IOC Radar
IPMediumSignal 26/100

47.236.79.80

Location
SingaporeSingapore
Singapore, Singapore
ASN
AS45102
Alibaba Cloud LLC
First Seen
Mar 12, 2025
Last Seen
Apr 7, 2026
Mar 12
First Seen
467d ago
Apr 7
Last Seen
75d ago
8
Reports
source reports
26%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
26%
Signal Score
26 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountrySGSingapore
RegionSingapore, Singapore
ASNAS45102
OrganizationAlibaba Cloud LLC

Feed Intelligence Summary

8 reports26% confidence
8
Source reports
26%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackbad reputationbotnetbotnet activitybrute forcecommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdionaea honeypotdistributed attacksexploitation activityftp scanidentity & access exploitationindicatorinjection activitymailoney honeypotmalicious activitymalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturenetworknetwork reconnaissancenetwork scanningnetwork securitynorth americaphishingphishing attackphishing trapprocess injectionreconnaissanceresearchedresource hijackingscannersentrypeer botnetsftp attacksgsingaporesip brute forcesip scansocial engineeringssh attackssh monitoringssh scant1021t1040t1041t1055t1059t1071.001t1078t1110t1110.002t1187t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencetor nodeunited statesvoipvoip attack

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
26
SIGNAL
Signal Score
26%
Confidence
8
Reports
First seenMar 12, 2025
Last seenApr 7, 2026
GeolocationSG
CountrySingapore
LocationSingapore, Singapore
ASNAS45102
OrgAlibaba Cloud LLC
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
2025-03-13T08:44:10.981Z Honeypot : Dionaea : Source: 47.236.79.80 : Port: 21 Connection: {'protocol': 'ftpd', 'type': 'accept', 'transport': 'tcp'}
raw
inetnum: 47.0.0.0 - 47.255.255.255 netname: IANA-NETBLOCK-47 descr: This network range is not allocated to APNIC. descr: descr: If your whois search has returned this message, then you have descr: searched the APNIC whois database for an address that is descr: allocated by another Regional Internet Registry (RIR). descr: descr: Please search the other RIRs at whois.arin.net or whois.ripe.net descr: for more information about that range. country: AU admin-c: IANA1-AP tech-c: IANA1-AP remarks: For general info on spam complaints email [email protected]. remarks: For general info on hacking & abuse complaints email [email protected]. mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:28Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports