IOC Radar
IPMediumSignal 74/100

218.104.149.60

Location
ChinaChina
Jinrongjie, Beijing
ASN
AS4837
China Unicom CncNet
First Seen
Nov 26, 2023
Last Seen
Feb 15, 2026
Nov 26
First Seen
927d ago
Feb 15
Last Seen
115d ago
11
Reports
source reports
74%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryCNChina
RegionJinrongjie, Beijing
ASNAS4837
OrganizationChina Unicom CncNet

Feed Intelligence Summary

11 reports74% confidence
11
Source reports
74%
Confidence score
Category tags
active scanningasiaattackaustraliaauto-generated securitybad web botbotnetbrute forcebrute force attackbrute force attacksc2chinacisco devicecommand and controlcommunication protocolcommunication technologiescompromised hostcowrie honeypotcredential accesscredential stuffingdata exfiltrationddosddos attackdecoy systemdenial of servicedetected botnet activitydevice managementdionaea honeypotdistributed attacksenterprise networkingexploit attemptsfattftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp scannerhttp scanninghttps scanningindicatorinitial accesslamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionmalware propagationmalware scanningmobile carriersmobile networksnetworknetwork communicationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork scanningnetwork securityoceaniap0fpassword attacksphishing attackphishing trappotential threat actorprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingscannersensor-taggedsentrypeer botnetsftp attacksmtpsmtp brute forcesql injection attemptsssh attackssh monitoringt1021t1021.001t1040t1041t1046t1053t1055t1056t1059t1071t1071.001t1076t1078t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1571t1573t1588t1595t1595.001t1595.002t1595.003tannertelecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetpotvoipvoip attackweb traffic

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
11
Reports
First seenNov 26, 2023
Last seenFeb 15, 2026
GeolocationCN
CountryChina
LocationJinrongjie, Beijing
ASNAS4837
OrgChina Unicom CncNet
Coords39.9073, 116.3580

VirusTotal

Not checked

WHOIS

raw
inetnum: 218.104.144.0 - 218.104.159.255 netname: UNICOM-HN country: CN descr: China Unicom Hunan provincial network descr: China Unicom admin-c: CH455-AP tech-c: CH455-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CNCGROUP mnt-lower: MAINT-CNCGROUP-HN last-modified: 2009-03-31T03:26:01Z source: APNIC role: CNCGroup Hostmaster e-mail: [email protected] address: No.156,Fu-Xing-Men-Nei Street, address: Beijing,100031,P.R.China nic-hdl: CH455-AP phone: +86-10-82993155 fax-no: +86-10-82993102 country: CN admin-c: CH444-AP tech-c: CH444-AP mnt-by: MAINT-CNCGROUP last-modified: 2017-08-17T06:13:15Z source: APNIC route: 218.104.144.0/20 descr: China Unicom China169 Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2017-05-12T06:24:07Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 3 months ago
Appeared in 11 threat reports