IPMediumSignal 34/100

`169.255.72.230`

Location

Congo

Brazzaville, 9

ASN

AS327829

Skytic Telecom

First Seen

Jan 8, 2024

Last Seen

Apr 5, 2026

Jan 8

First Seen

887d ago

Apr 5

Last Seen

69d ago

Reports

source reports

34%

Confidence

medium

1/91

VirusTotal

detections

Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

34%

Signal Score

34 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

31 techniques

Network Information

Country

Congo

RegionBrazzaville, 9

ASNAS327829

OrganizationSkytic Telecom

Feed Intelligence Summary

9 reports34% confidence

Source reports

34%

Confidence score

Category tags

abuseactive scanactive scanningattackbad reputationbotnetbotnet activitybrute forcecgcommand and controlcommunication protocolcompromised credentialscongocowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata exfiltration attemptsdata store exposuredatabase securityddosddos attackdecoy systemdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityexploitation attemptexploitation attemptsftpheralding attack patternhttp scannerhttpsidentity & access exploitationindicatorinjection activityinjection attacksiot securitylateral movementmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmalware detectionnetworknetwork intrusion attemptsnetwork scanningnetwork securityphishingphishing attackprocess injectionprotocol exploitationpython script activityreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscanning activitysentrypeer botnetsftp access attemptsftp attackshell access attemptssip brute forcesocial engineeringspamssh attackssh monitoringt1021t1021.001t1040t1041t1046t1055t1059t1059.003t1071.001t1076t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1583t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat intelligencetor nodevoipvoip attackweb spamweb traffic

Activity Timeline

1 total obs

Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreLow Risk

SIGNAL

Signal Score

34%

Confidence

Reports

First seenJan 8, 2024

Last seenApr 5, 2026

GeolocationCG

CountryCongo

LocationBrazzaville, 9

ASNAS327829

OrgSkytic Telecom

Coords-4.1997, 12.6739

VirusTotal

1/ 91vendors flagged

1% detection rateJun 8, 2026

WHOIS

description: 2025-04-29T14:20:23.734Z Honeypot : Heralding : Source: 169.255.72.230 : Username/Password: ADmIn1/killer Port: 1080 Message: 2025-04-29 14:20:23.734874,602536c7-c49d-47f4-9b4b-640458009ed9,836767c5-eee6-4486-9922-e8ec6d558242,169.255.72.230,49891,99.18.26.18,1080,socks5,ADmIn1,killer,
raw: inetnum: 169.255.72.224 - 169.255.72.239 netname: AFRICANEWS descr: AFRICANEWS Block country: CG admin-c: RM28-AFRINIC tech-c: RM28-AFRINIC status: ASSIGNED PA mnt-by: SKYTIC-MNT source: AFRINIC # Filtered parent: 169.255.72.0 - 169.255.75.255 person: Renauldit MAUNE address: Conakry 224 address: GN address: Conakry address: Guinea phone: tel:+224-664-22-25-12 phone: tel:+224-664-22-25-31 nic-hdl: RM28-AFRINIC mnt-by: GENERATED-WMDSMU2SNQ4LSKQRBCZI9BWEN6J8RAFL-MNT source: AFRINIC # Filtered route: 169.255.72.0/24 descr: Skytic Telecom origin: AS327829 mnt-by: SKYTIC-MNT source: AFRINIC # Filtered
references: https://github.com/telekom-security/tpotce

`169.255.72.230`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy