IOC Radar
IPMediumSignal 11/100

202.5.60.42

Location
BangladeshBangladesh
Dhaka, F
ASN
AS45326
BBTS-NEW
First Seen
Oct 27, 2024
Last Seen
May 30, 2026
Oct 27
First Seen
595d ago
May 30
Last Seen
15d ago
9
Reports
source reports
11%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
11%
Signal Score
11 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryBDBangladesh
RegionDhaka, F
ASNAS45326
OrganizationBBTS-NEW

IP Category

Proxy
Proxy server

Feed Intelligence Summary

9 reports11% confidence
9
Source reports
11%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotasiaattackattack sourceaustraliaauthentication abuseauthentication attackauthentication attemptsauthentication brute forceauthentication_bypassautomated attackbad reputationbad web botbangladeshbdbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcecisco devicecisco exploitation attemptcommand and controlcommand injectioncommunication protocolcompromised credentialscompromised hostconnected devicesconpot honeypotcowrie activitycowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingcredential-attackdata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase exploitation attemptdatabase securitydatabase-serviceddosdecoy systemdenial of servicedevice managementdionaea activitydionaea honeypotdionaea interactionsdionaea malware analysisdistributed attacksdnsdns attackelasticpot honeypotelasticsearch monitoringenterprise networkingexploitexploitation activityexploitation-attemptexternal threatfailed loginfattftpftp brute forceftp brute-forcehackingheralding attack patternhoneytrap honeypothttp brute forcehttp scannerhttp/sics securityics/scada protocolsidentity & access exploitationindicatorindustrial control systemsindustrial iotinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniociot analyticsiot applicationsiot attacksiot device targetingiot platformsiot securityiot/ics attackipphoney honeypotipv4ipv4 attacksipv4_addresslamplateral movementlinux-serverlogin attackmailoney activitymailoney honeypotmalicious activitymalicious softwaremalicious-activitymalwaremalware behaviourmalware capturenetworknetwork activitynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork-devicenetwork_service_exploitationnorth americaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapport-scanprocess injectionprotocol exploitationproxypython script activityreconnaissanceredis honeypotremote accessremote loginremote serviceremote_accessresearchedresource hijackingscadascannerscanning activityscripting attackssensor-taggedsentrypeer activitysentrypeer botnetservice scansftp access attemptsftp attacksip brute forcesip scanningsmart devicessmtpsmtp brute forcesocial engineeringspamssh attackssh brute-forcessh monitoringt-pott1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.007t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1588.004t1595t1595.001t1595.002t1595.003tannertanner activitytargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunauthorized accessunauthorized loginunited statesvoipvoip attackweb application attackweb application attacksweb attackweb exploitationweb spamweb trafficweb-service

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
11
SIGNAL
Signal Score
11%
Confidence
9
Reports
First seenOct 27, 2024
Last seenMay 30, 2026
GeolocationBD
CountryBangladesh
LocationDhaka, F
ASNAS45326
OrgBBTS-NEW
Coords25.7277, 89.2805
Proxy

VirusTotal

Not checked

WHOIS

description
2025-04-24T00:40:23.259Z Honeypot : Heralding : Source: 202.5.60.42 : Username/Password: ADmIn/000000 Port: 1080 Message: 2025-04-24 00:40:23.259362,287c2ddf-ce12-4bcf-9f31-333ad23b3309,153c17f3-3e84-4df1-9fbc-7261f618cac2,202.5.60.42,41642,99.18.26.18,1080,socks5,ADmIn,000000,
raw
inetnum: 202.5.60.0 - 202.5.60.255 netname: BBTS-BD-BD descr: BBTS New Block country: BD admin-c: AKD19-AP tech-c: AKD19-AP abuse-c: AB903-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-BD-BBTS mnt-irt: IRT-BBTS-BD-BD last-modified: 2021-01-25T13:19:20Z source: APNIC irt: IRT-BBTS-BD-BD address: Ispahani Building, Sk Mujib Road, Agrabad C/A, Chittagong address: Bangladesh e-mail: [email protected] abuse-mailbox: [email protected] admin-c: KM569-AP tech-c: KM569-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-09 remarks: [email protected] was validated on 2025-07-31 mnt-by: MAINT-BD-BBTS last-modified: 2025-07-31T05:57:24Z source: APNIC role: ABUSE BBTSBDBD country: ZZ address: Ispahani Building, Sk Mujib Road, Agrabad C/A, Chittagong address: Bangladesh phone: +000000000 e-mail: [email protected] admin-c: KM569-AP tech-c: KM569-AP nic-hdl: AB903-AP remarks: Generated from irt object IRT-BBTS-BD-BD remarks: [email protected] was validated on 2025-04-09 remarks: [email protected] was validated on 2025-07-31 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-31T05:57:41Z source: APNIC person: Aloy Kumar Das address: BBTS, Ispahani Building, Sk Mujib Road, Agrabad, CTG. country: BD phone: +88031714126 e-mail: [email protected] nic-hdl: AKD19-AP mnt-by: MAINT-BD-BBTS last-modified: 2013-08-19T12:14:07Z source: APNIC route: 202.5.60.0/24 descr: BBTS-NEW-BLOCK origin: AS45326 mnt-lower: MAINT-BD-BBTS mnt-routes: MAINT-BD-BBTS mnt-by: MAINT-BD-BBTS last-modified: 2013-08-19T12:38:16Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 15 days ago
Appeared in 9 threat reports