IOC Radar
IPMediumSignal 100/100

106.75.141.132

Location
ChinaChina
Yangpu, Shanghai
ASN
AS136958
Shanghai UCloud Information Technology Company Limited
First Seen
Feb 10, 2025
Last Seen
Jul 16, 2025
Feb 10
First Seen
502d ago
Jul 16
Last Seen
346d ago
11
Reports
source reports
99%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

49 techniques

Network Information

CountryCNChina
RegionYangpu, Shanghai
ASNAS136958
OrganizationShanghai UCloud Information Technology Company Limited

Feed Intelligence Summary

11 reports99% confidence
11
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningauthentication attemptsblacklist candidatebotnetbrute forcebrute force attackbrute force attackschinacncommand and controlcommunication protocolcompromised hostscredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdatabase securityddosddos attacksdecoy systemdenial of servicedistributed attacksenumerationexploit attemptsftp brute forcehttp brute forceindicatorinformation gatheringinitial accessinternet of thingsintrusion detectioninvalid login attemptsiot botnetiot/ics attacklateral movementmalicious softwaremalicious trafficmalwaremalware distributionmalware propagationmalware scanningmalware-related botnet activitymariadbmirai botnetnetworknetwork attacksnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitypassword attacksphishing attackpossible botnet infectionpotential botnet activityprocess injectionreconnaissanceremote accessremote servicesresearchedscanscannerscanning activitysecurity policyserver exploitationservice discoverysmb brute forcesmtp brute forcesocial engineeringsql injectionsql injection attemptsssh attacksyn port scansyn scant1018t1021t1021.001t1021.002t1021.004t1040t1046t1055t1059t1059.003t1071t1071.001t1076t1077t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1203t1210t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1588t1589t1589.002t1590t1590.001t1595t1595.001t1595.002t1595.003tcp protocoltcp scanningthreat intelligencethreat preventionudp port scanweb application attackweb exploitation

Activity Timeline

1 total obs
Jul 16Jul 16

Threat Activity Heatmap

· Peak: 2025-07-16
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
11
Reports
First seenFeb 10, 2025
Last seenJul 16, 2025
GeolocationCN
CountryChina
LocationYangpu, Shanghai
ASNAS136958
OrgShanghai UCloud Information Technology Company Limited
Coords31.2999, 121.5080

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 11 months ago
Appeared in 11 threat reports