IOC Radar
IPMediumSignal 67/100

66.96.195.132

Location
SingaporeSingapore
Singapore, South West
ASN
AS56300
MyRepublic Ltd
First Seen
Aug 27, 2024
Last Seen
Jun 3, 2026
Aug 27
First Seen
655d ago
Jun 3
Last Seen
10d ago
22
Reports
source reports
67%
Confidence
medium
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

64 techniques

Network Information

CountrySGSingapore
RegionSingapore, South West
ASNAS56300
OrganizationMyRepublic Ltd

Feed Intelligence Summary

22 reports67% confidence
22
Source reports
67%
Confidence score
Category tags
abuseaccess controlaccount compromiseack scanactive scanactive scanningapacheapache attackeraptasiaatif feedattackaustraliaauthenticationauthentication abuseauto-generated securitybad reputationbanlist feedbanner grabbing attemptbinary defenseblacklist candidateblacklist ipblocklist ipbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptsbrute-forcebruteforcec2cisco devicecisco exploitationcisco exploitation attemptcisco exploitation attemptscitrix exploitation attemptcitrix securitycloud infrastructurecloud infrastructure attackcloud servicescloud-infrastructurecommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostconnect scanconnected devicesconpot honeypotcowriecowrie activitycowrie emulationcowrie honeypotcowrie loginscredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata source discoverydata store exposuredatabase attackdatabase securityddosddos attackddos attacksddos probedecoy systemdenial of servicedevice managementdictionary attackdigital oceandionaeadionaea activitydionaea capturedionaea honeypotdistributed attacksencryptionenterprise networkingenterprise securityenumerationeuropeexploitexploit attemptexploit public-facing applicationexploit scanexploitation activityexploitation attemptexploitation attemptsexploited hostexternal-threatfailed login attemptsfattfinfin scanfinlandfranceftpftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerics securityidentity & access exploitationindicatorindustrial control systemsindustrial iotinfected systeminfrastructure acquisitionreconnaissanceinitial accessinjection activityinjection attacksinternet of thingsintrusion attemptintrusion detectioniociot analyticsiot applicationsiot botnetiot platformsiot securityiot/ics attackipv4ipv4-addresseslamplamp exploit attemptslamp exploitationlamp exploitation attemptslamp stack attackslateral movementlinuxlogin attemptmailoney activitymailoney honeypotmalicious activitymalicious communicationmalicious ipmalicious payload attemptsmalicious softwaremalicious software detectionmalwaremalware behaviourmalware capturemalware deliverymanualmass scanning activitymiraimirai botnetmssqlnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork mappingnetwork port scanningnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork-reconnaissancenorth americanull scanoceaniaopen port detectionos credential dumpingp0fparispassword attackpassword attacksphishingphishing attackphishing trapping of deathpolandpoland originport-scanningportscanpotential botnet activitypotential credential theftprocess injectionprotocol exploitationransomwarereconnaissanceredis honeypotremote accessremote servicesresearchedresource hijackingrtbhscanscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetservice enumerationservice scansftp access attemptsftp activitysftp attacksftp attackssftp attemptsftp attemptssftp exploitationsgsingaporesip attackssip brute forcesip scanningsmart devicessmbsmb attackssmtpsmtp brute forcesmtp probingsocial engineeringsql injectionsql serverssh attackssh attacksssh monitoringstealth scansynsyn scansystem accesst-pott1016t1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1053.005t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1078.001t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1550.003t1555t1562t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1588t1588.002t1589t1590t1590.001t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat feedthreat intelligencethreat preventiontor nodetpotudp port scanudp scanunauthorized access attemptunited statesunknown threat actorvalid accountsvnc protocolvoipvoip attackvulnerability scanvulnerability-exploitationvultrvultr hostingvultr parisweb app attackweb application attackweb attackweb exploitweb exploitationweb serverweb server attacksweb trafficxmasxmas scan

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
22
Reports
First seenAug 27, 2024
Last seenJun 3, 2026
GeolocationSG
CountrySingapore
LocationSingapore, South West
ASNAS56300
OrgMyRepublic Ltd
Coords1.3289, 103.7400

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MSSQL on DigitalOcean Toronto (CA) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 10 days ago
Appeared in 22 threat reports