IPMediumSignal 70/100
112.94.96.26
Location
ChinaGuangzhou, Guangdong
ASN
AS17622
China Unicom CHINA169 Guangdong Province Network
First Seen
Jun 2, 2021
Last Seen
Feb 24, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionGuangzhou, Guangdong
ASNAS17622
OrganizationChina Unicom CHINA169 Guangdong Province Network
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
9 reports70% confidence
9
Source reports
70%
Confidence score
Category tags
access controlactive scanningasiablacklist candidateblacklist ipbotnetbrute force attackchinacommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attackshttp scannerindicatorinternet of thingsintrusion detectioniot botnetiot/ics attackmalicious scanmalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork reconnaissancenetwork securitypassword attacksprocess injectionproxyproxy protocolreconnaissancereconnaissance activityresearchedscanscannersecurity policyservice probingt1016t1021t1040t1046t1055t1059t1071t1071.001t1083t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1589t1592t1595t1595.001t1595.002t1595.003tcp protocolthreat intelligencethreat preventionweb traffic
Activity Timeline
Feb 24Feb 24
Threat Activity Heatmap
· Peak: 2026-02-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
9
Reports
First seenJun 2, 2021
Last seenFeb 24, 2026
GeolocationCN
CountryChina
LocationGuangzhou, Guangdong
ASNAS17622
OrgChina Unicom CHINA169 Guangdong Province Network
Coords23.1181, 113.2539
Proxy
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 8080 HTTP and PROXY. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- inetnum: 112.94.0.0 - 112.94.255.255 netname: GuangZhou-unicom descr: United-Communications-Network-Technology-Co-Ltd, GuangZhou country: CN admin-c: CG272-AP tech-c: CG272-AP abuse-c: AC1718-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-CNCGROUP-GD mnt-irt: IRT-CU-CN last-modified: 2025-01-22T13:20:11Z source: APNIC irt: IRT-CU-CN address: No.21,Financial Street address: Beijing,100033 address: P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP auth: # Filtered remarks: [email protected] was validated on 2025-02-24 mnt-by: MAINT-CNCGROUP last-modified: 2025-02-24T06:16:57Z source: APNIC role: ABUSE CUCN country: ZZ address: No.21,Financial Street address: Beijing,100033 address: P.R.China phone: +000000000 e-mail: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP nic-hdl: AC1718-AP remarks: Generated from irt object IRT-CU-CN remarks: [email protected] was validated on 2025-02-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-24T06:17:45Z source: APNIC role: CNCGROUP GD nic-hdl: CG272-AP e-mail: [email protected] address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China phone: +86-20-22214226 fax-no: +86-20-22214228 admin-c: RP181-AP tech-c: RP181-AP country: CN mnt-by: MAINT-CNCGROUP-GD last-modified: 2009-04-14T08:33:40Z source: APNIC route: 112.94.96.0/23 origin: AS17622 descr: China Unicom B811&A1218, China Unicom No.21, Jin-Rong Street mnt-by: MAINT-CNCGROUP-RR last-modified: 2023-06-08T07:54:51Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 years ago · Last seen 3 months ago
Appeared in 9 threat reports