IOC Radar
IPMediumSignal 74/100

147.45.124.196

Location
United StatesUnited States
Fremont, California
ASN
AS400992
Huize Holdings LLC
First Seen
Jun 9, 2024
Last Seen
May 4, 2026
Jun 9
First Seen
734d ago
May 4
Last Seen
40d ago
10
Reports
source reports
74%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryUSUnited States
RegionFremont, California
ASNAS400992
OrganizationHuize Holdings LLC

IP Category

Proxy
Proxy server

Feed Intelligence Summary

10 reports74% confidence
10
Source reports
74%
Confidence score
Category tags
active scanbad web botbotnet activitybrute forcebrute force attackerbrute-forcebruteforcecowrieddosddos attackdigital oceandionaeaeurope/asiaexploitation activityfatthackingnetworknorth americap0fping of deathportscanproxyresearchedrussiascannerscannerssensor-taggedservice scantannertpotunited statesusvultrweb app attack

Activity Timeline

1 total obs
May 4May 4

Threat Activity Heatmap

· Peak: 2026-05-04
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
10
Reports
First seenJun 9, 2024
Last seenMay 4, 2026
GeolocationUS
CountryUnited States
LocationFremont, California
ASNAS400992
OrgHuize Holdings LLC
Coords55.7386, 37.6068
Proxy

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw
inetnum: 147.45.124.0 - 147.45.124.255 netname: sixtwoyun-hosting org: ORG-HHL15-RIPE country: US geofeed: https://62yun.co/geofeed.csv geoloc: 37.47 -121.91 admin-c: HHN35-RIPE tech-c: HHN35-RIPE status: ASSIGNED PA mnt-by: mnt-ru-am-1 mnt-by: FREENET-MNT created: 2024-03-15T14:05:37Z last-modified: 2024-12-20T06:33:19Z source: RIPE organisation: ORG-HHL15-RIPE org-name: Huize Holdings LLC country: KG org-type: OTHER address: Kyrgiz Republic, Gorkova st, 108 abuse-c: ACRO49689-RIPE mnt-ref: interlir-mnt mnt-ref: ru-avm-1-mnt mnt-ref: AM-VDS mnt-ref: soltia mnt-ref: lir-hk-lir-1-MNT mnt-ref: HUIZE-HOLDING-MNT mnt-by: HUIZE-HOLDING-MNT created: 2023-06-08T04:58:57Z last-modified: 2025-06-28T06:17:33Z source: RIPE # Filtered role: Huize Holdings NOC address: Kyrgiz Republic, Gorkova st, 108 nic-hdl: HHN35-RIPE mnt-by: HUIZE-HOLDING-MNT created: 2023-06-08T05:00:16Z last-modified: 2023-06-08T05:00:16Z source: RIPE # Filtered route: 147.45.124.0/24 origin: AS211849 mnt-by: mnt-ru-am-1 created: 2024-03-15T14:06:15Z last-modified: 2024-11-13T20:27:04Z source: RIPE route: 147.45.124.0/24 origin: AS400992 mnt-by: mnt-ru-am-1 created: 2024-11-14T04:55:02Z last-modified: 2024-11-14T04:55:02Z source: RIPE
references
https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 10 threat reports