IPMediumSignal 38/100
47.239.205.200
Location
Hong KongHong Kong, Kowloon
ASN
AS45102
Alibaba Cloud - HK
First Seen
Apr 10, 2025
Last Seen
Apr 7, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryHong Kong
Hong KongRegionHong Kong, Kowloon
ASNAS45102
OrganizationAlibaba Cloud - HK
Feed Intelligence Summary
15 reports38% confidence
15
Source reports
38%
Confidence score
Category tags
abuseactive scanactive scanningapkarmasciiasiaasyncratattackaustraliabad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptscode injectioncoinminercommand and controlcommand executioncredential accesscredential stuffingcryptocurrencydarktortilladata exfiltrationdata store exposureddosddos attacksdenial of servicedistributed attackselfencodedexeexecutable fileexploit attemptsexploitation activityftp brute forceguloaderhajimehong konghttp brute forceidentity & access exploitationindicatorinfostealerinjection activityinternet of thingsiot botnetiot securityiot/ics attackjpg-base64-loaderlateral movementlummastealermalicious activitymalicious powershell activitymalicious softwaremalicious url distributionmalwaremalware propagationmalware scanningmin-headersmipsmirai botnetmobile threatmozinetworknetwork probingnetwork scanningnorth americaoceaniaopendirpassword attackspig butchpig butcheringpinkprocess injectionps1ransomwarereconnaissanceremote accessremote servicesresearchedsaint helena, ascension and tristan da cunhascams & fraudscannerscripting attackssmtp brute forcesql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1059.001t1059.007t1071.001t1076t1078t1086t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1204.001t1204.002t1210t1486t1496t1499.002t1499.003t1555t1563t1565t1566.001t1573.001t1588t1595t1595.001t1595.002t1595.003targeting databasethreat actortor nodeua-wgetunited statesweb exploitationx86-64
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
15
Reports
First seenApr 10, 2025
Last seenApr 7, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, Kowloon
ASNAS45102
OrgAlibaba Cloud - HK
Coords37.7510, -97.8220
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 47.0.0.0 - 47.255.255.255 netname: IANA-NETBLOCK-47 descr: This network range is not allocated to APNIC. descr: descr: If your whois search has returned this message, then you have descr: searched the APNIC whois database for an address that is descr: allocated by another Regional Internet Registry (RIR). descr: descr: Please search the other RIRs at whois.arin.net or whois.ripe.net descr: for more information about that range. country: AU admin-c: IANA1-AP tech-c: IANA1-AP remarks: For general info on spam complaints email [email protected]. remarks: For general info on hacking & abuse complaints email [email protected]. mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:28Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
- references
- https://redpiranha.net, https://urlhaus.abuse.ch/browse/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 15 threat reports