IOC Radar
IPMediumSignal 87/100

202.107.207.226

Location
ChinaChina
Hangzhou, Zhejiang
ASN
AS4134
Zhejiang Postal Bureau
First Seen
Aug 26, 2020
Last Seen
Jun 9, 2026
Aug 26
First Seen
2127d ago
Jun 9
Last Seen
14d ago
24
Reports
source reports
87%
Confidence
medium
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
87%
Signal Score
87 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryCNChina
RegionHangzhou, Zhejiang
ASNAS4134
OrganizationZhejiang Postal Bureau

Feed Intelligence Summary

24 reports87% confidence
24
Source reports
87%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbhoney honeypotaptasiaattackauthentication attemptbad reputationbotnetbotnet activitybrute forcebrute force attackbrute-forcechinacisco devicecisco device attackcisco device targetingcisco exploitationcisco exploitation attemptscncommand and controlcommunication protocolconpot activityconpot attackconpot honeypotcowrie activitycowrie attackcowrie datacowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdecoy systemdenial of servicedevice managementdionaea activitydionaea attackdionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexfiltrationexploitation activityexploited hostftp brute forceftp brute-forcehackingheralding activityhoneytrap honeypothttp scannerhttp scanningics securityics/scada attackidentity & access exploitationindicatorindustrial control systemsinitial accessinternet of thingsintrusion detectioniot botnetiot securityiot targetediot/ics attacklamplamp exploitationlamp exploitation attemptslamp server attacklateral movementlogin attemptmailoney attackmailoney honeypotmalicious activitymalicious email detectionmalicious network activitymalwaremalware behaviourmalware capturemirai botnetnetworknetwork attacksnetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitypassword attackpassword attacksphishingphishing attackphishing trappossible mirai variantprotocol exploitationreconnaissanceredis honeypotremote access attemptremote service exploitationresearchedresource hijackingscanscannerscanning activityscripting attackssecurity policysentrypeer botnetservice scansftp access attemptsftp activitysftp attacksftp attemptsip brute forcesip scanningsmtp enumerationsmtp traffic analysissocial engineeringssh attackssh monitoringt1021t1040t1041t1046t1059t1059.007t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1496t1499.001t1499.002t1499.003t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp/23tcp/80telecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeudp port scanunauthorized accessvoipvoip attackvulnerability scanweb app attackweb application attackweb application scanningweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Jun 9Jun 9

Threat Activity Heatmap

· Peak: 2026-06-09
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
87
SIGNAL
Signal Score
87%
Confidence
24
Reports
First seenAug 26, 2020
Last seenJun 9, 2026
GeolocationCN
CountryChina
LocationHangzhou, Zhejiang
ASNAS4134
OrgZhejiang Postal Bureau
Coords30.0464, 119.9540

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 14 days ago
Appeared in 24 threat reports