IOC Radar
IPMediumSignal 24/100

1.205.54.8

Location
ChinaChina
Guiyang, HL
ASN
AS4134
Chinanet GZ
First Seen
Apr 16, 2025
Last Seen
Apr 8, 2026
Apr 16
First Seen
424d ago
Apr 8
Last Seen
67d ago
6
Reports
source reports
24%
Confidence
medium
1/91
VirusTotal
detections
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryCNChina
RegionGuiyang, HL
ASNAS4134
OrganizationChinanet GZ

Feed Intelligence Summary

6 reports24% confidence
6
Source reports
24%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiabad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptchinacommand and controlcommunication protocolcommunication technologiescredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedistributed attacksexploit attemptsexploitation activityftp brute forcehttp brute forceidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklateral movementmalicious softwaremalwaremalware propagationmalware scanningmirai botnetmobile carriersmobile networksnetworknetwork attacksnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedscanscannersecurity policyservice scansmtp brute forcesql injection attemptsssh attackt1021t1021.001t1021.002t1040t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltelecom servicestelecommunicationstelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Apr 8Apr 8

Threat Activity Heatmap

· Peak: 2026-04-08
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
6
Reports
First seenApr 16, 2025
Last seenApr 8, 2026
GeolocationCN
CountryChina
LocationGuiyang, HL
ASNAS4134
OrgChinanet GZ
Coords46.3708, 129.0262

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

raw
inetnum: 1.204.0.0 - 1.207.255.255 netname: CHINANET-GZ descr: CHINANET GUIZHOU PROVINCE NETWORK descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: DL72-AP tech-c: DL72-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- notify: [email protected] mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-GZ mnt-routes: MAINT-CHINANET-GZ mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:34Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC person: dan lu nic-hdl: DL72-AP e-mail: [email protected] address: 3. east yanan road of guiyang address: 550001 china phone: +86-851-6861469 fax-no: +86-851-6857020 country: CN mnt-by: MAINT-CHINANET-GUIZHOU last-modified: 2021-03-10T06:36:56Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 6 threat reports