IOC Radar
IPMediumSignal 56/100

212.73.148.19

Location
SingaporeSingapore
Singapore, North West
ASN
AS209334
Modat B.V
First Seen
Dec 9, 2025
Last Seen
Jun 22, 2026
Dec 9
First Seen
201d ago
Jun 22
Last Seen
7d ago
17
Reports
source reports
56%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

42 techniques

Network Information

CountrySGSingapore
RegionSingapore, North West
ASNAS209334
OrganizationModat B.V

Feed Intelligence Summary

17 reports56% confidence
17
Source reports
56%
Confidence score
Category tags
abuseaccount compromiseactive reconnaissanceactive scanactive scanningadbhoney honeypotangelaptasiaattackattacker ipaustraliaauthentication attackauthentication attacksauthentication attemptsautomated attacksautomated-attackbad reputationbad web botblacklisted ip addressblacklisted ip addressesblog spambotnetbotnet activitybotnet infectionbrute forcebrute force attackbrute force attackerbrute force attemptbrute force attemptsbrute-forcebrute_force_attackbulgariac2 communicationcisco devicecisco exploitation attemptcisco exploitation attemptscloud environmentcloud infrastructurecloud infrastructure attackcloud servicescloud_infrastructurecommand & controlcommand and controlcommand injectioncommunication protocolcompromised credentialscompromised systemconpot honeypotconsumer goodscowriecowrie honeypotcredential accesscredential attackcredential attackscredential guessingcredential stuffingcredential-stuffingcredentialaccessdata encryptiondata exfiltrationdata store exposuredatabase attacksdatabase brute forcedatabase probingdatabase securityddosddos attackddos attack indicatorsdecoy systemdenial of servicedevice managementdigital oceandigitalocean ipdigitalocean ipsdionaea honeypotdistributed attacksdnsdns attackeducationelasticpot honeypotelasticsearch monitoringencryptionengineeringenterprise networkingenumerationeuropeexploitexploit attemptexploit kit activityexploitation activityexploitation attemptexposed services exploitationexternal scanningexternal-scanningexternal_threatfattfrancefraud voipftpftp brute forceftp_scanhackinghomehoneytrap honeypothttp brute forcehttp scannerhttp scanninghttp_scanhttpsics securityidentity & access exploitationindia educationindicatorindustrial control systemsinitial accessinjection activityinternet-facinginternet-scanninginternet-wide observationinternet-wide scaninternet_wide_scanintrusion detectioniociot securityiot/ics attackipphoney honeypotipv4ipv4 activityipv4 scanningipv4-scanningipv4_activityipv4_scanningjapanlamplamp server probelateral movementlegallinuxlinux-server-attacklogin attacklogin attemptsloginattackmailoney honeypotmalicious activitymalicious infrastructuremalicious softwaremalicious trafficmalicious-login-attemptsmalwaremalware behaviourmalware capturemalware delivery attemptmalware propagationmass-scanningmediamodat-benignnetworknetwork activitynetwork attacksnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service discoverynetwork traffic analysisnetwork-reconnaissancenetwork_discoverynetwork_reconnaissancenetwork_scanningoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trappinkport-scanningportscanpotential malware distributionpre-attackprocess injectionprotocol exploitationprotocol-abusepublic cloud targetingrandomransomwareransomware activityrdp scanningrdp_scanreconnaissancereconnaissance activityremote accessremote servicesresearchresearchedresource hijackingretail traderomaniasansscams & fraudscannerscanner ipscannersscanning activitysecurity operationssensor-taggedsentrypeer botnetservice discoveryservice enumerationservice scansftp attacksftp-attacksgsingaporesip scanningsmtpsmtp brute forcesmtp scanningsocradar honeypotspamsql injectionsql injection attemptssshssh attackssh monitoringssh-brutessh-brute-forcessh_scansynsystem discoveryt-pott1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1068t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1589t1590t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantcp-scanningtelecommunicationstelnet scanningtelnet threattelnet-brute-forcethreat actorthreat detectionthreat intelligencethreat_actor_unknownthreat_discoverytokyotor nodetpotudp scanudp-scanningunattributed activityunauthorized accessunauthorized access attemptunauthorized-access-attemptuserverified-benignvoipvoip attackvulnerability scanvulnerability-scanningvultrvultr cloud infrastructurevultr tokyoweb app attackweb application attackweb application attacksweb attacksweb exploitationweb spamweb trafficweb-application-attack

Activity Timeline

1 total obs
Jun 22Jun 22

Threat Activity Heatmap

· Peak: 2026-06-22
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
17
Reports
First seenDec 9, 2025
Last seenJun 22, 2026
GeolocationSG
CountrySingapore
LocationSingapore, North West
ASNAS209334
OrgModat B.V
Coords1.3521, 103.8200

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 months ago · Last seen 7 days ago
Appeared in 17 threat reports