IOC Radar
IPMediumSignal 71/100

31.10.62.92

Location
United StatesUnited States
Luková, 53
ASN
AS42908
Nordictelecomregional
First Seen
Nov 24, 2024
Last Seen
Nov 5, 2025
Nov 24
First Seen
565d ago
Nov 5
Last Seen
219d ago
8
Reports
source reports
71%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryUSUnited States
RegionLuková, 53
ASNAS42908
OrganizationNordictelecomregional

Feed Intelligence Summary

8 reports71% confidence
8
Source reports
71%
Confidence score
Category tags
active scanningadbhoney honeypotantispamattackbotnetbrute forcebrute force attackbrute_forcecisco devicecisco exploitation attemptscommand and controlcommunication protocolcompromised credentialsconpot honeypotcowrie honeypotcredential accesscredential harvestingcredential stuffingczech republicczechiadata exfiltrationdata exfiltration attemptsdatabase securitydecoy systemdenial of servicedevice managementdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploitation attemptexploitation attemptsftpftp brute forceftp_bruteforceheralding attack patternhttp scannerhttp_scanhttps_scanics securityindicatorindustrial control systemsiot/ics attacklateral movementlog4jmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsnetworknetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningnorth americapassword attacksphishingphishing attackphishing trappossible botnet activityprocess injectionprotocol exploitationpython script activityreconnaissanceremote accessresearchedresource hijackingscannerscanning activitysentrypeer botnetsftp access attemptsftp attacksip brute forcesocial engineeringspamssh attackssh monitoringssh_bruteforcet1021t1021.004t1040t1041t1046t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threattelnet_bruteforcethreat actorthreat intelligenceunauthorized access attemptunited statesvoipvoip attackweb application attackweb exploitationweb traffic

Activity Timeline

1 total obs
Nov 5Nov 5

Threat Activity Heatmap

· Peak: 2025-11-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
8
Reports
First seenNov 24, 2024
Last seenNov 5, 2025
GeolocationUS
CountryUnited States
LocationLuková, 53
ASNAS42908
OrgNordictelecomregional
Coords49.9163, 16.7551

VirusTotal

Not checked

WHOIS

description
2025-04-21T02:49:07.291Z Honeypot : Heralding : Source: 31.10.62.92 : Username/Password: AdmIn1431/12345678 Port: 1080 Message: 2025-04-21 02:49:07.291694,b461487b-f519-4721-bca5-a0dbe80a395c,f971d798-c8b5-4e16-acd9-5826617d9f77,31.10.62.92,39272,99.18.26.18,1080,socks5,AdmIn1431,12345678,
raw
inetnum: 31.10.60.0 - 31.10.63.255 netname: CZ-NORDICTELECOMREGIONAL-20110414 country: CZ admin-c: SAC165-RIPE tech-c: STC62-RIPE status: ASSIGNED PA mnt-by: cz-libli-master mnt-by: mnt-nordictelecom created: 2011-04-15T07:16:55Z last-modified: 2024-04-28T18:19:06Z source: RIPE role: Nordic Telecom Regional s.r.o. Admin Contact address: Jihlavsk� 1558/21, 140 00 Prague 4, Czech Republic admin-c: PH8634-RIPE nic-hdl: SAC165-RIPE mnt-by: cz-libli-master mnt-by: mnt-nordictelecom created: 2018-06-19T07:02:28Z last-modified: 2024-04-28T12:06:12Z source: RIPE # Filtered role: Nordic Telecom Regional s.r.o. Tech Contact address: Jihlavsk� 1558/21, 140 00 Prague 4, Czech Republic tech-c: PH8634-RIPE nic-hdl: STC62-RIPE mnt-by: cz-libli-master mnt-by: mnt-nordictelecom created: 2018-06-19T07:00:59Z last-modified: 2024-04-28T11:51:54Z source: RIPE # Filtered route: 31.10.56.0/21 origin: AS42908 mnt-by: mnt-nordictelecom mnt-by: AS5610-MTN created: 2024-12-09T16:35:11Z last-modified: 2025-04-01T10:30:30Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 7 months ago
Appeared in 8 threat reports