IOC Radar
IPMediumSignal 81/100

154.89.156.60

Location
Hong KongHong Kong
Tseung Kwan O, Hong Kong
ASN
AS400619
Fastmos Co Limited
First Seen
Jun 16, 2026
Last Seen
Jun 19, 2026
Jun 16
First Seen
7d ago
Jun 19
Last Seen
5d ago
12
Reports
source reports
81%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
81%
Signal Score
81 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryHKHong Kong
RegionTseung Kwan O, Hong Kong
ASNAS400619
OrganizationFastmos Co Limited

Feed Intelligence Summary

12 reports81% confidence
12
Source reports
81%
Confidence score
Category tags
abuseactive scanaptasiabad reputationblocklistbrute forcebruteforcechinacowriedigital oceandionaeaeuropeeurope/asiaexploitationexploitation activityfattgermanyhkhoneylabshong kongindicatormalicious-ipnetworknorth americap0fransomwareresearchedrussiarussian federationscannerscanningself-signedsensor-taggedseychellessocradar honeypottannertelnetthreat actorthreat-inteltpotunited kingdomunited states

Activity Timeline

1 total obs
Jun 19Jun 19

Threat Activity Heatmap

· Peak: 2026-06-19
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
81
SIGNAL
Signal Score
81%
Confidence
12
Reports
First seenJun 16, 2026
Last seenJun 19, 2026
GeolocationHK
CountryHong Kong
LocationTseung Kwan O, Hong Kong
ASNAS400619
OrgFastmos Co Limited
Coords22.2855, 114.1577

VirusTotal

Not checked

WHOIS

description
Observed on T-Pot within last 24h; sensors=honeytrap, p0f, suricata; threshold?1; private IPs excluded. geo=SC; ports=2323 Location=Sydney, Australia.
raw
inetnum: 154.89.156.0 - 154.89.156.255 netname: Fastmos_Co_Limited descr: Fastmos Co Limited country: HK admin-c: CIS1-AFRINIC tech-c: CIS1-AFRINIC status: ASSIGNED PA mnt-by: CIL1-MNT mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered parent: 154.80.0.0 - 154.95.255.255 person: Cloud Innovation Support address: Ebene address: MU address: Mahe address: Seychelles phone: tel:+248-4-610-795 nic-hdl: CIS1-AFRINIC abuse-mailbox: [email protected] mnt-by: CIL1-MNT source: AFRINIC # Filtered route: 154.89.144.0/20 descr: Fastmos Co Limited origin: AS18013 mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered route: 154.89.144.0/20 descr: Fastmos Co Limited origin: AS395886 mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered route: 154.89.144.0/20 descr: Fastmos Co Limited origin: AS400619 mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered route: 154.89.144.0/20 descr: Fastmos Co Limited origin: AS54600 mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered route: 154.89.144.0/20 descr: Fastmos Co Limited origin: AS55020 mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered route: 154.89.144.0/20 descr: Fastmos Co Limited origin: AS8796 mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 days ago · Last seen 5 days ago
Appeared in 12 threat reports