116.254.113.85 Threat Intelligence and Host Information

ipinfopage

General

This page contains threat intelligence information for the IPv4 address 116.254.113.85 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

🟡 Low Risk — 39/100

Geographic Location

Host and Network Information

  • View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
  • Country: Indonesia
  • Noticed: 3 times
  • Protocols Attacked: Anonymous Proxy
  • Open Ports: 161, 1701, 2000, 2222, 443, 53, 80, 8291
  • Tor Node: No

Tags

  • botnet iocs
  • botnet mirai
  • ddos
  • gorillabot
  • gs251386
  • gs2513862
  • gs251387
  • gs2518120
  • gs2518122
  • gs25181222
  • gs2519125
  • gs2519126
  • gs2519129
  • gs2519131
  • iocs
  • ipv4
  • linux
  • malware
  • mirai
  • mirai botnet
  • mirai internet
  • outlaw
  • things
  • twitter
  • xmrig

Associated CVEs

  • CVE-2021-23017

Passive DNS

  • skm.dpmptsp.jatengprov.go.id

Attack Log References

Whois Information

inetnum: 116.254.113.0 - 116.254.113.255 netname: GMEDIA-ID-SEMARANG descr: PT Media Sarana Data descr: Internet Service Provider descr: Jl. Daradasih No. 11A descr: Patangpuluhan, Yogyakarta descr: DIY Yogyakarta, 55251 country: ID admin-c: GH788-AP tech-c: GH788-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-ID-GMEDIA mnt-irt: IRT-GMEDIA-ID last-modified: 2021-04-22T09:31:18Z irt: IRT-GMEDIA-ID address: Jl. Daradasih No. 11A address: Patangpuluhan, Yogyakarta address: DIY Yogyakarta, 55251 e-mail: hostmaster@gmedia.net.id abuse-mailbox: abuse@gmedia.net.id admin-c: GH788-AP tech-c: GH788-AP mnt-by: MAINT-ID-GMEDIA last-modified: 2026-03-09T15:38:33Z person: GMEDIA HOSTMASTER address: Jl. Daradasih No. 11A address: Patangpuluhan, Yogyakarta address: DIY Yogyakarta, 55251 country: ID phone: +62-274-380345 fax-no: +62-274-379593 e-mail: hostmaster@gmedia.net.id nic-hdl: GH788-AP notify: agusr@gmedia.co.id mnt-by: MAINT-ID-GMEDIA last-modified: 2011-02-28T19:00:02Z route: 116.254.113.0/24 origin: AS55666 descr: Indonesia Network Information Center mnt-by: MAINT-ID-GMEDIA last-modified: 2019-08-14T09:57:50Z inetnum: 116.254.113.0 - 116.254.113.255 netname: IMUN-ID descr: PT Internet Mulia Untuk Negeri descr: Internet Service Provider descr: Jl. Jangli Dalam No. 29J descr: Jatingaleh, Candisari descr: Semarang, 50254 country: ID admin-c: IH302-AP tech-c: IH302-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-ID-GMEDIA mnt-irt: IRT-GMEDIA-ID last-modified: 2023-02-22T05:37:11Z irt: IRT-GMEDIA-ID address: Jl. Daradasih No. 11A address: Patangpuluhan, Yogyakarta address: DIY Yogyakarta, 55251 e-mail: hostmaster@gmedia.net.id abuse-mailbox: abuse@gmedia.net.id admin-c: GH788-AP tech-c: GH788-AP mnt-by: MAINT-ID-GMEDIA last-modified: 2011-02-25T10:06:50Z person: IMUN Hostmaster address: Jl. Jangli Dalam No. 29J address: Jatingaleh, Candisari address: Semarang, 50254 country: ID phone: +62-24-8509595 e-mail: hostmaster@nexa.net.id nic-hdl: IH302-AP mnt-by: MAINT-ID-IMUN fax-no: +62-24-8509595 last-modified: 2022-06-03T05:56:34Z route: 116.254.112.0/21 descr: Route object of GMEDIA origin: AS55666 mnt-by: MAINT-ID-GMEDIA last-modified: 2017-08-14T10:05:40Z