IPMediumSignal 61/100
210.211.122.97
Location
VietnamHanoi, Hanoi
ASN
AS38731
Viettel - CHT Company Ltd
First Seen
Feb 6, 2026
Last Seen
Jun 12, 2026
Found in 27 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryVietnam
VietnamRegionHanoi, Hanoi
ASNAS38731
OrganizationViettel - CHT Company Ltd
Feed Intelligence Summary
27 reports61% confidence
27
Source reports
61%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningactive-attackadb attacksadbhoney honeypotaggressive-detectionand injection attemptsapacheapache attackerapplication layer protocolaptasiaattackattacker infrastructureattacker ipattacker ip addressesattacker ip: confirmedattacker ip: detectedattacker-ipaustraliaauthentication abuseautomated attackautomated attack attemptsautomated attacksautomated threatautomated-attackbad reputationbad web botblocklist_allblog spambothammerbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute-force-attackbrute_forcebruteforcecanadacisco brute forcecisco devicecisco device attackscisco exploitation attemptscloud infrastructurecloud infrastructure attackcloud servicescloud_infrastructurecode executioncode injectioncode-injectioncommand executioncommunication protocolcompromise attemptcompromised hostscompromised ip addresscompromised systemconnection-resetconpot honeypotcowriecowrie honeypotcredential accesscredential attackcredential attackscredential compromise attemptcredential guessingcredential harvestingcredential stuffingcredential-abusecredential-accesscredential-stuffingcyberattackdaily-threat-feeddata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedenial-of-servicedevice managementdhcpdigital oceandigitalocean environmentdionaeadionaea honeypotelasticsearchenterprise networkingenumerationexploitexploit attemptsexploit probingexploitationexploitation activityexploitation attemptsexploited hostexploitsexternal access attemptsexternal threatfattftpftp attacksftp brute forceftp brute-forcehackinghoneytrap datahoneytrap honeypothttp probinghttp scannerhttp scanninghttp/shttpshttps scanningics securityics/scada attacksidentity & access exploitationimapindustrial control systemsinitial accessinitial access vectorinitial-accessinitial-access-attemptinjection activityinjection attacksinternet facing systemsintrusion detectioniociocsiot attacksiot securityiot targetediot/ics attackip-addressip-addressesipv4ipv4 addressesjapanlamplamp stack targetinglateral movementldaplinux systemslogin attemptmailoney honeypotmalaysiamalicious activitymalicious activity detectedmalicious network activitymalicious payloadmalicious probemalicious softwaremalicious trafficmalicious-activitymalicious-ipmalwaremalware behaviourmalware capturemalware download attemptsmssqlnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusion attemptnetwork intrusion attemptsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork servicesnetwork traffic analysisnetwork-devicesnetwork-reconnaissancenetwork_reconnaissancenetwork_scanningnorth americantpoceaniaopenctioraclep0fpassword attackspassword-guessingperimeter securityphishingphishing attackphishing trapping of deathport-scanport-scanningportscanpostgrespotential vulnerability exploitationprobing and exploitationprocess injectionprotocol exploitationprotocol-probingproxypublicly accessible infrastructureransomwarerealtime-wafreconnaissanceredisredis honeypotremote accessremote access attemptsremote servicesresearchedresource hijackingscanscannerscanner detectionscanner ipsscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetsentrypeer detectionserver exploitationserver securityservice enumerationservice scansftp attacksiemsip attackssip brute forcesip scanningsmbsmb attackssmtpsmtp brute forcesmtp probingsnmpsocial engineeringsocks5socradar honeypotspamsql injectionsql-injectionsshssh attackssh monitoringsystem accesst1018t1021t1021.001t1040t1041t1046t1055t1056t1059t1059.003t1059.004t1059.007t1068t1071.001t1076t1078t1078.001t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1199t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1583t1589t1589.001t1590t1590.002t1590.005t1590.006t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnettelnet threattftpthreat actorthreat detectionthreat intelligencethreat preventionthreat-intelligencethreat_discoverytor nodetpotunauthorized accessunauthorized_access_attemptunited statesunknown threat actorus ip addressvalid accountsvietnamvnvncvoidtrapvoipvoip attackvulnerability scanvulnerability-scanningvultrweb app attackweb application attackweb application attacksweb application scanningweb attackweb attacksweb exploitweb exploitationweb spamweb trafficweb-application-attackweb-serversweb-vulnerability
Activity Timeline
Jun 12Jun 12
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
1
Minimal
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
27
Reports
First seenFeb 6, 2026
Last seenJun 12, 2026
GeolocationVN
CountryVietnam
LocationHanoi, Hanoi
ASNAS38731
OrgViettel - CHT Company Ltd
Coords21.0278, 105.8340
VirusTotal
Not checked
WHOIS
- description
- Score: 79/100 | Detector: threat_feed | Label: reported_abuse | Tags: compromised_host, reported_abuse
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 months ago · Last seen today
Appeared in 27 threat reports