IPMediumSignal 100/100
79.22.56.219
Location
ItalyBologna, Emilia-Romagna
ASN
AS3269
NAS DHCP Pool ROMA
First Seen
Jan 17, 2025
Last Seen
Feb 24, 2026
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryItaly
ItalyRegionBologna, Emilia-Romagna
ASNAS3269
OrganizationNAS DHCP Pool ROMA
Feed Intelligence Summary
14 reports99% confidence
14
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningadbhoney honeypotattackbotnetbrute forcebrute force attackbrute force attemptsciscocisco devicecisco exploitation attemptcisco exploitation attemptscommand and controlcommunication protocolconpotconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationddos attacksdecoy systemdevice managementdionaea honeypotdistributed attacksemailenterprise networkingeuropeftp brute forcehoneytrap honeypothttp scannerics securityindicatorindustrial control systemsinfrastructure acquisitionreconnaissanceinternet of thingsintrusion detectioniot botnetiot/ics attackititalylamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemanualmirai botnetnetworknetwork attacksnetwork infrastructurenetwork probingnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trappotential malware deploymentprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policysftpsftp activitysftp attacksmtp probingsocial engineeringsshssh attackssh monitoringsurface webt1021t1040t1041t1053t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1587.001t1590.001t1595t1595.001t1595.002t1595.003tannertcp protocoltcp/80telecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventionweb traffic
Activity Timeline
Feb 24Feb 24
Threat Activity Heatmap
· Peak: 2026-02-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
14
Reports
First seenJan 17, 2025
Last seenFeb 24, 2026
GeolocationIT
CountryItaly
LocationBologna, Emilia-Romagna
ASNAS3269
OrgNAS DHCP Pool ROMA
Coords44.4847, 11.3280
VirusTotal
Not checked
WHOIS
- description
- 2025-01-25T22:27:22.044Z Honeypot : ConPot : Source: 79.22.56.219 : Port: 50100 Data Type: kamstrup_management_protocol Event Type: NEW_CONNECTION
- raw
- inetnum: 79.22.0.0 - 79.22.127.255 netname: TELECOM-ADSL-POOL descr: NAS DHCP Pool ROMA country: IT admin-c: BS104-RIPE tech-c: BS104-RIPE status: ASSIGNED PA remarks: INFRA-AW mnt-by: TIWS-MNT mnt-lower: TIWS-MNT mnt-routes: TIWS-MNT created: 2009-12-30T15:01:16Z last-modified: 2009-12-30T15:01:16Z source: RIPE person: BBBEASYIP STAFF address: Via Oriolo Romano 240 address: 00189 Roma address: Italy phone: +39 06 36881 nic-hdl: BS104-RIPE mnt-by: TIWS-MNT created: 2001-10-19T12:23:31Z last-modified: 2019-01-15T13:58:43Z source: RIPE # Filtered route: 79.22.0.0/15 descr: INTERBUSINESS origin: AS3269 mnt-by: TIWS-MNT mnt-routes: INTERB-MNT created: 2007-09-04T09:00:27Z last-modified: 2007-09-04T09:00:27Z source: RIPE # Filtered
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 months ago
Appeared in 14 threat reports