IOC Radar
IPMediumSignal 73/100

103.226.248.206

Location
VietnamVietnam
Vinhomes Royal City, Hanoi
ASN
AS135905
Global Data Joint Stock Company
First Seen
Dec 25, 2024
Last Seen
Jun 6, 2026
Dec 25
First Seen
536d ago
Jun 6
Last Seen
8d ago
30
Reports
source reports
73%
Confidence
medium
Found in 30 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryVNVietnam
RegionVinhomes Royal City, Hanoi
ASNAS135905
OrganizationGlobal Data Joint Stock Company

IP Category

Proxy
Proxy server

Feed Intelligence Summary

30 reports73% confidence
30
Source reports
73%
Confidence score
Category tags
abuseaccessaccess controlactive scanactive scanningactoradbhoney honeypotantispamaptasiaatif feedattackauto-generated securitybad reputationbad web botbankingbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attemptc2 stagingciscocisco devicecisco device scanningcommand and controlcommand executioncommunication protocolcompromised hostcontagiousinterviewcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicescrypto currencycryptocurrencyctadata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attacksdecoy systemdenial of servicedevice managementdhcpdionaeadionaea honeypotdistributed attacksdprk unc5342elasticsearchemailencryptionenterprise networkingexfiltrationexploitation activityfinancefinancial servicesfinancial technologyftpftp brute forcegroupshackingidentity & access exploitationimapindexinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklateral movementldaplog4jloginmailoney honeypotmalicious activitymalicious network activitymalicious softwaremalwaremalware behaviourmalware capturemanualmirai botnetmssqlnation-state activitynetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork monitoringnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnovel malwarentporacleosintpassword attackspayment processingphishingphishing attackphishing trapprocess injectionprotocol exploitationprotocol scanproxyransomwarereconnaissanceremote accessremote servicesresearchedscanscannerscanning activityscriptsecurity policyserver exploitationservice scansftpsftp attackslugsocial engineeringsocks5socradarsocradar honeypotspamsql injectionsshssh attackssh monitoringsurface webt1021t1021.001t1021.002t1040t1041t1046t1055t1056.001t1059.001t1059.003t1059.004t1059.005t1071t1071.001t1077t1078t1078.001t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1505.004t1565t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1590.001t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelnet threatthreat actorthreat intelligencethreat preventiontor nodeuk egressunc5342viet namvietnamvnvnc protocolvulnerability scanwealth managementweb application attackweb exploitationweb scanner

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
30
Reports
First seenDec 25, 2024
Last seenJun 6, 2026
GeolocationVN
CountryVietnam
LocationVinhomes Royal City, Hanoi
ASNAS135905
OrgGlobal Data Joint Stock Company
Coords21.0009, 105.8220
Proxy

VirusTotal

Not checked

WHOIS

description
CC=VN ASN=AS135905 vietnam posts and telecommunications group
raw
inetnum: 103.226.248.0 - 103.226.251.255 netname: GDATA-VN descr: Global Data Joint Stock Company descr: No. 17, 9 Vuong Thua Vu, Khuong Mai, Thanh Xuan, Hanoi admin-c: NVT16-AP tech-c: NMH13-AP remarks: send spam and abuse report to [email protected] country: VN mnt-by: MAINT-VN-VNNIC mnt-lower: MAINT-VN-VNNIC mnt-irt: IRT-VNNIC-AP status: ALLOCATED PORTABLE last-modified: 2014-03-05T09:43:35Z source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2017-11-08T09:40:06Z source: APNIC person: Ngo Manh Ha nic-hdl: NMH13-AP e-mail: [email protected] address: Global Data Joint Stock Company address: No. 17, 9 Vuong Thua Vu, Khuong Mai, Thanh Xuan, Hanoi phone: +84-9-15493329 fax-no: +84-24-66549186 country: VN mnt-by: MAINT-VN-VNNIC last-modified: 2017-11-12T09:24:02Z source: APNIC person: Nguyen Van Tuan nic-hdl: NVT16-AP e-mail: [email protected] address: Global Data Joint Stock Company phone: +84-9-04692968 country: VN mnt-by: MAINT-VN-VNNIC last-modified: 2017-11-12T09:24:19Z source: APNIC
references
https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt, 464.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 8 days ago
Appeared in 30 threat reports