IOC Radar
IPMediumSignal 44/100

60.174.74.242

Location
ChinaChina
Hefei, AH
ASN
AS4134
Chinanet AH
First Seen
Apr 30, 2025
Last Seen
Apr 14, 2026
Apr 30
First Seen
409d ago
Apr 14
Last Seen
59d ago
6
Reports
source reports
44%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

9 techniques

Network Information

CountryCNChina
RegionHefei, AH
ASNAS4134
OrganizationChinanet AH

Feed Intelligence Summary

6 reports44% confidence
6
Source reports
44%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningasiabad reputationbrute forcebrute force attackchinacloud infrastructurecloud infrastructure attackcloud servicescredential accesscredential stuffingdecoy systemexploitation activityhackingidentity & access exploitationindicatormssqlnetworknetwork scanningpassword attacksreconnaissanceresearchedresource hijackingscannerscannerst1078t1110.001t1110.002t1110.003t1110.004t1496t1595.001t1595.002t1595.003threat intelligence

Activity Timeline

1 total obs
Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
6
Reports
First seenApr 30, 2025
Last seenApr 14, 2026
GeolocationCN
CountryChina
LocationHefei, AH
ASNAS4134
OrgChinanet AH
Coords33.8800, 115.7688

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MSSQL on Vultr Melbourne (Australia) honeypot
raw
inetnum: 60.166.0.0 - 60.175.255.255 netname: CHINANET-AH descr: CHINANET anhui province network descr: China Telecom descr: A12,Xin-Jie-Kou-Wai Street descr: Beijing 100088 country: CN admin-c: CH93-AP tech-c: JW89-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-AH mnt-routes: MAINT-CHINANET-AH mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:35Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-13 mnt-by: MAINT-CHINANET last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-11-13 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-13T14:15:15Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC person: Jinneng Wang address: 17/F, Postal Building No.120 Changjiang address: Middle Road, Hefei, Anhui, China country: CN phone: +86-551-2659073 fax-no: +86-551-2659287 e-mail: [email protected] nic-hdl: JW89-AP mnt-by: MAINT-CHINANET-AH last-modified: 2014-02-21T01:19:43Z source: APNIC
references
https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-08/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrmelbournetest-mssql-bruteforce-ip-list-2026-04-08/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 6 threat reports