IOC Radar
IPMediumSignal 26/100

113.92.94.231

Location
ChinaChina
Shenzhen, GD
ASN
AS4134
Chinanet GD
First Seen
Dec 24, 2024
Last Seen
Apr 7, 2026
Dec 24
First Seen
537d ago
Apr 7
Last Seen
69d ago
10
Reports
source reports
26%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
26%
Signal Score
26 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryCNChina
RegionShenzhen, GD
ASNAS4134
OrganizationChinanet GD

Feed Intelligence Summary

10 reports26% confidence
10
Source reports
26%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackaustraliaauthenticationauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptchinacommand and controlcowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredecoy systemdistributed attacksexploitation activityidentity & access exploitationindicatorinjection activitymalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork securityoceaniapassword attackpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersftp attackssh attackssh monitoringt1021.004t1041t1055t1071.001t1078t1078.002t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1555t1565t1589t1589.002t1595.001t1595.002t1595.003threat actorthreat intelligencetor node

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address identified as 113.92.94.231, carries significant implications for organizational security, primarily pointing to potential brute-force activities and scanning attempts. Its presence in security logs or network traffic indicates that an organization could be targeted by or involved in credential attacks, potentially leading to unauthorized access, account compromise, or resource exhaustion. Given its association with general brute-force campaign…

Threat ScoreLow Risk
26
SIGNAL
Signal Score
26%
Confidence
10
Reports
First seenDec 24, 2024
Last seenApr 7, 2026
GeolocationCN
CountryChina
LocationShenzhen, GD
ASNAS4134
OrgChinanet GD
Coords22.5318, 114.1374

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 113.64.0.0 - 113.95.255.255 netname: CHINANET-GD descr: CHINANET Guangdong province network descr: Data Communication Division descr: China Telecom country: CN admin-c: CH93-AP tech-c: IC83-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-GD mnt-routes: MAINT-CHINANET-GD mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:03Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC person: IPMASTER CHINANET-GD nic-hdl: IC83-AP e-mail: [email protected] address: NO.18,RO. ZHONGSHANER,YUEXIU DISTRIC,GUANGZHOU phone: +86-20-87189274 fax-no: +86-20-87189274 country: CN mnt-by: MAINT-CHINANET-GD remarks: IPMASTER is not for spam complaint,please send spam complaint to [email protected] abuse-mailbox: [email protected] last-modified: 2021-05-12T09:06:58Z source: APNIC
references
https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports