IPMediumSignal 39/100

`106.75.134.146`

Location

China

Yangpu, Shanghai

ASN

AS136958

Shanghai UCloud Information Technology Company Limited

First Seen

Aug 23, 2024

Last Seen

May 22, 2026

Aug 23

First Seen

666d ago

May 22

Last Seen

29d ago

Reports

source reports

39%

Confidence

medium

Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

39%

Signal Score

39 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

37 techniques

Network Information

Country

China

RegionYangpu, Shanghai

ASNAS136958

OrganizationShanghai UCloud Information Technology Company Limited

Feed Intelligence Summary

6 reports39% confidence

Source reports

39%

Confidence score

Category tags

abuseactive scanactive scanningasiaaustraliabad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute-forcechinacncommunication protocolcompromised hostcowrie honeypotcredential accesscredential attackcredential harvestingcredential stuffingcvedata encryptiondata exfiltrationdata store exposuredatabase securityddosdecoy systemdenial of servicedionaea honeypotdionaea payloadsdnsdns attackencryptionexploitexploitation activityexploitation attemptexternal threatfattfatt detectionsftphackinghoneytrap eventshoneytrap honeypothttp attackhttp scannerhttpsidentity & access exploitationimapindicatorinjection activityinjection attackslateral movementmailoney eventsmailoney honeypotmalicious activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware delivery attemptmssqlnetworknetwork attacksnetwork intrusionnetwork intrusion attemptsnetwork protocolnetwork scanningnetwork securityoceaniap0fp0f signaturespassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote access attackremote servicesresearchedresource hijackingscannerscanning activitysensor-taggedsentrypeer botnetsentrypeer eventsserver exploitationsmtpsmtp attacksocial engineeringspamsql injectionssh attackssh monitoringsuricata alertst1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tannertanner eventstargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotvnc protocolvoipvoip attackvulnerability scanweb spamweb traffic

Activity Timeline

1 total obs

May 22May 22

Threat Activity Heatmap

· Peak: 2026-05-22

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreLow Risk

SIGNAL

Signal Score

39%

Confidence

Reports

First seenAug 23, 2024

Last seenMay 22, 2026

GeolocationCN

CountryChina

LocationYangpu, Shanghai

ASNAS136958

OrgShanghai UCloud Information Technology Company Limited

Coords31.2999, 121.5080

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 1 year ago · Last seen 29 days ago

Appeared in 6 threat reports