IOC Radar
IPMediumSignal 41/100

210.79.191.139

Location
IndonesiaIndonesia
Cicurug, West Java
ASN
AS136052
PT KEBUN NARA SANTOSA
First Seen
Jul 3, 2025
Last Seen
May 5, 2026
Jul 3
First Seen
360d ago
May 5
Last Seen
54d ago
17
Reports
source reports
41%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

52 techniques

Network Information

CountryIDIndonesia
RegionCicurug, West Java
ASNAS136052
OrganizationPT KEBUN NARA SANTOSA

Feed Intelligence Summary

17 reports41% confidence
17
Source reports
41%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapacheasiaattackaustraliaauthenticationauthentication attackauthentication failureautomated attackbad reputationbad web botblacklisted ipblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcec2 communicationcommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcowrie honeypotcredential accesscredential stuffingcredentialsdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedigitalocean vpsdionaea honeypotdistributed attackseuropeexfiltrationexploitexploit attemptsexploitation activityexploited hostfail2ban triggeredfailed login attemptsfattfinlandfranceftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forceididentity & access exploitationindicatorindonesiainformation technologyinjection activityintrusion detectioniocit infrastructurelateral movementlogin attemptlogin brute forcelogin failuremailmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionmod securitynetworknetwork enumerationnetwork intrusionnetwork intrusion detectionnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnorth americanoticeoceaniap0fpassword attackpassword attackspassword crackingphishingphishing attackphishing trapping of deathpolandprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscanning activitysecurity operationssecurity policysensor-taggedsentrypeer botnetsmb brute forcesmtp brute forcesocradar honeypotsoftware developmentspamsshssh attackssh monitoringt1003t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1078.002t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1555t1555.003t1563t1565t1573t1573.001t1588t1588.002t1589t1592t1595t1595.001t1595.002t1595.003tannertcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp scanunauthorized access attemptunauthorized login attemptsunited kingdomunited statesvoipvoip attackvulnerability scanweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 5May 5

Threat Activity Heatmap

· Peak: 2026-05-05
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
17
Reports
First seenJul 3, 2025
Last seenMay 5, 2026
GeolocationID
CountryIndonesia
LocationCicurug, West Java
ASNAS136052
OrgPT KEBUN NARA SANTOSA
Coords-6.8346, 106.7210

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 210.79.190.0 - 210.79.191.255 netname: IDNIC-KEBUNA-ID descr: PT Kebun Nara Santosa descr: Corporate / Direct Member IDNIC descr: IT Solution And Development descr: Kampung Bojonggenteng, RT 5/RW 2, Bojong Genteng descr: Sukabumi, Jawa Barat, 43353 admin-c: AH1498-AP tech-c: AH1498-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-KEBUNA-ID mnt-routes: MAINT-ID-KEBUNA status: ASSIGNED PORTABLE last-modified: 2023-12-01T03:53:03Z source: APNIC irt: IRT-KEBUNA-ID address: PT. KEBUN NARA SANTOSA address: Kampung Bojonggenteng, RT 5/RW 2, Bojong Genteng address: Sukabumi, Jawa Barat, 43353 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AH1498-AP tech-c: AH1498-AP auth: # Filtered mnt-by: MAINT-ID-KEBUNA last-modified: 2025-09-04T04:55:19Z source: APNIC person: Alfin Haris address: Kampung Bojonggenteng, RT 5/RW 2, Bojong Genteng address: Sukabumi, Jawa Barat, 43353 country: ID phone: +6285641881855 e-mail: [email protected] nic-hdl: AH1498-AP mnt-by: MAINT-ID-KEBUNA last-modified: 2023-12-01T03:45:57Z source: APNIC route: 210.79.190.0/23 descr: PT KEBUN NARA SANTOSA origin: AS136052 mnt-by: MAINT-ID-KEBUNA country: ID last-modified: 2023-12-03T02:46:33Z source: APNIC inetnum: 210.79.190.0 - 210.79.191.255 netname: IDNIC-KEBUNA-ID descr: PT Kebun Nara Santosa descr: Corporate / Direct Member IDNIC descr: IT Solution And Development descr: Kampung Bojonggenteng, RT 5/RW 2, Bojong Genteng descr: Sukabumi, Jawa Barat, 43353 admin-c: AH1498-AP tech-c: AH1498-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-KEBUNA-ID mnt-routes: MAINT-ID-KEBUNA status: ASSIGNED PORTABLE last-modified: 2023-12-03T02:43:51Z source: IDNIC irt: IRT-KEBUNA-ID address: PT. KEBUN NARA SANTOSA address: Kampung Bojonggenteng, RT 5/RW 2, Bojong Genteng address: Sukabumi, Jawa Barat, 43353 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AH1498-AP tech-c: AH1498-AP auth: # Filtered mnt-by: MAINT-ID-KEBUNA last-modified: 2023-12-03T02:43:51Z source: IDNIC person: Alfin Haris address: Kampung Bojonggenteng, RT 5/RW 2, Bojong Genteng address: Sukabumi, Jawa Barat, 43353 country: ID phone: +6285641881855 e-mail: [email protected] nic-hdl: AH1498-AP mnt-by: MAINT-ID-KEBUNA last-modified: 2023-12-03T02:43:59Z source: IDNIC route: 210.79.190.0/23 descr: PT KEBUN NARA SANTOSA origin: AS136052 mnt-by: MAINT-ID-KEBUNA country: ID last-modified: 2023-12-03T02:46:55Z source: IDNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 17 threat reports