IOC Radar
IPHighVerifiedSignal 67/100

140.224.26.121

Location
ChinaChina
Fuzhou, Fujian
ASN
AS4134
Chinanet FJ
First Seen
Apr 17, 2026
Last Seen
Apr 23, 2026
Apr 17
First Seen
57d ago
Apr 23
Last Seen
51d ago
4
Reports
source reports
67%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryCNChina
RegionFuzhou, Fujian
ASNAS4134
OrganizationChinanet FJ

Feed Intelligence Summary

4 reports67% confidence
4
Source reports
67%
Confidence score
Category tags
active scanasiabrute forcebrute force attackerbrute-forcebruteforcechinadigital oceanindicatormssqlnetworkportscanresearchedscannersservice scan

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, represents a critical and immediate threat to organizational security, evidenced by its high score of 66.59 and non-whitelisted status. The observed activity clearly points to active brute-force attacks targeting MSSQL services and widespread port scanning, which are precursors to more damaging intrusions. If left unaddressed, this malicious activity could lead to unauthorized system access, data exfiltration, and severe operational disruption…

Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
4
Reports
First seenApr 17, 2026
Last seenApr 23, 2026
Verified IOC
GeolocationCN
CountryChina
LocationFuzhou, Fujian
ASNAS4134
OrgChinanet FJ
Coords25.9641, 119.4660

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MSSQL on DigitalOcean London (UK) honeypot
raw
inetnum: 140.224.0.0 - 140.224.127.255 netname: CHINANET-FJ descr: CHINANET FUJIAN NETWORK country: CN admin-c: CA67-AP tech-c: CA67-AP abuse-c: AC1600-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CHINANET-FJ mnt-lower: MAINT-CHINANET-FJ mnt-routes: MAINT-CHINANET-FJ mnt-irt: IRT-CHINANET-FJ last-modified: 2022-01-12T13:12:40Z source: APNIC irt: IRT-CHINANET-FJ address: no.7,dongjie road,fuzhou,fujian,china e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CA67-AP tech-c: CA67-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-21 mnt-by: MAINT-CHINANET-FJ last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETFJ country: ZZ address: no.7,dongjie road,fuzhou,fujian,china phone: +000000000 e-mail: [email protected] admin-c: CA67-AP tech-c: CA67-AP nic-hdl: AC1600-AP remarks: Generated from irt object IRT-CHINANET-FJ remarks: [email protected] was validated on 2025-11-21 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-21T07:51:11Z source: APNIC role: CHINANETFJ IP ADMIN address: 7,East Street,Fuzhou,Fujian,PRC country: CN phone: +86-591-83309761 fax-no: +86-591-83371954 e-mail: [email protected] remarks: send spam reports and abuse reports remarks: to [email protected] remarks: Please include detailed information and remarks: times in UTC admin-c: FH71-AP tech-c: FH71-AP nic-hdl: CA67-AP remarks: www.fjtelecom.com notify: [email protected] mnt-by: MAINT-CHINANET-FJ last-modified: 2011-12-06T00:10:50Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 4 threat reports