IOC Radar
IPMediumSignal 62/100

124.220.174.186

Location
ChinaChina
Shanghai, Shanghai
ASN
AS45090
Tencent cloud computing (Beijing) Co., Ltd.
First Seen
Jan 26, 2026
Last Seen
Jun 4, 2026
Jan 26
First Seen
138d ago
Jun 4
Last Seen
10d ago
17
Reports
source reports
62%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryCNChina
RegionShanghai, Shanghai
ASNAS45090
OrganizationTencent cloud computing (Beijing) Co., Ltd.

Feed Intelligence Summary

17 reports62% confidence
17
Source reports
62%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotapacheapache attackerasiaattackbad reputationbad web botbanner-grabbingblocklistblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcechinacisco devicecisco exploitation attemptscncommunication protocolcommunity-sharedconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedevice managementdigital oceandionaeadionaea honeypotelasticpot honeypotelasticsearch monitoringenterprise networkingexploitexploitation activityexploited hostfattftp brute forcehackinghoneytrap honeypotics securityidentity & access exploitationinbound scanindicatorindustrial control systemsinjection activityiot securityiot targetediot/ics attacklamplateral movementmailoney honeypotmalicious activitymalicious network activitymalwaremalware behaviourmalware capturenetworknetwork infrastructurenetwork securityp0fpassword attacksphishingphishing attackphishing trapping of deathportscanransomwarereconnaissanceredis honeypotresearchedresource hijackingscannerscannersscanning activitysensor-taggedsentrypeer botnetservice scansftp attacksftp attemptsip scanningsmtp enumerationsocial engineeringsocradar honeypotsql injectionsshssh attackssh monitoringt-pott1021t1040t1041t1046t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1496t1499.001t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodetpotvoipvoip attackvulnerability scanvulnerability-exploitationweb app attackweb application attackweb application scanningweb exploitation

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
17
Reports
First seenJan 26, 2026
Last seenJun 4, 2026
GeolocationCN
CountryChina
LocationShanghai, Shanghai
ASNAS45090
OrgTencent cloud computing (Beijing) Co., Ltd.
Coords31.2304, 121.4740

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
raw
inetnum: 124.220.0.0 - 124.223.255.255 netname: TencentCloud descr: Tencent cloud computing (Beijing) Co., Ltd. descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District Beijing country: CN admin-c: JT1125-AP tech-c: JX1747-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-TENCENTCLOUD-CN last-modified: 2023-11-28T00:57:04Z source: APNIC irt: IRT-TencentCloud-CN address: 9F, FIYTA Building, Gaoxinnanyi Road, Southern address: District of Hi-tech Park, Shenzhen e-mail: [email protected] admin-c: JT1125-AP tech-c: JX1747-AP abuse-mailbox: [email protected] auth: # Filtered remarks: [email protected] was validated on 2025-10-29 remarks: [email protected] was validated on 2026-05-15 mnt-by: MAINT-CNNIC-AP last-modified: 2026-05-15T03:04:36Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-19T17:20:32Z source: APNIC person: James Tian address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern address: District of Hi-tech Park, Shenzhen country: CN phone: +86-755-86013388-84952 e-mail: [email protected] nic-hdl: JT1125-AP mnt-by: MAINT-CNNIC-AP last-modified: 2024-03-19T08:21:31Z source: APNIC person: Jimmy Xiao address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern address: District of Hi-tech Park, Shenzhen country: CN phone: +86-755-86013388-80224 e-mail: [email protected] nic-hdl: JX1747-AP mnt-by: MAINT-CNNIC-AP last-modified: 2021-09-17T00:38:09Z source: APNIC route: 124.220.0.0/14 origin: AS45090 descr: China Internet Network Information Center Floor1, Building No.1 C/-Chinese Academy of Sciences 4, South 4th Street Haidian District, mnt-by: MAINT-CNNIC-AP last-modified: 2021-10-11T01:50:32Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 10 days ago
Appeared in 17 threat reports