IOC Radar
IPMediumSignal 97/100

60.208.93.202

Location
ChinaChina
Jinan, Shandong
ASN
AS4837
CNC Group CHINA169 Shandong Province Network
First Seen
Jul 3, 2024
Last Seen
Feb 15, 2026
Jul 3
First Seen
721d ago
Feb 15
Last Seen
128d ago
13
Reports
source reports
97%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
97%
Signal Score
97 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryCNChina
RegionJinan, Shandong
ASNAS4837
OrganizationCNC Group CHINA169 Shandong Province Network

Feed Intelligence Summary

13 reports97% confidence
13
Source reports
97%
Confidence score
Category tags
abuseabuseipdbaccessactive scanningasiaattackbotnetbrute forcebrute force attackchinacncommand and controlcommunication protocolconnectcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationddosdecoy systemdionaeadionaea honeypotdistributed attacksemailftp brute forcegroupshoneytrap honeypotindicatorlamplamp exploitation attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork scanningnetwork securitynorth americapassword attacksphishingphishing attackphishing trappotential malware distributionprocess injectionprotocol exploitationreconnaissanceresearchedresource hijackingrtbhscannerscriptsentrypeer botnetsftpsftp attacksipsip brute forcesip scanningslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1016t1018t1021t1040t1041t1046t1053t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1588t1595t1595.001t1595.002t1595.003tcptelecommunicationstelnet threatthreat actorthreat detectionthreat intelligenceunited statesvoipvoip attack

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
97
SIGNAL
Signal Score
97%
Confidence
13
Reports
First seenJul 3, 2024
Last seenFeb 15, 2026
GeolocationCN
CountryChina
LocationJinan, Shandong
ASNAS4837
OrgCNC Group CHINA169 Shandong Province Network
Coords36.6683, 116.9972

VirusTotal

Not checked

WHOIS

description
2025-02-13T16:51:06.487Z Honeypot : Dionaea : Source: 60.208.93.202 : Port: 1723 Connection: {'transport': 'tcp', 'type': 'accept', 'protocol': 'pptpd'}
raw
inetnum: 60.208.93.128 - 60.208.93.255 netname: JNSZNB country: CN descr: JINAN shengzhou Net Bar admin-c: DS95-AP tech-c: DS95-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-CNCGROUP-SD last-modified: 2008-09-04T07:05:14Z source: APNIC person: Data Communication Bureau Shandong nic-hdl: DS95-AP e-mail: [email protected] address: No.77 Jingsan Road,Jinan,Shandong,P.R.China phone: +86-531-6052611 fax-no: +86-531-6052414 country: CN mnt-by: MAINT-CNCGROUP-SD last-modified: 2008-09-04T07:29:49Z source: APNIC route: 60.208.0.0/13 descr: CNC Group CHINA169 Shandong Province Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2008-09-04T07:54:44Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://list.rtbh.com.tr/output.txt, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 4 months ago
Appeared in 13 threat reports