IOC Radar
IPMediumSignal 80/100

121.36.23.190

Location
ChinaChina
Beijing, Beijing
ASN
AS55990
Huawei Cloud Service
First Seen
Apr 15, 2026
Last Seen
May 6, 2026
Apr 15
First Seen
60d ago
May 6
Last Seen
39d ago
18
Reports
source reports
80%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

4 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS55990
OrganizationHuawei Cloud Service

Feed Intelligence Summary

18 reports80% confidence
18
Source reports
80%
Confidence score
Category tags
abuseactive scanactive scanningaptasiaaustraliabad reputationbad web botblocklistbotnetbotnet activitybrute forcebrute-forcebruteforcechinacndhcpelasticsearchexploitexploitation activityftphackingimapindicatoriot securityldapmssqlnetworkntpoceaniaoraclepostgresransomwarereconnaissanceredisresearchedscanscannersipsmbsnmpsocks5socradar honeypotsshssh attackt1595t1595.001t1595.002t1595.003targeting databasetelnetthreat actortor nodetpotvncvulnerability scanvulnerability-exploitationweb app attack

Activity Timeline

1 total obs
May 6May 6

Threat Activity Heatmap

· Peak: 2026-05-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
18
Reports
First seenApr 15, 2026
Last seenMay 6, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS55990
OrgHuawei Cloud Service
Coords39.9042, 116.4070

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected performing scans on production environment located in Australia.
raw
inetnum: 121.36.0.0 - 121.36.255.255 netname: HWCSNET descr: Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co) descr: No.2018 Xuegang Road,Bantian street,Longgang District, descr: Shenzhen,Guangdong Province, 518129 P.R.China country: CN admin-c: LL3172-AP tech-c: GX1759-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-CNNIC-CN last-modified: 2022-04-18T05:36:26Z source: APNIC irt: IRT-CNNIC-CN address: Beijing, China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IP50-AP tech-c: IP50-AP auth: # Filtered remarks: Please note that CNNIC is not an ISP and is not remarks: empowered to investigate complaints of network abuse. remarks: Please contact the tech-c or admin-c of the network. remarks: [email protected] is invalid mnt-by: MAINT-CNNIC-AP last-modified: 2025-11-17T23:08:37Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-19T17:20:32Z source: APNIC person: Gui xiaowei address: HUAWEI CLOUD Data Center, Jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guizhou Province country: CN phone: +86-18566251984 e-mail: [email protected] nic-hdl: GX1759-AP mnt-by: MAINT-CNNIC-AP last-modified: 2022-04-18T05:32:41Z source: APNIC person: Liu Liqun address: HUAWEI CLOUD Data Center, Jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guizhou Province country: CN phone: +86-13360099887 e-mail: [email protected] nic-hdl: LL3172-AP mnt-by: MAINT-CNNIC-AP last-modified: 2022-04-18T05:33:15Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 18 threat reports