IOC Radar
IPHighVerifiedSignal 36/100

222.66.59.68

Location
ChinaChina
Shanghai, SH
ASN
AS4812
Intel China Ltd.
First Seen
Apr 9, 2026
Last Seen
Apr 14, 2026
Apr 9
First Seen
65d ago
Apr 14
Last Seen
59d ago
4
Reports
source reports
36%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

9 techniques

Network Information

CountryCNChina
RegionShanghai, SH
ASNAS4812
OrganizationIntel China Ltd.

Feed Intelligence Summary

4 reports36% confidence
4
Source reports
36%
Confidence score
Category tags
account compromiseactive scanactive scanningasiabrute forcebrute force attackchinacloud infrastructurecloud infrastructure attackcloud servicescredential accesscredential stuffingdecoy systemexploitation activityidentity & access exploitationindicatormssqlnetworknetwork scanningpassword attacksreconnaissanceresearchedresource hijackingscannerst1078t1110.001t1110.002t1110.003t1110.004t1496t1595.001t1595.002t1595.003threat intelligence

Activity Timeline

1 total obs
Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
4
Reports
First seenApr 9, 2026
Last seenApr 14, 2026
Verified IOC
GeolocationCN
CountryChina
LocationShanghai, SH
ASNAS4812
OrgIntel China Ltd.
Coords31.0442, 121.4054

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MSSQL on Vultr Melbourne (Australia) honeypot
raw
inetnum: 222.66.59.68 - 222.66.59.71 netname: INTEL-CHINA-LTD descr: Intel China Ltd. country: CN admin-c: TZB3-AP tech-c: TZB3-AP mnt-by: MAINT-CHINANET-SH status: ASSIGNED NON-PORTABLE last-modified: 2008-09-04T07:01:48Z source: APNIC person: Tang Zhi Bo address: 22F, No.229, Yan'an Rd.(W), Shanghai country: CN phone: +86-21-52574545-1649 fax-no: +86-21-52574545 e-mail: [email protected] nic-hdl: TZB3-AP mnt-by: MAINT-CHINANET-SH last-modified: 2008-09-04T07:34:28Z source: APNIC
references
https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-08/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrmelbournetest-mssql-bruteforce-ip-list-2026-04-08/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 months ago · Last seen 1 month ago
Appeared in 4 threat reports