IOC Radar
IPMediumSignal 69/100

60.204.201.248

Location
ChinaChina
Shanghai, Shanghai
ASN
AS55990
Huawei Cloud Service
First Seen
Mar 22, 2025
Last Seen
Feb 3, 2026
Mar 22
First Seen
457d ago
Feb 3
Last Seen
140d ago
7
Reports
source reports
69%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountryCNChina
RegionShanghai, Shanghai
ASNAS55990
OrganizationHuawei Cloud Service

Feed Intelligence Summary

7 reports69% confidence
7
Source reports
69%
Confidence score
Category tags
abuseactive scanningasiaauthentication attemptauthentication failurebotnetbrute forcechinacommand and controlcommand executioncredential accessdata access attemptdata exfiltrationdatabase securitydecoy systemdistributed attacksindicatormalicious softwaremalwarenetworknetwork intrusion attemptnetwork scanningnorth americapotential exploitprocess injectionreconnaissanceresearchedscannerscanning activitysecurity operationsserver exploitationt1021.003t1046t1055t1059t1059.004t1059.005t1071.001t1078t1110t1133t1190t1486t1496t1499.002t1499.003t1505.004t1565t1595t1595.001t1595.002t1595.003telecommunicationsthreat intelligenceunited states

Activity Timeline

1 total obs
Feb 3Feb 3

Threat Activity Heatmap

· Peak: 2026-02-03
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
7
Reports
First seenMar 22, 2025
Last seenFeb 3, 2026
GeolocationCN
CountryChina
LocationShanghai, Shanghai
ASNAS55990
OrgHuawei Cloud Service
Coords31.2304, 121.4740

VirusTotal

Not checked

WHOIS

description
Redis brute force authentication activity
raw
inetnum: 60.204.0.0 - 60.204.255.255 netname: HWCSNET descr: Huawei Public Cloud Service (Huawei Software Technologies Ltd.Co) descr: No.2018 Xuegang Road,Bantian street,Longgang District, descr: Shenzhen,Guangdong Province, 518129 P.R.China country: CN admin-c: LL3172-AP tech-c: GX1759-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-CNNIC-CN last-modified: 2022-04-18T05:35:25Z source: APNIC irt: IRT-CNNIC-CN address: Beijing, China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IP50-AP tech-c: IP50-AP auth: # Filtered remarks: Please note that CNNIC is not an ISP and is not remarks: empowered to investigate complaints of network abuse. remarks: Please contact the tech-c or admin-c of the network. mnt-by: MAINT-CNNIC-AP last-modified: 2021-06-16T01:39:57Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Gui xiaowei address: HUAWEI CLOUD Data Center, Jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guizhou Province country: CN phone: +86-18566251984 e-mail: [email protected] nic-hdl: GX1759-AP mnt-by: MAINT-CNNIC-AP last-modified: 2022-04-18T05:32:41Z source: APNIC person: Liu Liqun address: HUAWEI CLOUD Data Center, Jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guizhou Province country: CN phone: +86-13360099887 e-mail: [email protected] nic-hdl: LL3172-AP mnt-by: MAINT-CNNIC-AP last-modified: 2022-04-18T05:33:15Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 7 threat reports