IPMediumSignal 49/100
203.171.29.193
Location
VietnamHanoi, Hanoi
ASN
AS45903
CMC Telecom Infrastructure Company
First Seen
Sep 4, 2025
Last Seen
Jun 22, 2026
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
49%
Signal Score
49 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryVietnam
VietnamRegionHanoi, Hanoi
ASNAS45903
OrganizationCMC Telecom Infrastructure Company
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
17 reports49% confidence
17
Source reports
49%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningaptasiaattackattack source: gbaustraliaauthenticationauthentication abuseauthentication attemptsauthentication brute forceauthentication failureautomated attackbad reputationbad web botblacklisted ipblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcebrute_forcebruteforcec2cloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostcompromised systemcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedetected botnet activitydigital oceandionaeadionaea honeypotdistributed attacksenumerationeuropeexploitexploit attemptsexploitation activityexploitation attemptexploited hostexport-to-otxfail2ban alertsfail2ban triggerfail2ban triggeredfail2ban_eventfailed authenticationfailed loginfailed login attemptsfattfinlandfrancefraud ordersfraud voipftpftp brute forceftp brute-forceftp_brute_forcegermanyhackinghoneynet connecthoneypot 24h activityhoneytrap honeypothttp brute forcehttp scannerhttpsidentity & access exploitationinbound scanindiaindicatorinjection activityinjection attacksintrusion detectioniot securityiot targetedipv4lateral movementlogin attacklogin attackslogin attemptlogin attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemispnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork intrustionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork_reconnaissancenorth americaoceaniaopen proxyp0fpassword attackpassword attackspassword_attackphishingphishing attackphishing trapping of deathpolandportscanprocess injectionprotocol exploitationproxypublicly accessible infrastructureransomwarerdp bruteforcereconnaissanceremote accessremote servicesresearchresearchedresource hijackingscams & fraudscanscannerscannersscanning activitysecurity operationssecurity policysensor-taggedsentrypeer botnetservice exploitation attemptservice scansipsip scanningsmb brute forcesmtpsmtp brute forcesocial engineeringsocradar honeypotspamsshssh attackssh bruteforcessh monitoringssh scanningssh-brutessh_brute_forcesystem accesst1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1588t1588.004t1589t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp port scanudp scanunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized login attemptsunited kingdomunited statesvietnamvnvnc bruteforcevoipvoip attackvpnvpn ipvulnerability scanvultrweb app attackweb application attackweb exploitweb exploitationweb spamweb traffic
Activity Timeline
Jun 22Jun 22
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
1
Minimal
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
49
SIGNAL
Signal Score
49%
Confidence
17
Reports
First seenSep 4, 2025
Last seenJun 22, 2026
GeolocationVN
CountryVietnam
LocationHanoi, Hanoi
ASNAS45903
OrgCMC Telecom Infrastructure Company
Coords21.0278, 105.8340
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected attempting to brute force SSH on Vultr Melbourne (Australia) honeypot
- raw
- inetnum: 203.171.16.0 - 203.171.31.255 netname: CMCTELECOM-VN country: VN descr: CMC Telecom Infrastructure Company descr: CMC Tower,Duy Tan, Dich Vong Hau, Cau Giay, Ha Noi admin-c: HVA2-AP tech-c: NVH31-AP status: ALLOCATED PORTABLE mnt-by: MAINT-VN-VNNIC mnt-irt: IRT-VNNIC-AP last-modified: 2023-08-31T05:01:31Z source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2025-09-04T05:18:22Z source: APNIC person: Hoang Viet Anh address: CMCTELECOM-VN country: VN phone: +84-366235766 e-mail: [email protected] nic-hdl: HVA2-AP mnt-by: MAINT-VN-VNNIC last-modified: 2023-08-31T04:22:33Z source: APNIC person: Nguyen Van Hieu address: CMCTELECOM-VN country: VN phone: +84-968189689 e-mail: [email protected] nic-hdl: NVH31-AP mnt-by: MAINT-VN-VNNIC last-modified: 2022-08-28T04:27:35Z source: APNIC route: 203.171.29.0/24 descr: CMCTELECOM-VN origin: AS45903 mnt-by: MAINT-VN-VNNIC last-modified: 2022-09-16T17:40:42Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 9 months ago · Last seen today
Appeared in 17 threat reports