IOC Radar
IPMediumSignal 82/100

149.129.112.244

Location
Hong KongHong Kong
Hong Kong, Kowloon
ASN
AS45102
Alibaba.com Singapore E-Commerce Private Limited
First Seen
Jan 2, 2022
Last Seen
Aug 6, 2025
Jan 2
First Seen
1638d ago
Aug 6
Last Seen
327d ago
10
Reports
source reports
82%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
82%
Signal Score
82 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryHKHong Kong
RegionHong Kong, Kowloon
ASNAS45102
OrganizationAlibaba.com Singapore E-Commerce Private Limited

Feed Intelligence Summary

10 reports82% confidence
10
Source reports
82%
Confidence score
Category tags
accessackactionactive scanningattackbotnetbrute forcebrute force attacksc2certcisco devicecisco exploitation attemptcommand and controlcommunication protocolconfigconnectconpot activityconpot honeypotcowriecowrie activitycowrie honeypotcredential accesscredential harvestingcredential stuffingcssdata exfiltrationdatabase securitydecoy systemdenial of servicedevice managementdionaeadionaea honeypotdistributed attacksemailenterprise networkingexploitexploit attemptsexternal scanfinftpftp brute forcegithubgroupshkhoneytrap honeypotics securityindicatorindustrial control systemsinfoinfrastructure acquisitionreconnaissanceinitial accessiot/ics attackipphoney honeypotlamplamp attacklinuxmailoney activitymailoney honeypotmalicious activitymalicious payload detectionmalicious softwaremalwaremalware behaviourmalware capturemanualnetworknetwork activitynetwork attacksnetwork infrastructurenetwork intrusion attemptsnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitypassword attackpassword crackingphishingphishing attackphishing trappingprocess injectionpythonreconnaissanceredis honeypotredishoneypotresearchedresource hijackingscannerscriptsentrypeer botnetserverservice enumerationsftpsftp activitysftp attacksipsip brute forceslugsmtp brute forcesocial engineeringsocradarsshssh attackssh monitoringstealthsurface websynt1016t1018t1021t1021.001t1021.002t1021.006t1040t1041t1046t1055t1059t1059.004t1068t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1587.001t1588t1588.002t1589t1590.001t1595t1595.001t1595.002t1595.003tannertcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencevoipvoip attackxmas

Activity Timeline

1 total obs
Aug 6Aug 6

Threat Activity Heatmap

· Peak: 2025-08-06
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
82
SIGNAL
Signal Score
82%
Confidence
10
Reports
First seenJan 2, 2022
Last seenAug 6, 2025
GeolocationHK
CountryHong Kong
LocationHong Kong, Kowloon
ASNAS45102
OrgAlibaba.com Singapore E-Commerce Private Limited
Coords22.3193, 114.1690

VirusTotal

Not checked

WHOIS

description
2025-01-17T03:19:04.000Z Honeypot : Redishoneypot : Source: 149.129.112.244 : Port: 6379 Action: info Message:

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 10 months ago
Appeared in 10 threat reports