IOC Radar
IPMediumSignal 100/100

42.96.18.76

Location
VietnamVietnam
Quận Một, Hanoi
ASN
AS131423
Long Van System Solution
First Seen
Feb 21, 2025
Last Seen
May 6, 2026
Feb 21
First Seen
477d ago
May 6
Last Seen
38d ago
20
Reports
source reports
99%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

73 techniques

Network Information

CountryVNVietnam
RegionQuận Một, Hanoi
ASNAS131423
OrganizationLong Van System Solution

Feed Intelligence Summary

20 reports99% confidence
20
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanactive scanninganomalous network connectionsapacheapache attackerasiaasnattackaustraliaauthenticationauthentication abuseauthentication attackauthentication attacksauthentication attemptsauthentication failureauthentication failuresautomated attackautomated brute forcebad web botblock listblock.txtblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcbrute-forcec2c2 communicationc2 serverchina mobilecisco devicecliftoncocos (keeling) islandscolumnscommand and controlcommunication protocolcompany limitedcompromise attemptcompromised hostcompromised hostscompromised systemscowrie honeypotcredential accesscredential harvestingcredential stuffingctadaily_sourcesdata exfiltrationdata exfiltration attemptdata theftddosddos attackdecoy systemdenial of servicedenial-of-service attemptdevice managementdigitalocean vpsdionaea honeypotdistributed attacksenterprise networkingenumerationeuropeexploitexploitationexploitation attemptsexploited hostexternal scanfail2ban alertfail2ban blockedfail2ban triggeredfailed authenticationfailed loginfinlandfrancefraud voipftpftp brute forcegb-based trafficgeographic locationgeoipgermanyhackinghk abusehandlerhoneynet connecthoneytrap honeypothong konghttp brute forcehttp request anomalieshttp scannerhttp scanninghurricane usindicatorinfoinformation technologyinitial accessintrusion detectioniocipv4it infrastructurelamplateral movementlogin attacklogin attemptlogin attemptslogin brute forcelogin failurelogin securitymailmalicious activitymalicious ip activitymalicious payloadmalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware distributionmod securitynetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americanoticeoceaniapassword attackpassword attackspassword crackingpgp signphishingphishing attackping of deathpolandpossible botnet activitypossible malware distributionpotential brute forcepotential ddos reconnaissancepotential intrusionprocess injectionprotocol exploitationreconnaissancereconnaissance activityremote accessremote service exploitationremote servicesresearchedscanscannerscanning activitysecurity operationssftp attacksmb brute forcesmtpsmtp brute forcesmtp scanningsocial engineeringsoftware developmentspamsshssh attackssh brute-force attemptssh monitoringt1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1021.008t1040t1041t1046t1047t1048t1053t1055t1056t1059t1059.001t1059.003t1059.004t1065t1068t1071t1071.001t1071.004t1076t1078t1078.001t1078.002t1078.003t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1199t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1583t1588t1588.002t1588.003t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat actor activitythreat detectionthreat feedthreat intelligencetimeouttop10.txttopips.txtudp scanunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized loginunited kingdomunited statesus abuseus noneutc+1:00viet namvietnamvnvoipvpsvps securityweb application attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
May 6May 6

Threat Activity Heatmap

· Peak: 2026-05-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
20
Reports
First seenFeb 21, 2025
Last seenMay 6, 2026
GeolocationVN
CountryVietnam
LocationQuận Một, Hanoi
ASNAS131423
OrgLong Van System Solution
Coords21.0278, 105.8340

VirusTotal

Not checked

WHOIS

description
timestamp=2025-08-31 01:58:49,633 CC=VN ASN=131423 Branch of Long Van System Solution JSC - Hanoi latitude=16.1667 longitude=107.8333
raw
inetnum: 42.96.16.0 - 42.96.31.255 netname: LVSS-VN descr: Long Van System Solution JSC descr: 76I Pham Viet Chanh, Ward 19, Binh Thanh District, Hochiminh City country: VN admin-c: QDT1-AP tech-c: NHR1-AP status: ALLOCATED PORTABLE mnt-by: MAINT-VN-VNNIC mnt-lower: MAINT-VN-VNNIC mnt-routes: MAINT-VN-VNNIC mnt-irt: IRT-VNNIC-AP abuse-c: QDT1-AP last-modified: 2020-12-04T01:37:31Z source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2017-11-08T09:40:06Z source: APNIC person: Nguyen Huu Ru nic-hdl: NHR1-AP e-mail: [email protected] address: Long Van System Solution JSC address: Long Van Building, 37/2/6 Road 12, Binh An, District 2, HCMC phone: +84-9-37055271 fax-no: +84-9-37055271 country: VN mnt-by: MAINT-VN-VNNIC last-modified: 2014-08-04T02:51:28Z source: APNIC person: Quach Dinh Toan nic-hdl: QDT1-AP e-mail: [email protected] address: Long Van System Solution JSC address: Long Van Building, 37/2/6 Road 12, Binh An, District 2, HCMC phone: +84-8-73039168 fax-no: +84-8-73039168 country: VN mnt-by: MAINT-VN-VNNIC last-modified: 2014-08-04T02:52:08Z source: APNIC route: 42.96.18.0/24 descr: LVSS-VN origin: AS131423 mnt-by: MAINT-VN-VNNIC last-modified: 2023-10-30T09:14:29Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://jamesbrine.com.au/bruteforce-ip-list-2025-08-04/, https://jamesbrine.com.au, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 20 threat reports