IPMediumSignal 61/100
83.229.127.87
Location
Hong KongMong Kok, Kowloon
ASN
AS139659
S G IX
First Seen
Jan 2, 2025
Last Seen
Apr 26, 2026
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryHong Kong
Hong KongRegionMong Kok, Kowloon
ASNAS139659
OrganizationS G IX
Feed Intelligence Summary
14 reports61% confidence
14
Source reports
61%
Confidence score
Category tags
abusech-threatfox-c2cactive scanadversary simulation toolafricaasiabad reputationbeaconbeaconing activitybotnetbotnet activitybrute forcec2c2 frameworkcobalt strikecommand & controlcommand and controlcredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredistributed attacksencryptionexploitation activityextortionhkhong kongidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activitylateral movementlateral movement techniquesmalicious softwaremalwaremanualnetworknigerianvisopayload deploymentpayload generationpenetration testing toolphishingphishing attackpost-exploitationpost-exploitation activitiesprocess injectionransomwareresearchedself-signedsocial engineeringsystem disruptiont1003t1016t1018t1027t1041t1047t1055t1059t1059.001t1071t1071.001t1078t1083t1090t1090.001t1105t1190t1210t1486t1490t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1567t1569.002t1573t1573.001t1587.001t1590.001threat actorthreatfox iocstor nodevshell
Activity Timeline
Apr 26Apr 26
Threat Activity Heatmap
· Peak: 2026-04-26LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
14
Reports
First seenJan 2, 2025
Last seenApr 26, 2026
GeolocationHK
CountryHong Kong
LocationMong Kok, Kowloon
ASNAS139659
OrgS G IX
Coords22.3193, 114.1690
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 83.229.124.0 - 83.229.127.255 netname: S-G-IX descr: S-G-IX country: HK admin-c: GGG9-AP tech-c: GGG9-AP abuse-c: AL1475-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-HK-NLIDC mnt-irt: IRT-LIHGL-HK last-modified: 2023-10-23T13:52:11Z source: APNIC irt: IRT-LIHGL-HK address: OFFICE 1002A, 10/F GINZA SQUARE, 567 NATHAN RD KLN, HK HK 000852 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: LIHG1-AP tech-c: LIHG1-AP auth: # Filtered remarks: [email protected] remarks: [email protected] was validated on 2026-03-12 mnt-by: MAINT-LIHGL-HK last-modified: 2026-03-12T05:16:22Z source: APNIC role: ABUSE LIHGLHK country: ZZ address: OFFICE 1002A, 10/F GINZA SQUARE, 567 NATHAN RD KLN, HK HK 000852 phone: +000000000 e-mail: [email protected] admin-c: LIHG1-AP tech-c: LIHG1-AP nic-hdl: AL1475-AP remarks: Generated from irt object IRT-LIHGL-HK remarks: [email protected] was validated on 2026-03-12 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-03-12T05:16:55Z source: APNIC role: good good good address: OFFICE 1002A, 10/F GINZA SQUARE, 567 NATHAN RD KLN, HK HK 000852 country: HK phone: +852 36970990 e-mail: [email protected] admin-c: GGG9-AP tech-c: GGG9-AP nic-hdl: GGG9-AP notify: [email protected] mnt-by: MAINT-HK-NLIDC last-modified: 2020-10-10T10:03:21Z source: APNIC route: 83.229.127.0/24 origin: AS139659 descr: LANLIAN INTERNATIONAL HOLDING GROUP LIMITED OFFICE 1002A, 10/F GINZA SQUARE 567 NATHAN RD KLN mnt-by: MAINT-LIHGL-HK last-modified: 2024-03-27T11:52:41Z source: APNIC
- references
- https://threatfox.abuse.ch/export/csv/recent/, https://www.shodan.io/search?query=product%3A%22Cobalt+Strike+Beacon%22
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 14 threat reports