IOC Radar
IPMediumSignal 70/100

122.243.176.17

Location
ChinaChina
Yiwu, ZJ
ASN
AS4134
Chinanet
First Seen
Apr 9, 2026
Last Seen
Apr 24, 2026
Apr 9
First Seen
66d ago
Apr 24
Last Seen
51d ago
6
Reports
source reports
70%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryCNChina
RegionYiwu, ZJ
ASNAS4134
OrganizationChinanet

Feed Intelligence Summary

6 reports70% confidence
6
Source reports
70%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbrute forcebrute force attackerbrute-forcebruteforcechinaexploitation activityexploited hosthackingindicatornetworkportscanreconnaissanceresearchedscannerscannersservice scant1595.001t1595.002t1595.003telnetvultr

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
6
Reports
First seenApr 9, 2026
Last seenApr 24, 2026
GeolocationCN
CountryChina
LocationYiwu, ZJ
ASNAS4134
OrgChinanet
Coords29.3187, 120.0810

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force TELNET on Vultr Tokyo (Japan) honeypot
raw
inetnum: 122.243.128.0 - 122.243.255.255 netname: CHINANET-ZJ-JH country: CN descr: CHINANET-ZJ Jinhua node network descr: Zhejiang Telecom admin-c: CZ4-AP tech-c: CJ54-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CHINANET-ZJ mnt-lower: MAINT-CN-CHINANET-ZJ-JH last-modified: 2009-01-13T02:45:59Z source: APNIC role: CHINANET-ZJ Jinhua address: No.155 Xishi street,Jinhua,Zhejiang.321000 country: CN phone: +86-579-2300779 fax-no: +86-579-2330035 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: and abuse reports to [email protected] remarks: Please include detailed information and times in UTC admin-c: CH55-AP tech-c: CH55-AP nic-hdl: CJ54-AP mnt-by: MAINT-CHINANET-ZJ last-modified: 2020-06-03T08:38:41Z source: APNIC role: CHINANET ZHEJIANG address: No. 257 Qingjiang Road, Hangzhou, Zhejiang.310066 country: CN phone: +86-571-86821752 fax-no: +86-571-86988329 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: and abuse reports to [email protected] remarks: Please include detailed information and times in UTC admin-c: CZ61-AP tech-c: CZ61-AP nic-hdl: CZ4-AP mnt-by: MAINT-CHINANET-ZJ last-modified: 2023-08-11T08:33:28Z source: APNIC
references
https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrtokyo-telnet-bruteforce-ip-list-2026-04-16/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 6 threat reports