha Bld. 4th floor address: Gatot Subroto Kav 35-36 address: Jakarta - 12950 address: Indonesia phone: +62-21-5278811 fax-no: +62-21-5278833 country: ID mnt-by: MAINT-ID-BM last-modified: 2008-09-04T07:29:32Z source: APNIC person: Rizky Soema di Pradja address: Citra Graha Bld. 4th Fl. address: Jl. Gatot Subroto Kav. 35-36 address: Jakarta - 12950 address: Indonesia country: ID phone: +62-21-5278811 fax-no: +62-21-5278833 e-mail: [email protected] nic-hdl: RS188-AP mnt-by: MAINT-ID-BM last-modified: 2008-09-04T07:29:20Z source: APNIC inetnum: 202.137.16.0 - 202.137.17.255 netname: LINKNET-ID country: ID descr: ISP LINKNET descr: Internet Service Provider - Jakarta descr: Dial-up IP modem Pool POP Slipi admin-c: EB26-AP tech-c: EB26-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-ID-LINKNET last-modified: 2008-09-04T06:52:09Z source: IDNIC person: Eko Budirahardjo nic-hdl: EB26-AP e-mail: [email protected] address: Lippo Cyber Park address: Jl. Bulevar Gajah Mada No.2088 address: Lippo Karawaci 100, Tangerang 15811. Indonesia phone: +62-21-55777755 fax-no: +62-21-5530752 country: ID mnt-by: MAINT-ID-LINKNET last-modified: 2008-09-04T07:30:20Z source: IDNIC route: 202.137.0.0/19 descr: Route Object Linknet origin: AS9905 mnt-by: MAINT-ID-BM last-modified: 2022-07-12T10:26:23Z source: IDNIC
references
https://github.com/telekom-security/tpotce, https://securityresearch.samadkhawaja.com/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 2 months ago
Appeared in 15 threat reports