IPMediumSignal 38/100
117.50.70.169
Location
ChinaBeijing, Beijing
ASN
AS23724
Shanghai UCloud Information Technology Company Limited
First Seen
Aug 26, 2024
Last Seen
Jun 7, 2026
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionBeijing, Beijing
ASNAS23724
OrganizationShanghai UCloud Information Technology Company Limited
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
23 reports38% confidence
23
Source reports
38%
Confidence score
Category tags
abuseaccess attemptaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningaptasiaatif feedattackattack source ipattacker-ipaustraliaauthenticationauthentication abuseauthentication attackauthentication-attemptsauthentication_failuresauto-generated securityautomated attackautomated attacksautomated threatbad reputationbad web botbanlist feedbinary defenseblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute force authenticationbrute-forcebrute-force attackbrute-force-ftpbrute-force-sshbrute-force-webbruteforcec2 communicationchinacisco devicecisco device attackcisco exploit attemptscisco exploitationcisco exploitation attemptcisco exploitation attemptscncode executioncode injectioncode-injectioncommand & controlcommand and controlcommand executioncommand-injectioncommunication protocolcompromised credentialscompromised credentials attemptcompromised hostcowriecowrie datacowrie honeypotcredential accesscredential attackscredential harvestingcredential stuffingcredential-stuffingcredential_stuffingctadata exfiltrationdata store exposuredatabase securityddosddos attackddos participationdecoy systemdenial of servicedevice compromise attemptsdevice managementdictionary attackdionaea honeypotdirectory-bruteforcedistributed attacksemerging threatsenterprise networkingenumerationeuropeexploitexploit activityexploitationexploitation activityexploitation of privilegeexploited hostfailed login attemptsfilefinlandfranceftpftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothong konghttp brute forcehttp enumerationhttp scannerhttpshydraidentity & access exploitationimapimap attackinitial accessinitial-accessinjection activityinjection attacksintrusion detectioniocip-addresslamplamp exploit attemptslamp exploitation attemptlamp server targetinglamp stacklamp stack exploitationlamp stack targetinglateral movementlcialinux server targetinglinux systemslinux-server-attackslogin attacklogin attemptlogin attemptslogin brute-forcemalicious activitymalicious domainmalicious file transfermalicious ip addressesmalicious loginmalicious payloadmalicious payload attemptmalicious sftp activitymalicious sftp loginmalicious softwaremalicious ssh activitymalicious ssh loginmalicious-activitymalicious-ipmalwaremalware behaviourmalware capturemalware deliverymalware distributionmasscanmedusanetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork trafficnetwork-servicenmapnorth americaoceaniapassword attackpassword attackspassword crackingpassword sprayingpassword-guessingpassword_guessingphishingpolandport-scanport-scanningpossible botnet activitypotential intrusionpotential malware uploadprocess injectionproduction environmentprotocol exploitationproxyransomwarereconnaissanceredis honeypotremote accessremote service exploitationremote service interactionremote servicesremote_accessresearchresearchedresource developmentresource hijackingrtbhscanscannerscanning activityscripting attackssecurity operationssecurity policysentrypeer activitysentrypeer botnetservice scanservice scanningsftp access attemptsftp access attemptssftp attacksftp attackssftp exploitation attemptsshellshell command executionsingaporesipsip brute forcesip scanningsmb brute forcesmtp brute forcesocial engineeringspamsql injection attemptsql-injectionsshssh attackssh monitoringssh-brutet-pott1005t1016t1016.001t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021: remote servicest1040t1041t1046t1047t1053t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1078t1078.001t1078.002t1078.003t1078.004t1078: valid accountst1105t1110t1110.001t1110.002t1110.003t1110.004t1110: brute forcet1133t1187t1189t1190t1195t1195.002t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1550t1550.002t1552.001t1555t1555.003t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1573t1573.001t1588t1588.002t1588.004t1589t1589.002t1590t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedthreat preventionthreat-intel-feedtor nodetpottpotceudp scanunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized loginunited kingdomunited statesvalid accountsvoidtrapvoipvoip attackvulnerabilityvulnerability scanvulnerability-scanvultrweb app attackweb application attackweb attackweb exploitationweb spamweb trafficweb-attack
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
23
Reports
First seenAug 26, 2024
Last seenJun 7, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS23724
OrgShanghai UCloud Information Technology Company Limited
Coords39.9042, 116.4070
Proxy
VirusTotal
Not checked
WHOIS
- description
- Score: 100/100 | Detector: threat_feed | Label: reported_abuse | Tags: reported_abuse, abuseipdb
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 days ago
Appeared in 23 threat reports