IOC Radar
IPMediumSignal 100/100

202.96.99.82

Location
ChinaChina
Hangzhou, Zhejiang
ASN
AS4134
ZheJiang RongDa Education Develop Group Corp
First Seen
Aug 26, 2020
Last Seen
Mar 27, 2026
Aug 26
First Seen
2127d ago
Mar 27
Last Seen
88d ago
29
Reports
source reports
99%
Confidence
medium
Found in 29 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryCNChina
RegionHangzhou, Zhejiang
ASNAS4134
OrganizationZheJiang RongDa Education Develop Group Corp

Feed Intelligence Summary

29 reports99% confidence
29
Source reports
99%
Confidence score
Category tags
access controlactive scanactive scanningasiaattackauthentication attemptbad reputationblacklisted ipbotnetbotnet activitybrute forcebrute force attackbrute force attemptchinacisco devicecisco device attackcommand and controlcommunication protocolcowrie datacowrie honeypotcredential accesscredential stuffingdata exfiltrationddosddos attackddos attacksdecoy systemdenial of servicedevice managementdistributed attacksenterprise networkingexploitation attemptexploited hostftp brute forceftp brute-forcehackinghttp scanninghttps scanningidentity & access exploitationindicatorinternet of thingsintrusion detectioniociot botnetiot device targetingiot/ics attacklateral movementloginlogin attacklogin attemptmalaysiamalicious activitymalicious file transfermalicious softwaremalwaremirai botnetnetworknetwork activitynetwork attacksnetwork infrastructurenetwork intrusionnetwork scannetwork scanningnetwork securitynetwork service scanningopenctipassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessremote access attemptresearchedrtbhscanscannerscannerssecurity operationssecurity policysftp attackssh attackssh monitoringt1016t1021t1021.002t1021.004t1040t1041t1046t1053t1055t1059t1059.004t1068t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat intelligencethreat preventionudp port scanunauthorized accessunauthorized access attemptsvpn ipweb application attackweb exploitation

Activity Timeline

1 total obs
Mar 27Mar 27

Threat Activity Heatmap

· Peak: 2026-03-27
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
29
Reports
First seenAug 26, 2020
Last seenMar 27, 2026
GeolocationCN
CountryChina
LocationHangzhou, Zhejiang
ASNAS4134
OrgZheJiang RongDa Education Develop Group Corp
Coords30.0464, 119.9540

VirusTotal

Not checked

WHOIS

description
SSH honeypot detected IP

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 2 months ago
Appeared in 29 threat reports