IOC Radar
IPMediumSignal 57/100

36.93.245.110

Location
IndonesiaIndonesia
West Jakarta, Jakarta
ASN
AS7713
HSI Indihome
First Seen
May 18, 2024
Last Seen
Apr 2, 2026
May 18
First Seen
764d ago
Apr 2
Last Seen
80d ago
17
Reports
source reports
57%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

67 techniques

Network Information

CountryIDIndonesia
RegionWest Jakarta, Jakarta
ASNAS7713
OrganizationHSI Indihome

IP Category

Proxy
Proxy server

Feed Intelligence Summary

17 reports57% confidence
17
Source reports
57%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbhoney honeypotaptasiaattackbad reputationbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attacksc2c2 communicationcisco devicecisco exploitcommand & controlcommand and controlcompromised credentialscompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosddos attackddos preparationdecoy systemdenial of servicedevice managementdistributed attacksenterprise networkingeuropeexploit attemptsexploitation activityexploited hostfinlandfranceftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scanninghttps scanningididentity & access exploitationindicatorindonesiainfrastructure acquisitionreconnaissanceinjection activityiot securityiot targetedlamplateral movementlogin attemptmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deliverymalware distributionmanualnetworknetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork scanningnetwork securitynorth americapassword attackpassword attacksphishingphishing attackphishing trappolandprivilege escalationprocess injectionprotocol exploitationproxyproxy activityransomwarereconnaissanceremote accessremote servicesresearchedscannerscanning activitysecurity policysftp attackshell uploadsmb brute forcesmtp brute forcesmtp scanningsocial engineeringsocradar honeypotssh attackssh monitoringt1003t1005t1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1043t1046t1047t1053t1053.005t1055t1056t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1071.002t1071.004t1076t1078t1083t1090t1090.001t1090.002t1090.003t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1550t1552t1555t1556t1563t1565t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1590.001t1592t1595t1595.001t1595.002t1595.003tcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeudp scanunauthorized access attemptunited statesweb application attackweb exploitweb exploitation

Activity Timeline

1 total obs
Apr 2Apr 2

Threat Activity Heatmap

· Peak: 2026-04-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
17
Reports
First seenMay 18, 2024
Last seenApr 2, 2026
GeolocationID
CountryIndonesia
LocationWest Jakarta, Jakarta
ASNAS7713
OrgHSI Indihome
Coords-6.1810, 106.8260
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 36.64.0.0 - 36.95.255.255 netname: TELKOMNET descr: PT Telekomunikasi Indonesia descr: Menara Multimedia Lt. 7 descr: Jl. Kebon Sirih No. 12 descr: JAKARTA - 10340 country: ID org: ORG-TI10-AP admin-c: AZ163-AP tech-c: FS370-AP abuse-c: AI598-AP status: ALLOCATED PORTABLE remarks: For SPAM or ABUSE case, send to [email protected] remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-TELKOMNET mnt-routes: MAINT-TELKOMNET mnt-irt: IRT-IDTELKOM-ID last-modified: 2020-07-29T13:14:29Z source: APNIC irt: IRT-IDTELKOM-ID address: PT. TELKOM INDONESIA address: Indibiz Experience Center 3rd Floor address: Kebon Sirih No 36 address: Jakarta e-mail: [email protected] abuse-mailbox: [email protected] admin-c: RFR2-AP tech-c: TP630-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-15 mnt-by: MAINT-TELKOMNET last-modified: 2025-04-15T06:32:42Z source: APNIC organisation: ORG-TI10-AP org-name: Telekomunikasi Indonesia (PT) org-type: LIR country: ID address: PT Telkom - Divisi Digital Connectivity Service address: Gedung Indibiz Experience Center 3rd Floor address: Sub Divisi Internet Product and Traffic Management Jalan Kebon Sirih No.36 address: Jalan Merdeka Selatan No .12 phone: +62-21-3447070 fax-no: +62-21-3861215 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2025-02-26T13:00:34Z source: APNIC role: ABUSE IDTELKOMID country: ZZ address: PT. TELKOM INDONESIA address: Indibiz Experience Center 3rd Floor address: Kebon Sirih No 36 address: Jakarta phone: +000000000 e-mail: [email protected] admin-c: RFR2-AP tech-c: TP630-AP nic-hdl: AI598-AP remarks: Generated from irt object IRT-IDTELKOM-ID remarks: [email protected] was validated on 2025-04-15 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-15T06:33:12Z source: APNIC person: Akhmad Zaimi address: GSD Lt.14 Jl. Kebon Sirih No.12 country: ID phone: +62-21-3860500 e-mail: [email protected] nic-hdl: AZ163-AP mnt-by: MAINT-TELKOMNET last-modified: 2010-12-20T01:33:46Z source: APNIC person: Febrian Setiadi address: GSD Lt 14 Jl. Kebon Sirih No.12 country: ID phone: +62-21-3860500 e-mail: [email protected] nic-hdl: FS370-AP mnt-by: MAINT-TELKOMNET last-modified: 2010-12-20T01:30:54Z source: APNIC route: 36.93.240.0/20 descr: IP_Address_HSI_Indihome origin: AS7713 mnt-by: MAINT-TELKOMNET last-modified: 2020-04-04T03:06:13Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 17 threat reports