IOC Radar
IPMediumSignal 92/100

106.43.103.67

Location
ChinaChina
Guiyang, SH
ASN
AS4134
Chinanet GZ
First Seen
Nov 25, 2023
Last Seen
Mar 23, 2026
Nov 25
First Seen
928d ago
Mar 23
Last Seen
79d ago
9
Reports
source reports
92%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
92%
Signal Score
92 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryCNChina
RegionGuiyang, SH
ASNAS4134
OrganizationChinanet GZ

Feed Intelligence Summary

9 reports92% confidence
9
Source reports
92%
Confidence score
Category tags
access controlactive scanningasiabotnetbrute forcebrute force attemptchinacommand and controlcommunication protocolcredential accessdata exfiltrationddos attacksdecoy systemdistributed attacksindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.002t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationstelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Mar 23Mar 23

Threat Activity Heatmap

· Peak: 2026-03-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
92
SIGNAL
Signal Score
92%
Confidence
9
Reports
First seenNov 25, 2023
Last seenMar 23, 2026
GeolocationCN
CountryChina
LocationGuiyang, SH
ASNAS4134
OrgChinanet GZ
Coords31.0442, 121.4054

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 106.43.0.0 - 106.43.255.255 netname: CHINANET-GZ descr: HINANET GUIZHOU PROVINCE NETWORK descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: DL72-AP tech-c: DL72-AP abuse-c: AC2536-AP status: ALLOCATED NON-PORTABLE remarks: service provider notify: [email protected] mnt-by: MAINT-CHINANET mnt-lower: MAINT-CHINANET-GZ mnt-routes: MAINT-CHINANET-GZ mnt-irt: IRT-CHINANET-GZ last-modified: 2022-01-12T13:27:27Z source: APNIC irt: IRT-CHINANET-GZ address: WenChang North Road GuiYang County Guizhou Province China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: DL72-AP tech-c: DL72-AP auth: # Filtered remarks: [email protected] was validated on 2025-03-19 mnt-by: MAINT-CHINANET-GZ last-modified: 2025-03-19T07:35:49Z source: APNIC role: ABUSE CHINANETGZ country: ZZ address: WenChang North Road GuiYang County Guizhou Province China phone: +000000000 e-mail: [email protected] admin-c: DL72-AP tech-c: DL72-AP nic-hdl: AC2536-AP remarks: Generated from irt object IRT-CHINANET-GZ remarks: [email protected] was validated on 2025-03-19 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-03-19T07:36:19Z source: APNIC person: dan lu nic-hdl: DL72-AP e-mail: [email protected] address: 3. east yanan road of guiyang address: 550001 china phone: +86-851-6861469 fax-no: +86-851-6857020 country: CN mnt-by: MAINT-CHINANET-GUIZHOU last-modified: 2021-03-10T06:36:56Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 9 threat reports