IPMediumSignal 70/100
124.236.72.41
Location
ChinaHangzhou, TJ
ASN
AS134760
Chinanet HE
First Seen
May 16, 2025
Last Seen
May 30, 2026
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionHangzhou, TJ
ASNAS134760
OrganizationChinanet HE
Feed Intelligence Summary
8 reports70% confidence
8
Source reports
70%
Confidence score
Category tags
active scanactive scanningasiabad web botbotnet activitybrute forcebrute force attackbrute force attackerchinacncowriecredential accesscredential harvestingcredential stuffingddosdenial of servicedigital oceandionaeaexploitation activityfatthackingidentity & access exploitationindicatornetworkp0fpassword attacksphishingphishing attackportscanreconnaissanceresearchedscannerscannerssensor-taggedservice scansocial engineeringt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1566.001t1566.002t1566.003t1595.001t1595.002t1595.003tannertpotweb app attackweb application attackweb exploitation
Activity Timeline
May 30May 30
Threat Activity Heatmap
· Peak: 2026-05-30LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
70
SIGNAL
Signal Score
70%
Confidence
8
Reports
First seenMay 16, 2025
Last seenMay 30, 2026
GeolocationCN
CountryChina
LocationHangzhou, TJ
ASNAS134760
OrgChinanet HE
Coords39.1488, 117.1762
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
- raw
- inetnum: 124.236.0.0 - 124.239.255.255 netname: CHINANET-HE descr: CHINANET hebei province network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: BR3-AP tech-c: CH93-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-HE mnt-routes: MAINT-CHINANET-HE mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:05:35Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-13 mnt-by: MAINT-CHINANET last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-11-13 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-13T14:15:15Z source: APNIC person: Bin Ren nic-hdl: BR3-AP e-mail: [email protected] address: NO.69 KunLun avenue, Shijiazhuang 050000 China phone: +86-311-85211771 fax-no: +86-311-85202145 country: CN mnt-by: MAINT-CHINANET-HE last-modified: 2019-03-20T02:47:26Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
- references
- https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 26 days ago
Appeared in 8 threat reports