IOC Radar
IPMediumSignal 27/100

103.116.116.244

Location
BangladeshBangladesh
Gazipur, Dhaka Division
ASN
AS137884
Gazipur Network System
First Seen
Jan 19, 2025
Last Seen
Apr 15, 2026
Jan 19
First Seen
512d ago
Apr 15
Last Seen
60d ago
8
Reports
source reports
27%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

44 techniques

Network Information

CountryBDBangladesh
RegionGazipur, Dhaka Division
ASNAS137884
OrganizationGazipur Network System

IP Category

Proxy
Proxy server

Feed Intelligence Summary

8 reports27% confidence
8
Source reports
27%
Confidence score
Category tags
active scanactive scanningantispamasiaattackauthentication attemptbangladeshbdbotnetbotnet activitybrute forcebrute force attackcode executioncommand and controlcommand executioncommunication protocolcompromised credentialscowrie activitycowrie attackscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securityddosdecoy systemdefense evasiondenial of servicedionaea honeypotdionaea interactionsdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityexploitation attemptexploitation attemptsheralding activityheralding attack patternheralding projectidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinitial accessinjection activityiot securitylateral movementlog4jmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmanualnetworknetwork intrusion attemptsnetwork probenetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksphishingphishing attackprocess injectionproxypython script activityreconnaissanceremote accessresearchedresource hijackingscannerscanning activitysentrypeer botnetservice scansftp access attemptsftp attacksip brute forcesocial engineeringsoftware exploitationspamssh attackssh monitoringt1018t1021t1021.002t1021.004t1027t1040t1041t1046t1047t1055t1059t1059.004t1059.005t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566t1566.001t1566.002t1566.003t1583t1587.001t1589.002t1590.001t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat intelligencetor nodetpotceunauthorized login attemptsvoipvoip attackweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 15Apr 15

Threat Activity Heatmap

· Peak: 2026-04-15
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
8
Reports
First seenJan 19, 2025
Last seenApr 15, 2026
GeolocationBD
CountryBangladesh
LocationGazipur, Dhaka Division
ASNAS137884
OrgGazipur Network System
Coords23.9984, 90.4223
Proxy

VirusTotal

Not checked

WHOIS

description
2025-06-10T13:47:49.385Z Honeypot : Heralding : Source: 103.116.116.244 : Username/Password: ProxYUSEr/123456789 Port: 1080 Message: 2025-06-10 13:47:49.385983,2347f88a-7555-4a26-a5dc-e339025bbfa5,f9fe7446-ec2f-450c-8c49-80d0cd4ab556,103.116.116.244,41823,99.18.26.19,1080,socks5,ProxYUSEr,123456789,
raw
inetnum: 103.116.116.0 - 103.116.116.255 netname: GNS-BD descr: Gazipur Network System country: BD admin-c: GNSA3-AP tech-c: GNSA3-AP abuse-c: AG1026-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-GNS-BD mnt-irt: IRT-GNS-BD last-modified: 2021-01-13T03:17:14Z source: APNIC irt: IRT-GNS-BD address: Word No. 07, Holding No. 02, Chandra, Kaliakair, Gazipur., Dhaka Gazipur 1750 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: GNSA3-AP tech-c: GNSA3-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-GNS-BD last-modified: 2024-09-18T22:48:10Z source: APNIC role: ABUSE GNSBD country: ZZ address: Word No. 07, Holding No. 02, Chandra, Kaliakair, Gazipur., Dhaka Gazipur 1750 phone: +000000000 e-mail: [email protected] admin-c: GNSA3-AP tech-c: GNSA3-AP nic-hdl: AG1026-AP remarks: Generated from irt object IRT-GNS-BD remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-09-18T22:48:56Z source: APNIC role: Gazipur Network System administrator address: Word No. 07, Holding No. 02, Chandra, Kaliakair, Gazipur., Dhaka Gazipur 1750 country: BD phone: +8801913984188 fax-no: +8801913984188 e-mail: [email protected] admin-c: GNSA3-AP tech-c: GNSA3-AP nic-hdl: GNSA3-AP mnt-by: MAINT-GNS-BD last-modified: 2018-05-29T09:34:46Z source: APNIC route: 103.116.116.0/24 origin: AS137884 descr: Gazipur Network System Word No. 07, Holding No. 02, Chandra, Kaliakair, Gazipur. mnt-by: MAINT-GNS-BD last-modified: 2022-07-18T19:47:58Z country: BD source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports