IPMediumSignal 86/100

`45.82.78.105`

Location

Singapore

Singapore, Unknown

ASN

AS212512

Detai Prosperous Technologies Limited

First Seen

Mar 19, 2025

Last Seen

Jun 22, 2026

Mar 19

First Seen

461d ago

Jun 22

Last Seen

2d ago

Reports

source reports

86%

Confidence

medium

Found in 32 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

86%

Signal Score

86 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

83 techniques

Network Information

Country

Singapore

RegionSingapore, Unknown

ASNAS212512

OrganizationDetai Prosperous Technologies Limited

IP Category

⟲

Proxy

Proxy server

⊕

VPN

VPN exit node

Feed Intelligence Summary

32 reports86% confidence

Source reports

86%

Confidence score

Category tags

abuseaccount compromiseactive scanactive scanningadbadb brute forceadb exploitationadb protocoladb_attackadbhoney activityadbhoney honeypotadbhoney interactionsallandroidandroid devicesapacheapi servicesaptasiaattackattacker ipattacker ipsattacker-ipattempted attackaustraliaauthenticationauthentication abuseauthentication attackauthentication brute forceauthentication_bypassauthentication_failuresautomated attackautomated attack campaignsautomated attacksautomated threatautomated-attackautomated_attacksautomated_threatbad reputationbad web botblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute_forcebrute_force_attackbruteforcec2 communicationcanadacisco asacisco asa targetingcisco asa targetscisco attackscisco brute forcecisco devicecisco device attackcisco device scanningcisco device targetingcisco exploit attemptcisco exploit attemptscisco exploitationcisco exploitation attemptcisco exploitation attemptscisco exploitscisco systemscisco_devicesclasscloud infrastructurecloud infrastructure attackcloud servicescode executioncommand & controlcommand and controlcommand executioncommand injectioncommunication protocolcompromised credentialscompromised credentials attemptcompromised hostcompromised host activitycompromised hostscompromised system detectionconnected devicesconpot activityconpot honeypotconpot interactionscontent deliverycountcountrycowriecowrie activitycowrie attackcowrie attackscowrie capturecowrie datacowrie emulationcowrie honeypotcowrie honeypot detectioncowrie interactionscowrie logscowrie ssh activitycowrie ssh attackcowrie ssh attackscowrie ssh honeypotcredential accesscredential attackcredential attackscredential brute forcecredential brute forcingcredential guessingcredential harvestingcredential stuffingcredential theftcredential-harvestingcredential-stuffingcredential_accesscredential_access_attemptscredential_attackcredential_guessingcredential_stuffingcurlcvedata encryptiondata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase brute forcedatabase login attemptdatabase probingdatabase securitydatabase serverdcerpcddosddos attackddos attacksddos reflectiondecoy systemdenial of servicedevice managementdictionary attackdictionary_attackdigital oceandigitalocean ipsdionaeadionaea activitydionaea attackdionaea attacksdionaea capturedionaea honeypotdionaea interactionsdionaea logsdionaea malware collectiondionaea malware detectiondionaea payloadsdistributed attackdistributed attacksdnsdns attackdropperdropper activityelasticpot honeypotelasticsearch monitoringencryptionenterprise networkingentropyenv-huntingeuropeeventsexploitexploit activityexploit attemptexploit attemptsexploit probingexploit public-facing applicationexploit targetingexploitationexploitation activityexploitation attemptexploited hostexternal access attemptsexternal threatfailed loginfattfatt analysisfatt detectionsfatt signaturesfieldfinlandfrancefraud voipftpftp attacksftp brute forceftp brute-forceftp protocolgalahgermanyhackingheralding activityheralding attemptsheralding protocol activityhoneynet connecthoneytrap activityhoneytrap eventshoneytrap honeypothoneytrap interactionshong konghttphttp brute forcehttp exploitationhttp probinghttp scannerhttp scanninghttp/httpshttp/shttpsicmpics securityidentity & access exploitationimapimap attackindicatorindustrial control systemsindustrial iotinformation technologyinitial accessinitial access attemptsinjection activityinjection attacksinternet facinginternet facing assetinternet of thingsinternet scaninternet-facinginternet-wide scanintrusion detectioniocioc.ipiot analyticsiot applicationsiot botnetiot deviceiot device targetingiot exploit attemptsiot exploitationiot platformsiot securityiot targetediot/ics attackipphoney honeypotipv4ipv4 attacksipv4_addressit infrastructurejapankill-chain exploitationkill-chain reconnaissanceknown malicious iplamplamp attacklamp attackslamp exploitlamp exploit attemptlamp exploit attemptslamp exploitationlamp exploitation attemptlamp exploitation attemptslamp server attacklamp server targetinglamp stacklamp stack attackslamp stack exploitationlamp stack targetedlamp stack targetinglamp vulnerability scanlateral movementlcialinuxlinux malwarelinux serverlinux serverslinux systemlinux systemslinux targetslinux-server-attacklinux_serversloginlogin attacklogin attemptlogin attemptslogin failurelondonlow-riskmailmailoney activitymailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious activity detectedmalicious emailmalicious ipmalicious ip activitymalicious loginmalicious network activitymalicious payloadmalicious payload attemptsmalicious payload detectionmalicious script executionmalicious sftpmalicious sftp activitymalicious softwaremalicious software detectionmalicious ssh activitymalicious trafficmalicious-login-attemptsmalicious_activitymalwaremalware analysismalware behaviourmalware capturemalware deliverymalware delivery attemptmalware detectionmalware distributionmalware downloadmalware download attemptsmalware droppermalware propagationmirai botnetmobilemobile securitymobile threatmod securitymonthlymssqlmssql brute forcemysql brute forcenetworknetwork activitynetwork attacksnetwork devicenetwork device attacksnetwork device probingnetwork devicesnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork port scanningnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork servicesnetwork_probingnetwork_reconnaissancenetwork_service_exploitationnetworkscanningnginxnorth americaoceaniaopen proxyopportunistic attackopportunistic attackeros command injectionosintp0fp0f os fingerprintingp0f passive fingerprintingp0f signaturesparispassword attackpassword attackspassword crackingpassword_attackpassword_guessingpathperimeter devicesphishingphishing attackphishing trapphp injection attemptspolandport-scanningportscanpossible botnet activitypossible credential reusepossible exploit attemptpossible malware activitypossible malware deploymentpossible malware distributionpossible malware dropperpossible malware propagationpotential botnet activitypotential compromisepotential credential compromisepotential credential theftpotential exploitpotential exploit activitypotential intrusionpotential malicious activitypotential malwarepotential malware activitypotential malware deliverypotential malware distributionprocess injectionprotocol abuseprotocol exploitationprotocol-abuseproxyproxy accessransomwarercerdp protocolreconnaissanceredisredis exploitationredis exploitation attemptsredis honeypotremote accessremote access abuseremote access attacksremote access attemptsremote servicesremote_accessresearchresearchedresource developmentresource hijackingrobotscams & fraudscannerscanner activityscannersscanning activityscorescripting attackssecurity operationssensor-taggedsentrypeer activitysentrypeer attacksentrypeer botnetsentrypeer detectionsentrypeer eventssentrypeer interactionssentrypeer targetingserver exploitationserviceservice attackservice enumerationservice scanservice scanningservice_enumerationseveresftp access attemptsftp access attemptssftp activitysftp attacksftp attackssftp attemptsftp attemptssftp exploitationsftp exploitation attemptsftp protocolsftp-attacksftp_attacksgshell accesssingaporesip attackssip brute forcesip scanningsippsmart devicessmb brute forcesmb exploitationsmtpsmtp attackersmtp attackssmtp brute forcesmtp probingsmtp scanningsocial engineeringsocradarsocradar honeypotsoftware developmentsoftware exploitationspamsql injectionsql injection attemptsql injection attemptssshssh attackssh attacksssh brute-forcessh monitoringssh protocolssh-brutessh-brute-forcessh_attacksuricata alertsuricata alertssynt-pott1005t1016t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1041t1046t1053t1053.005t1055t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1064t1068t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.004t1082t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1202t1203t1204.002t1486t1496t1497t1497.001t1499.001t1499.002t1499.003t1505.002t1505.004t1550t1550.002t1550.003t1555t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1583t1588t1588.004t1589t1590t1590.003t1590.005t1590.006t1592t1592.002t1595t1595.001t1595.002t1595.003tannertanner activitytanner eventstanner interactionstargeting databasetcptcp protocoltcp scantcp scanningtelecommunicationstelnet attemptstelnet threattelnet-brute-forcethreat actorthreat detectionthreat intelligencetor nodetpottpotcetypeudp scanunattributed threat activityunattributed threat actorunauthenticated accessunauthenticated access attemptsunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized loginunauthorized login attemptunauthorized-access-attemptunited kingdomunited statesunix targetsunknown threat actorvalid accountsvaluevnc protocolvoipvoip attackvpnvpn ipvulnerability scanvultrvultr ip addressweb apisweb app attackweb applicationweb application attackweb application attacksweb application scanningweb applicationsweb attackweb attacksweb developmentweb exploit attemptweb exploitationweb exploitsweb hostingweb infrastructureweb login attemptweb scannerweb serverweb service scanningweb servicesweb shellweb shell uploadweb shell uploadsweb spamweb technologiesweb trafficweb-application-attackweb_attackswgetwindows malware

Activity Timeline

1 total obs

Jun 22Jun 22

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

86%

Confidence

Reports

First seenMar 19, 2025

Last seenJun 22, 2026

GeolocationSG

CountrySingapore

LocationSingapore, Unknown

ASNAS212512

OrgDetai Prosperous Technologies Limited

Coords1.3521, 103.8200

ProxyVPN

VirusTotal

Not checked

WHOIS

description: IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 1 year ago · Last seen 2 days ago

Appeared in 32 threat reports