IPMediumSignal 100/100

`219.92.93.58`

Location

Malaysia

Sungai Buloh, 14

ASN

AS4788

TMnet

First Seen

Feb 24, 2025

Last Seen

Mar 20, 2026

Feb 24

First Seen

474d ago

Mar 20

Last Seen

85d ago

Reports

source reports

99%

Confidence

medium

1/91

VirusTotal

detections

Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

33 techniques

Network Information

Country

Malaysia

RegionSungai Buloh, 14

ASNAS4788

OrganizationTMnet

Feed Intelligence Summary

17 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseaccess controlactive scanningasiaattackauthentication attackauthentication attacksauthentication failurebotnetbrute forcebrute force attackbrute-forccommand and controlcompromised credentialscowrie honeypotcredential accesscredential stuffingctadata exfiltrationdecoy systemdistributed attackseuropeexploitfail2ban alertfail2ban blockedfail2ban triggerfailed login attemptsftp brute forcegb_originhttp brute forceindicatorinfoinitial accesslateral movementlogin attacklogin attemptslogin failedlogin failuremalaysiamalicious activitymalicious softwaremalwaremynetworknetwork intrusionnetwork scanningnoticepassword attackspotential exploitprocess injectionreconnaissanceremote access attemptsresearchedresource developmentscannerscanning activitysecurity operationssecurity policysftp attackssh attackssh monitoringt1005t1018t1021t1021.001t1021.004t1041t1046t1055t1059t1059.004t1068t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1195.002t1203t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003threat actorthreat intelligencethreat preventiontpotceunauthorized accessunited kingdomvulnerability

Activity Timeline

1 total obs

Mar 20Mar 20

Threat Activity Heatmap

· Peak: 2026-03-20

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenFeb 24, 2025

Last seenMar 20, 2026

GeolocationMY

CountryMalaysia

LocationSungai Buloh, 14

ASNAS4788

OrgTMnet

Coords3.1833, 101.6697

VirusTotal

1/ 91vendors flagged

1% detection rateJun 8, 2026

WHOIS

description: 2025-04-19T02:15:53.876Z Honeypot : Cowrie : Source: 219.92.93.58 Data: CMD: top
raw: inetnum: 219.92.0.0 - 219.92.255.255 netname: INFRA-TMNET descr: TMNET country: MY admin-c: TA35-AP tech-c: TA35-AP abuse-c: AM2355-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-MY-WEBE mnt-irt: IRT-MY-WEBE last-modified: 2023-06-30T00:02:40Z source: APNIC irt: IRT-MY-WEBE address: Menara TM, Jalan Pantai Baharu, address: 59100 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur address: Malaysia phone: +601110001000 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ICO1-AP tech-c: ICO1-AP auth: # Filtered remarks: TM AS4788 had recently installed RPKI validator and will be dropping the ????????????Invalid???????????? route by November 2023. Please update your ROA accordingly. remarks: [email protected] was validated on 2025-05-28 mnt-by: MAINT-MY-WEBE last-modified: 2025-05-28T14:49:19Z source: APNIC role: ABUSE MYWEBE country: ZZ address: Menara TM, Jalan Pantai Baharu, address: 59100 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur address: Malaysia phone: +601110001000 e-mail: [email protected] admin-c: ICO1-AP tech-c: ICO1-AP nic-hdl: AM2355-AP remarks: Generated from irt object IRT-MY-WEBE remarks: [email protected] was validated on 2025-05-28 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-28T14:49:31Z source: APNIC role: TMNET IP Administrators address: Telekom Malaysia address: Jalan Pantai Baru, Kuala Lumpur. country: MY phone: +6-1800-88-2646 phone: +603-22466646 fax-no: +603-22402126 remarks: [email protected] [for DNS related] remarks: [email protected] [for abuse case related] remarks: [email protected] [for routing related] e-mail: [email protected] admin-c: AS115-AP tech-c: SM135-AP nic-hdl: TA35-AP mnt-by: TM-NET-AP last-modified: 2019-03-26T14:05:26Z source: APNIC route: 219.92.0.0/17 descr: TMnet route object origin: AS4788 mnt-by: MAINT-MY-WEBE last-modified: 2023-07-01T06:29:53Z source: APNIC
references: https://github.com/telekom-security/tpotce, https://redpiranha.net

`219.92.93.58`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy