IOC Radar
IPMediumSignal 44/100

112.46.213.96

Location
ChinaChina
Guangzhou, Shaanxi
ASN
AS9808
China Mobile Communications Corporation
First Seen
Jul 13, 2024
Last Seen
May 29, 2026
Jul 13
First Seen
710d ago
May 29
Last Seen
24d ago
8
Reports
source reports
44%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

15 techniques

Network Information

CountryCNChina
RegionGuangzhou, Shaanxi
ASNAS9808
OrganizationChina Mobile Communications Corporation

Feed Intelligence Summary

8 reports44% confidence
8
Source reports
44%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbad web botbotnet activitybrute forcebrute force attackbrute-forcechinacncredential accesscredential harvestingcredential stuffingddosdenial of serviceexploitexploitation activityexploited hosthackingidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceiot securityiot targetedmanualnetworkpassword attacksphishingphishing attackransomwarereconnaissanceresearchedscannersocial engineeringsocradar honeypotspamssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1566.001t1566.002t1566.003t1587.001t1590.001t1595.001t1595.002t1595.003tpotvulnerability scanvulnerability-exploitationweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 29May 29

Threat Activity Heatmap

· Peak: 2026-05-29
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
8
Reports
First seenJul 13, 2024
Last seenMay 29, 2026
GeolocationCN
CountryChina
LocationGuangzhou, Shaanxi
ASNAS9808
OrgChina Mobile Communications Corporation
Coords33.9170, 106.5250

VirusTotal

Not checked

WHOIS

description
Score: 65/100. Labels: abuseipdb:brute-force, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:iot-targeted, abuseipdb:moderate, abuseipdb:multi-reported. 112.46.213.96 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, exploited-host, hacking).
raw
inetnum: 112.0.0.0 - 112.63.255.255 netname: CMNET descr: China Mobile Communications Corporation descr: Mobile Communications Network Operator in China descr: Internet Service Provider in China country: CN org: ORG-CMCC1-AP admin-c: ct74-AP tech-c: HL1318-AP abuse-c: AC1895-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CN-CMCC mnt-routes: MAINT-CN-CMCC mnt-irt: IRT-CHINAMOBILE2-CN last-modified: 2020-12-15T02:55:47Z source: APNIC irt: IRT-CHINAMOBILE2-CN address: China Mobile Communications Corporation address: 29, Jinrong Ave., Xicheng District, Beijing, 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ct74-AP tech-c: CT74-AP auth: # Filtered remarks: [email protected] was validated on 2026-03-23 mnt-by: MAINT-CN-CMCC last-modified: 2026-03-23T00:47:51Z source: APNIC organisation: ORG-CMCC1-AP org-name: China Mobile Communications Corporation org-type: LIR country: CN address: 29,Jinrong Ave., address: Xicheng District, phone: +861052686688 fax-no: +861052616187 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:14:58Z source: APNIC role: ABUSE CHINAMOBILE2CN country: ZZ address: China Mobile Communications Corporation address: 29, Jinrong Ave., Xicheng District, Beijing, 100032 phone: +000000000 e-mail: [email protected] admin-c: ct74-AP tech-c: CT74-AP nic-hdl: AC1895-AP remarks: Generated from irt object IRT-CHINAMOBILE2-CN remarks: [email protected] was validated on 2026-03-23 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-03-23T00:48:00Z source: APNIC role: chinamobile tech address: 29, Jinrong Ave.,Xicheng district address: Beijing country: CN phone: +86 5268 6688 fax-no: +86 5261 6187 e-mail: [email protected] admin-c: HL1318-AP tech-c: HL1318-AP nic-hdl: ct74-AP notify: [email protected] mnt-by: MAINT-cn-cmcc abuse-mailbox: [email protected] last-modified: 2016-11-29T09:37:27Z source: APNIC person: haijun li nic-hdl: HL1318-AP e-mail: [email protected] address: 29,Jinrong Ave, Xicheng district,beijing,100032 phone: +86 1052686688 fax-no: +86 10 52616187 country: CN mnt-by: MAINT-CN-CMCC abuse-mailbox: [email protected] last-modified: 2016-11-29T09:38:38Z source: APNIC route: 112.40.0.0/13 descr: China Mobile communications corporation origin: AS9808 mnt-by: MAINT-CN-CMCC last-modified: 2009-10-20T07:00:15Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 24 days ago
Appeared in 8 threat reports