IOC Radar
IPMediumSignal 54/100

47.242.39.51

Location
Hong KongHong Kong
Hong Kong, Hong Kong
ASN
AS45102
Hong Kong
First Seen
May 29, 2025
Last Seen
Jun 5, 2026
May 29
First Seen
380d ago
Jun 5
Last Seen
8d ago
20
Reports
source reports
54%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
54%
Signal Score
54 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Network Information

CountryHKHong Kong
RegionHong Kong, Hong Kong
ASNAS45102
OrganizationHong Kong

IP Category

VPN
VPN exit node

Feed Intelligence Summary

20 reports54% confidence
20
Source reports
54%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningantispamaptasiaattackattack source ipattacker-ipaustraliaauthentication failureautomated attackautomated attacksautomated threatbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute-force attackbruteforcec2 communicationchinacisco devicecisco exploitation attemptcisco exploitation attemptscloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommand injectioncommunication protocolcompromised hostcowriecowrie datacowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential attackscredential brute forcecredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos attacksdecoy systemdenial of servicedevice managementdigital oceandionaeadionaea honeypotdistributed attacksdnsdns attackenterprise networkingeuropeexploitexploit attemptsexploitationexploitation activityexploited hostexternal access attemptsfattfranceftpftp brute forceftp brute-forcehackinghkhoneytrap honeypothong konghttp brute forcehttp scannerhttp/sidentity & access exploitationindicatorinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniociot attackiot botnetiot device targetingiot securityiot targetediot/ics attackipv4japanlamplamp server attacklamp stack targetinglateral movementlcialinux serverslinux systemslog4jloginlogin attacklogin attemptlogin attemptsmailoney honeypotmalicious activitymalicious botnet activitymalicious ip addressesmalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmalware filter listmirai botnetnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusion attemptsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork servicesnetwork traffic analysisnorth americaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathportscanprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote access attemptremote servicesresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetserver exploitationservice scanservice scanningsftp attacksingaporesip brute forcesip scanningsmtpsmtp brute forcesocial engineeringsocradar honeypotspamsql injectionsshssh attackssh monitoringsystem accesst-pott1003t1018t1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1555t1565t1566t1566.001t1566.002t1566.003t1588.004t1589t1590t1590.006t1592.002t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotunauthorized accessunauthorized loginunited kingdomunited statesvnc protocolvoipvoip attackvpnvpn ipvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb attackweb exploitweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
54
SIGNAL
Signal Score
54%
Confidence
20
Reports
First seenMay 29, 2025
Last seenJun 5, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, Hong Kong
ASNAS45102
OrgHong Kong
Coords22.3193, 114.1690
VPN

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean Toronto (CA) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 8 days ago
Appeared in 20 threat reports