IOC Radar
IPMediumSignal 20/100

203.95.198.202

Location
CambodiaCambodia
Phnom Penh, Phnom Penh
ASN
AS135375
Today Communication Co., Ltd
First Seen
Sep 10, 2024
Last Seen
Mar 28, 2026
Sep 10
First Seen
649d ago
Mar 28
Last Seen
85d ago
6
Reports
source reports
20%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
20%
Signal Score
20 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryKHCambodia
RegionPhnom Penh, Phnom Penh
ASNAS135375
OrganizationToday Communication Co., Ltd

Feed Intelligence Summary

6 reports20% confidence
6
Source reports
20%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotantispamattackbotnetbotnet activitybrute forcecambodiacommand and controlcommunication protocolcompromised credentialscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securitydecoy systemdionaea honeypotdionaea interactionsdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityheralding attack patternidentity & access exploitationindicatorinjection activityiot securitykhlateral movementlog4jmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork intrusion attemptsnetwork scanningnetwork securityphishingphishing attackphishing trapprocess injectionpython script activityreconnaissanceresearchedresource hijackingsentrypeer botnetsftp attacksocial engineeringspamssh attackssh monitoringt1021t1040t1041t1046t1055t1059t1071.001t1078t1110t1110.002t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003targeting databasetelecommunicationsthreat actorthreat intelligencetor nodevoipvoip attack

Activity Timeline

1 total obs
Mar 28Mar 28

Threat Activity Heatmap

· Peak: 2026-03-28
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
20
SIGNAL
Signal Score
20%
Confidence
6
Reports
First seenSep 10, 2024
Last seenMar 28, 2026
GeolocationKH
CountryCambodia
LocationPhnom Penh, Phnom Penh
ASNAS135375
OrgToday Communication Co., Ltd
Coords11.5448, 104.8921

VirusTotal

Not checked

WHOIS

description
2025-04-22T11:50:08.773Z Honeypot : Heralding : Source: 203.95.198.202 : Username/Password: aDMIN2241/12345678 Port: 1080 Message: 2025-04-22 11:50:08.773601,9c236e34-11ad-4e20-bed2-5a5e8a6817e1,010ea0fb-b9df-47b4-bae7-ebf91adddc6b,203.95.198.202,36678,99.18.26.18,1080,socks5,aDMIN2241,12345678,
raw
inetnum: 203.95.198.0 - 203.95.198.255 netname: TCC-AS-AP descr: Today Communication Co.,Ltd country: KH admin-c: TCCL1-AP tech-c: TCCL1-AP abuse-c: AT986-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-TCC-KH mnt-irt: IRT-TCC-KH last-modified: 2021-01-27T13:15:52Z source: APNIC irt: IRT-TCC-KH address: # 64ABC, St. 348, Toul Svay Prey 1, Chamkar Mon, Phnom Penh Phnom Penh 855 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TCCL1-AP tech-c: TCCL1-AP auth: # Filtered remarks: [email protected] is invalid remarks: [email protected] was validated on 2025-01-15 mnt-by: MAINT-TCC-KH last-modified: 2025-01-15T09:25:22Z source: APNIC role: ABUSE TCCKH country: ZZ address: # 64ABC, St. 348, Toul Svay Prey 1, Chamkar Mon, Phnom Penh Phnom Penh 855 phone: +000000000 e-mail: [email protected] admin-c: TCCL1-AP tech-c: TCCL1-AP nic-hdl: AT986-AP remarks: Generated from irt object IRT-TCC-KH remarks: [email protected] is invalid remarks: [email protected] was validated on 2025-01-15 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-01-15T09:25:51Z source: APNIC role: Today Communication Co Ltd address: #64ABC, St. 348, Toul Svay Prey 1, Chamkar Mon, Phnom Penh Phnom Penh 855 country: KH phone: +85578441744 e-mail: [email protected] admin-c: TCCL1-AP tech-c: TCCL1-AP nic-hdl: TCCL1-AP notify: [email protected] mnt-by: MAINT-TCC-KH last-modified: 2017-04-26T03:16:25Z source: APNIC route: 203.95.198.0/24 origin: AS135375 descr: Today Communication Co.,Ltd #64ABC, St. 348, Toul Svay Prey 1, Chamkar Mon mnt-by: MAINT-TCC-KH last-modified: 2020-11-20T02:25:44Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 6 threat reports