IOC Radar
IPMediumSignal 68/100

36.92.120.117

Location
IndonesiaIndonesia
Citeureup, Jakarta
ASN
AS7713
Temporary
First Seen
Jan 4, 2024
Last Seen
Jun 8, 2026
Jan 4
First Seen
903d ago
Jun 8
Last Seen
17d ago
7
Reports
source reports
68%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryIDIndonesia
RegionCiteureup, Jakarta
ASNAS7713
OrganizationTemporary

Feed Intelligence Summary

7 reports68% confidence
7
Source reports
68%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotapplication layer protocolasiaattackbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attackscisco devicecommunication protocolcompromised credentialsconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdatabase attacksdatabase exploitation attemptdatabase securitydecoy systemdenial of servicedevice managementdionaeadionaea honeypotdionaea malware analysiselasticpot honeypotelasticsearch monitoringenterprise networkingexploitationfattftpftp brute forceftp brute-forceheralding attack patternhoneytrap honeypothttp brute forcehttp scannerhttpsics securityidindicatorindonesiaindustrial control systemsinitial accessinjection attacksiot attacksiot device targetingiot/ics attackipphoney honeypotlamplamp vulnerability scanlateral movementmailoney honeypotmalicious activitymalwaremalware behaviourmalware capturemalware detectionnetworknetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningp0fpassword attacksphishingphishing attackphishing trapprotocol exploitationpython script activityreconnaissanceredis honeypotremote accessremote access attemptsremote servicesresearchedresource hijackingscannerscripting attackssensor-taggedsentrypeer botnetsftp attacksftp exploitationshell access attemptssip brute forcesip scanningsocial engineeringsql injection attemptsshssh attackssh brute-forcessh monitoringt1021t1021.001t1040t1041t1046t1059t1059.003t1059.007t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1563t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencetpotvoipvoip attackweb application attackweb application attacksweb attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 8Jun 8

Threat Activity Heatmap

· Peak: 2026-06-08
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
7
Reports
First seenJan 4, 2024
Last seenJun 8, 2026
GeolocationID
CountryIndonesia
LocationCiteureup, Jakarta
ASNAS7713
OrgTemporary
Coords-6.1810, 106.8260

VirusTotal

Not checked

WHOIS

description
Observed authentication attempts via unknown against Cowrie/Heralding honeypots in Australia. Total events observed: 1. Sensors involved: Heralding. Target ports: 1080. Source country: ID. ASN(s): 7713. Organisation(s): PT Telekomunikasi Indonesia. Usernames observed (masked): p*******R. Passwords observed (masked): 1******r.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 17 days ago
Appeared in 7 threat reports