IOC Radar
IPMediumSignal 69/100

14.225.254.181

Location
VietnamVietnam
Hanoi, Hanoi
ASN
AS135905
VNPT
First Seen
Apr 9, 2026
Last Seen
Apr 25, 2026
Apr 9
First Seen
65d ago
Apr 25
Last Seen
49d ago
7
Reports
source reports
69%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryVNVietnam
RegionHanoi, Hanoi
ASNAS135905
OrganizationVNPT

Feed Intelligence Summary

7 reports69% confidence
7
Source reports
69%
Confidence score
Category tags
active scanactive scanningasiabrute forcebrute force attackerbrute-forcebruteforceexploitation activityexploited hosthackingindicatorinjection activitymysqlnetworkportscanreconnaissanceresearchedscannerscannersservice scansql injectiont1595.001t1595.002t1595.003targeting databasevietnamvultr

Activity Timeline

1 total obs
Apr 25Apr 25

Threat Activity Heatmap

· Peak: 2026-04-25
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
7
Reports
First seenApr 9, 2026
Last seenApr 25, 2026
GeolocationVN
CountryVietnam
LocationHanoi, Hanoi
ASNAS135905
OrgVNPT
Coords16.0020, 105.9984

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MYSQL on Vultr Melbourne (Australia) honeypot
raw
inetnum: 14.224.0.0 - 14.255.255.255 netname: VNPT-VN descr: Vietnam Posts and Telecommunications Group descr: No 57, Huynh Thuc Khang Street, Lang Ha ward, Dong Da district, Ha Noi City country: VN admin-c: PTH13-AP tech-c: PTH13-AP remarks: for admin contact mail to Nguyen Xuan Cuong -->NXC1-AP remarks: for Tech contact mail to Nguyen Hien Khanh --> KNH1-AP status: ALLOCATED PORTABLE mnt-by: MAINT-VN-VNNIC mnt-lower: MAINT-VN-VNPT mnt-routes: MAINT-VN-VNPT last-modified: 2018-01-25T03:55:18Z mnt-irt: IRT-VNNIC-AP source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2026-04-06T06:49:37Z source: APNIC person: Pham Tien Huy address: VNPT-VN country: VN phone: +84-24-37741604 e-mail: [email protected] nic-hdl: PTH13-AP mnt-by: MAINT-VN-VNPT last-modified: 2017-11-19T07:06:20Z source: APNIC route: 14.225.254.0/24 descr: VNPT origin: AS135905 mnt-by: MAINT-VN-VNPT last-modified: 2022-07-29T16:27:19Z source: APNIC
references
https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrmelbournetest-mysql-bruteforce-ip-list-2026-04-16/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 7 threat reports