IOC Radar
IPMediumSignal 24/100

129.122.180.46

Location
AngolaAngola
Luanda, Luanda Province
ASN
AS37645
Finstar - Sociedade de Investimento e Participacoes S.A
First Seen
Feb 10, 2025
Last Seen
Mar 31, 2026
Feb 10
First Seen
486d ago
Mar 31
Last Seen
72d ago
8
Reports
source reports
24%
Confidence
medium
1/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryAOAngola
RegionLuanda, Luanda Province
ASNAS37645
OrganizationFinstar - Sociedade de Investimento e Participacoes S.A

Feed Intelligence Summary

8 reports24% confidence
8
Source reports
24%
Confidence score
Category tags
abuseaccessactive scanactive scanningangolaaoattackbad reputationbotnetbotnet activitybrute forcecommand and controlcommunication protocolconnectcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdionaeadionaea honeypotdistributed attacksemailexploitation activityftp brute forcegroupshoneytrap honeypotidentity & access exploitationindicatorinjection activitylamplamp exploitation attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork scanningnetwork securitynorth americaphishingphishing attackphishing trappotential malware distributionprocess injectionprotocol exploitationreconnaissanceresearchedresource hijackingscannerscriptsentrypeer botnetsftpsftp attacksipsip brute forcesip scanningslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1016t1018t1021t1040t1041t1046t1053t1055t1059t1071.001t1078t1110t1110.002t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1588t1595t1595.001t1595.002t1595.003tcptelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodeunited statesvoipvoip attack

Activity Timeline

1 total obs
Mar 31Mar 31

Threat Activity Heatmap

· Peak: 2026-03-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
8
Reports
First seenFeb 10, 2025
Last seenMar 31, 2026
GeolocationAO
CountryAngola
LocationLuanda, Luanda Province
ASNAS37645
OrgFinstar - Sociedade de Investimento e Participacoes S.A
Coords-12.4992, 18.4968

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
2025-02-11T00:39:05.724Z Honeypot : Dionaea : Source: 129.122.180.46 : Port: 1433 Connection: {'transport': 'tcp', 'protocol': 'mssqld', 'type': 'accept'}
raw
inetnum: 129.122.128.0 - 129.122.191.255 netname: ZAP-Angola descr: ZAP-Angola country: AO admin-c: NL4-AFRINIC tech-c: NL4-AFRINIC status: ASSIGNED PA mnt-by: FINISTAR-MNT source: AFRINIC # Filtered parent: 129.122.128.0 - 129.122.255.255 person: Nelson Lopes nic-hdl: NL4-AFRINIC address: Edificio ZAP, Talatona address: Luanda address: Angola phone: tel:+244-935-555-555 fax-no: tel:+244-935-555-555 mnt-by: GENERATED-UZMO4EPYHHMTQ5INT7VT761FV7VFPL2F-MNT source: AFRINIC # Filtered route: 129.122.160.0/19 descr: ZAP-Angola origin: AS37645 mnt-by: FINISTAR-MNT source: AFRINIC # Filtered
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports