IOC Radar
IPMediumSignal 30/100

47.79.2.41

Location
SingaporeSingapore
Singapore, Singapore
ASN
AS45102
Alibaba.com LLC
First Seen
Feb 20, 2025
Last Seen
Apr 5, 2026
Feb 20
First Seen
479d ago
Apr 5
Last Seen
70d ago
13
Reports
source reports
30%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
30%
Signal Score
30 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountrySGSingapore
RegionSingapore, Singapore
ASNAS45102
OrganizationAlibaba.com LLC

Feed Intelligence Summary

13 reports30% confidence
13
Source reports
30%
Confidence score
Category tags
abuseactive scanactive scanningantispamasiaattackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcompromised credentialsconpot activityconpot honeypotcowrie honeypotcowrie interactionscowrie ssh attackscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase exploitation attemptsddosddos attackdecoy systemdenial of servicedionaea honeypotdionaea interactionsdistributed attacksexploit probingexploitation activityftp brute forcehackinghoneytrap honeypothttp scanningics securityidentity & access exploitationindustrial control systemsinjection activityiot securityiot/ics attackipphoney activityipphoney honeypotlamplog4jmailoney email attacksmailoney honeypotmalicious activitymalicious python scriptsmalicious softwaremalwaremalware behaviourmalware capturemalware hostingnetworknetwork intrusion attemptsnetwork scanningnetwork securitynorth americapassword attacksphishingphishing attackphishing trapprocess injectionproxyreconnaissanceresearchedresource hijackingscannersentrypeer attackssentrypeer botnetsftp access attemptsftp activitysftp attacksgsingaporesip attackssip brute forcesocial engineeringspamssh attackssh monitoringt1021t1040t1041t1046t1053t1055t1059t1068t1071.001t1078t1083t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1589t1590t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunited statesvoipvoip attackweb application attackweb application attacksweb exploitationweb spam

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
30
SIGNAL
Signal Score
30%
Confidence
13
Reports
First seenFeb 20, 2025
Last seenApr 5, 2026
GeolocationSG
CountrySingapore
LocationSingapore, Singapore
ASNAS45102
OrgAlibaba.com LLC
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
2025-03-09T06:35:18.265Z Honeypot : Tanner : Source: 47.79.2.41 : Port: 80 Post Data: {'version': '0.6.0', 'response': {'message': {'sess_uuid': '495e5742-d617-4e30-a972-1107fbb502d2', 'detection': {'version': '0.6.0', 'order': 1, 'name': 'index', 'type': 1}}}}
raw
inetnum: 47.0.0.0 - 47.255.255.255 netname: IANA-NETBLOCK-47 descr: This network range is not allocated to APNIC. descr: descr: If your whois search has returned this message, then you have descr: searched the APNIC whois database for an address that is descr: allocated by another Regional Internet Registry (RIR). descr: descr: Please search the other RIRs at whois.arin.net or whois.ripe.net descr: for more information about that range. country: AU admin-c: IANA1-AP tech-c: IANA1-AP remarks: For general info on spam complaints email [email protected]. remarks: For general info on hacking & abuse complaints email [email protected]. mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:28Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 13 threat reports