IOC Radar
IPMediumSignal 73/100

116.179.32.16

Location
ChinaChina
Jinrongjie, Beijing
ASN
AS4837
China United Network Communications Corporation Limited
First Seen
Sep 1, 2020
Last Seen
May 31, 2026
Sep 1
First Seen
2111d ago
May 31
Last Seen
13d ago
12
Reports
source reports
73%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryCNChina
RegionJinrongjie, Beijing
ASNAS4837
OrganizationChina United Network Communications Corporation Limited

Feed Intelligence Summary

12 reports73% confidence
12
Source reports
73%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbad web botbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcechinacncredential accesscredential stuffingddosddos attackdenial of serviceexploitation activityexploited hostftp brute-forcehackingidentity & access exploitationindicatorinjection activityiot securityiot targetednetworkopenctipassword attacksphishingping of deathreconnaissanceresearchedscannersql injectionsshssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003targeting databasewebweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
12
Reports
First seenSep 1, 2020
Last seenMay 31, 2026
GeolocationCN
CountryChina
LocationJinrongjie, Beijing
ASNAS4837
OrgChina United Network Communications Corporation Limited
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected performing web attacks against Cloudflare honeypot edge
raw
inetnum: 116.128.0.0 - 116.191.255.255 netname: UNICOM descr: China United Network Communications Corporation Limited descr: No.21 Financial Street,Xicheng District, Beijing 100140 ,P.R.China country: CN admin-c: XZ67-AP tech-c: XZ67-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-UNICOM-CN last-modified: 2021-11-02T07:48:23Z source: APNIC irt: IRT-UNICOM-CN address: No.21 Financial Street,Xicheng District, address: Beijing 100140 ,P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: YW6851-AP tech-c: YW6851-AP remarks: [email protected] was validated on 2025-10-17 auth: # Filtered mnt-by: MAINT-CNNIC-AP last-modified: 2025-11-18T00:34:56Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-19T17:20:32Z source: APNIC person: Xiaomin Zhou address: No.21 Financial Street,Xicheng District, Beijing 100140 ,P.R.China country: CN phone: +86-10-66259626 fax-no: +86-10-66259626 e-mail: [email protected] nic-hdl: XZ67-AP mnt-by: MAINT-CNNIC-AP last-modified: 2009-06-17T02:45:23Z source: APNIC route: 116.128.0.0/10 descr: China Unicom CHINA169 Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2017-10-20T06:12:02Z source: APNIC
references
https://jamesbrine.com.au/cfglobal-web-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 13 days ago
Appeared in 12 threat reports