IOC Radar
IPMediumSignal 100/100

120.55.67.181

Location
ChinaChina
Hangzhou, Zhejiang
ASN
AS37963
Aliyun Computing Co., LTD
First Seen
Oct 10, 2023
Last Seen
Aug 5, 2025
Oct 10
First Seen
990d ago
Aug 5
Last Seen
326d ago
11
Reports
source reports
99%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryCNChina
RegionHangzhou, Zhejiang
ASNAS37963
OrganizationAliyun Computing Co., LTD

IP Category

Hosting
Hosting provider

Feed Intelligence Summary

11 reports99% confidence
11
Source reports
99%
Confidence score
Category tags
active scanningapplication scanningasiabotnetbrute forcebrute force attackc2certchinacommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingdata exfiltrationdenial of servicedirectory traversal probedistributed attacksfinfin scanftpftp brute forcehttp brute forcehttp scannerindicatorinformation gatheringintrusion detectionmalicious softwaremalwarenetworknetwork attacksnetwork mappingnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnull scanopen port detectionpassword attacksphishing attackpossible reconnaissance activityprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedscannerscripting attacksservice discoveryservice enumerationsmtp brute forcesocial engineeringsocradarsql injection probessh attacksynsyn scant1016.001t1018t1021t1021.001t1040t1046t1055t1059t1059.007t1068t1071.001t1076t1078t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1589t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligenceudp port scanweb attackweb exploitationweb trafficxmasxmas scan

Activity Timeline

1 total obs
Aug 5Aug 5

Threat Activity Heatmap

· Peak: 2025-08-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
11
Reports
First seenOct 10, 2023
Last seenAug 5, 2025
GeolocationCN
CountryChina
LocationHangzhou, Zhejiang
ASNAS37963
OrgAliyun Computing Co., LTD
Coords30.2943, 120.1663
Hosting

VirusTotal

Not checked

WHOIS

description
Port Scan 2024-10-07T22:31:41.000Z -> 120.55.67.181 scanned port 6379 on one of our servers

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 10 months ago
Appeared in 11 threat reports