IPMediumSignal 26/100
36.64.130.111
Location
IndonesiaJakarta, Jakarta
ASN
AS7713
PT. Telekomunikasi Indonesia
First Seen
Nov 8, 2023
Last Seen
Apr 20, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
26%
Signal Score
26 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryIndonesia
IndonesiaRegionJakarta, Jakarta
ASNAS7713
OrganizationPT. Telekomunikasi Indonesia
Feed Intelligence Summary
9 reports26% confidence
9
Source reports
26%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotapplication layer protocolasiaattackattack sourceaustraliaauthentication attemptsauthentication failureauthentication_bypassbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptscisco devicecisco exploitationcommand and controlcommunication protocolcompromised credentialscompromised hostcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securityddosdecoy systemdevice managementdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploitexploit attemptsexploitationexploitation activityexploitation attemptexploitation attemptsfattftpftp brute forceheralding attack patternhoneytrap honeypothttp brute forcehttp scannerhttp scanningidentity & access exploitationindicatorindonesiainitial accessinjection activityinjection attacksiot securityipv4ipv4 addressipv4_addresslamplamp vulnerability scanlateral movementmailoney honeypotmalicious activitymalicious payload attemptmalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmalware distributionmssql scanningnetworknetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork_service_exploitationoceaniap0fpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpython script activityransomwarereconnaissanceremote accessremote access attemptsremote serviceremote servicesremote_accessresearchedresource hijackingscannerscanning activityscripting attackssecurity operationssensor-taggedsentrypeer botnetserver exploitationservice scansftp access attemptsftp attacksftp exploitationsip brute forcesmb scanningsmtpsocial engineeringspamsql injectionsql injection attemptssh attackssh monitoringt-pott1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.003t1059.007t1071t1071.001t1076t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1583t1588.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunauthorized login attemptsvnc protocolvoipvoip attackvulnerability scanweb attackweb exploitationweb spamweb traffic
Activity Timeline
Apr 20Apr 20
Threat Activity Heatmap
· Peak: 2026-04-20LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
26
SIGNAL
Signal Score
26%
Confidence
9
Reports
First seenNov 8, 2023
Last seenApr 20, 2026
GeolocationID
CountryIndonesia
LocationJakarta, Jakarta
ASNAS7713
OrgPT. Telekomunikasi Indonesia
Coords-6.1728, 106.8272
VirusTotal
Not checked
WHOIS
- description
- 2025-04-29T14:18:11.043Z Honeypot : Heralding : Source: 36.64.130.111 : Username/Password: ADmin1/killer Port: 1080 Message: 2025-04-29 14:18:11.043545,9b1ea34d-d388-470c-982f-880392a3a8fe,69d70ef4-c647-41f0-8441-25bee2bafb95,36.64.130.111,58341,99.18.26.18,1080,socks5,ADmin1,killer,
- raw
- inetnum: 36.64.128.0 - 36.64.143.255 netname: TLKM_BB_INF_36_64 descr: PT TELKOM INDONESIA Menara Multimedia Lt.7 Jl. Kebon sirih No.12 JAKARTA country: ID admin-c: AZ163-AP tech-c: FS370-AP abuse-c: AI598-AP status: ASSIGNED NON-PORTABLE remarks: These IP was used for PT TELKOM Indonesia's infrastructure mnt-by: MAINT-TELKOMNET mnt-lower: MAINT-TELKOMNET mnt-routes: MAINT-TELKOMNET mnt-irt: IRT-IDTELKOM-ID last-modified: 2021-01-26T22:07:09Z source: APNIC irt: IRT-IDTELKOM-ID address: PT. TELKOM INDONESIA address: Indibiz Experience Center 3rd Floor address: Kebon Sirih No 36 address: Jakarta e-mail: [email protected] abuse-mailbox: [email protected] admin-c: RFR2-AP tech-c: TP630-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-15 mnt-by: MAINT-TELKOMNET last-modified: 2025-04-15T06:32:42Z source: APNIC role: ABUSE IDTELKOMID country: ZZ address: PT. TELKOM INDONESIA address: Indibiz Experience Center 3rd Floor address: Kebon Sirih No 36 address: Jakarta phone: +000000000 e-mail: [email protected] admin-c: RFR2-AP tech-c: TP630-AP nic-hdl: AI598-AP remarks: Generated from irt object IRT-IDTELKOM-ID remarks: [email protected] was validated on 2025-04-15 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-15T06:33:12Z source: APNIC person: Akhmad Zaimi address: GSD Lt.14 Jl. Kebon Sirih No.12 country: ID phone: +62-21-3860500 e-mail: [email protected] nic-hdl: AZ163-AP mnt-by: MAINT-TELKOMNET last-modified: 2010-12-20T01:33:46Z source: APNIC person: Febrian Setiadi address: GSD Lt 14 Jl. Kebon Sirih No.12 country: ID phone: +62-21-3860500 e-mail: [email protected] nic-hdl: FS370-AP mnt-by: MAINT-TELKOMNET last-modified: 2010-12-20T01:30:54Z source: APNIC route: 36.64.128.0/20 descr: PT. Telekomunikasi Indonesia country: ID origin: AS17974 mnt-by: MAINT-TELKOMNET last-modified: 2013-12-10T08:18:02Z source: APNIC
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 2 months ago
Appeared in 9 threat reports