IOC Radar
IPMediumSignal 29/100

222.255.149.93

Location
VietnamVietnam
Hanoi, Hanoi
ASN
AS45899
VietNam Data Communication Company
First Seen
Jan 22, 2024
Last Seen
Mar 24, 2026
Jan 22
First Seen
872d ago
Mar 24
Last Seen
81d ago
9
Reports
source reports
29%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryVNVietnam
RegionHanoi, Hanoi
ASNAS45899
OrganizationVietNam Data Communication Company

Feed Intelligence Summary

9 reports29% confidence
9
Source reports
29%
Confidence score
Category tags
active scanningadbhoney honeypotasiaattackbotnetbrute forcebrute force attackbrute force attackscisco devicecommand and controlcommunication protocolcompromised credentialsconpot honeypotcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdatabase attacksdatabase exploitation attemptdatabase securitydecoy systemdevice managementdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploitation attemptexploitation attemptsftpftp brute forceftp brute-forceheralding attack patternhoneytrap honeypothttp scannerhttpsics securityindicatorindustrial control systemsinitial accessinjection attacksiot attacksiot device targetingiot/ics attackipphoney honeypotlamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmalware detectionnetworknetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpython script activityreconnaissanceredis honeypotremote accessremote servicesresearchedresource hijackingscannerscanning activityscripting attackssentrypeer botnetsftp access attemptsftp attackshell access attemptssip brute forcesip scanningsocial engineeringspamssh attackssh brute-forcessh monitoringt1021t1021.001t1040t1041t1046t1055t1059t1059.003t1059.007t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threatthreat actorthreat detectionthreat intelligenceviet namvietnamvoipvoip attackweb application attacksweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Mar 24Mar 24

Threat Activity Heatmap

· Peak: 2026-03-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
9
Reports
First seenJan 22, 2024
Last seenMar 24, 2026
GeolocationVN
CountryVietnam
LocationHanoi, Hanoi
ASNAS45899
OrgVietNam Data Communication Company
Coords16.0020, 105.9984

VirusTotal

Not checked

WHOIS

description
2025-04-29T20:07:50.320Z Honeypot : Heralding : Source: 222.255.149.93 : Username/Password: aDMIN1/5201314 Port: 1080 Message: 2025-04-29 20:07:50.320421,ed533361-630d-4120-ab70-dd8881bb2f30,eed7f46d-25fd-49d9-84e5-640fb906e754,222.255.149.93,37748,99.18.26.19,1080,socks5,aDMIN1,5201314,
raw
inetnum: 222.255.74.0 - 222.255.223.255 netname: VDC-NET country: vn descr: VietNam Data Communication Company admin-c: VIG1-AP tech-c: VIG1-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-VN-VNPT last-modified: 2009-03-25T03:50:09Z source: APNIC role: VDC IPADMIN GROUP address: Internet Building, Block II, Thang Long Inter Village country: VN phone: +84-437877777 e-mail: [email protected] remarks: send spam reports to [email protected] admin-c: THMH1-AP tech-c: THMH1-AP nic-hdl: VIG1-AP mnt-by: MAINT-VN-VNPT fax-no: +84-4 37876600 last-modified: 2019-06-25T02:07:13Z source: APNIC route: 222.255.149.0/24 descr: VNPT origin: AS45899 mnt-by: MAINT-VN-VNPT last-modified: 2022-07-29T17:43:08Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 9 threat reports