IPMediumSignal 71/100

`41.193.59.222`

Location

South Africa

Pretoria, WC

ASN

AS11845

Vox Telecom (Pty) Ltd

First Seen

Jun 20, 2024

Last Seen

Feb 22, 2026

Jun 20

First Seen

724d ago

Feb 22

Last Seen

112d ago

Reports

source reports

71%

Confidence

medium

Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

71%

Signal Score

71 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

44 techniques

Network Information

Country

South Africa

RegionPretoria, WC

ASNAS11845

OrganizationVox Telecom (Pty) Ltd

Feed Intelligence Summary

10 reports71% confidence

Source reports

71%

Confidence score

Category tags

abuseaccess controlactive scanningadbhoney attacksadbhoney honeypotafricaantispamattackaustraliaauthentication attemptbotnetbrute forcebrute force attackbrute force attacksbrute force attemptcisco devicecommand and controlcommunication protocolcompromised credentialsconpot honeypotcowrie activitycowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdatabase attacksdatabase exploitation attemptdatabase securityddosdecoy systemdevice managementdionaea honeypotdionaea malware analysisdionaea malware collectiondistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploit attemptsfattftpftp brute forceftp brute-forceheralding activityheralding attack patternheralding projecthoneytrap honeypothttp scannerics securityindicatorindustrial control systemsinitial accessiot attacksiot device targetingiot/ics attackipphoney honeypotipv4lamplateral movementlog4jlogin attackmailoney email attacksmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork probenetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpython script activityreconnaissanceredis honeypotremote accessremote servicesresearchedresource hijackingscannerscanning activityscripting attackssecurity policysensor-taggedsentrypeer botnetserver exploitationsftp attacksip brute forcesip scanningsocial engineeringsouth africaspamsql injectionssh attackssh brute-forcessh monitoringt1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1047t1055t1059t1059.003t1059.004t1059.007t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1190t1195.001t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1565t1566.001t1566.002t1566.003t1566.004t1583.001t1588.004t1589.002t1595t1595.001t1595.002t1595.003tannertanner web attackstelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontpotunauthorized loginunauthorized login attemptsvnc protocolvoipvoip attackweb application attacksweb attackweb exploitationweb spamweb trafficza

Activity Timeline

1 total obs

Feb 22Feb 22

Threat Activity Heatmap

· Peak: 2026-02-22

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreHigh Risk

SIGNAL

Signal Score

71%

Confidence

Reports

First seenJun 20, 2024

Last seenFeb 22, 2026

GeolocationZA

CountrySouth Africa

LocationPretoria, WC

ASNAS11845

OrgVox Telecom (Pty) Ltd

Coords-34.0486, 18.4811

VirusTotal

Not checked

WHOIS

description: 2025-06-10T06:30:46.981Z Honeypot : Heralding : Source: 41.193.59.222 : Username/Password: proXYusER/123456789 Port: 1080 Message: 2025-06-10 06:30:46.981189,bc1357f3-2f49-40b1-bf82-39c8c5f1846d,d0f326b1-496c-4374-8424-0f5e5ee5d89c,41.193.59.222,33827,99.18.26.18,1080,socks5,proXYusER,123456789,
raw: inetnum: 41.193.56.0 - 41.193.63.255 netname: Vox-Telecom descr: Fishbone DSL Channel Bonded Solution country: ZA admin-c: NOCH1-AFRINIC tech-c: NOCH1-AFRINIC status: ASSIGNED PA mnt-by: DATAPRO-MNT source: AFRINIC # Filtered parent: 41.193.0.0 - 41.193.255.255 person: NOC Hostmaster nic-hdl: NOCH1-AFRINIC address: Vox Telecom (Pty) Ltd address: Block B, Rutherford Estate address: 1 Scott Street, address: Waverley, address: JHB address: Gauteng address: Johannesburg 2090 address: South Africa phone: tel:+27-11-809-1500 mnt-by: GENERATED-2TOYAFCRNLGMDNLMYSI29OEYMP1PWTB8-MNT source: AFRINIC # Filtered route: 41.193.0.0/18 descr: Vox Telecommunications PTY Ltd origin: AS11845 mnt-by: VOXTELECOM-MNT source: AFRINIC # Filtered
references: https://github.com/telekom-security/tpotce

`41.193.59.222`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy