IPMediumSignal 63/100
111.127.233.205
Location
ChinaHaoxinying, NM
ASN
AS4134
Chinanet NM
First Seen
Jul 7, 2025
Last Seen
Nov 24, 2025
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionHaoxinying, NM
ASNAS4134
OrganizationChinanet NM
Feed Intelligence Summary
7 reports63% confidence
7
Source reports
63%
Confidence score
Category tags
abuseaccess controlactive scanningasiabotnetbrute forcebrute force attackbrute force attemptchinacommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attacksindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat prevention
Activity Timeline
Nov 24Nov 24
Threat Activity Heatmap
· Peak: 2025-11-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
7
Reports
First seenJul 7, 2025
Last seenNov 24, 2025
GeolocationCN
CountryChina
LocationHaoxinying, NM
ASNAS4134
OrgChinanet NM
Coords40.8120, 111.6455
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- inetnum: 111.126.0.0 - 111.127.255.255 netname: CHINANET-NM descr: CHINANET NeiMengGu province network descr: Data Communication Division descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: CH93-AP tech-c: CH93-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- notify: [email protected] mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-NM mnt-routes: MAINT-CHINANET-NM mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:05:56Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 11 months ago · Last seen 6 months ago
Appeared in 7 threat reports