IOC Radar
IPHighVerifiedSignal 61/100

121.56.191.78

Location
ChinaChina
Tongliao, BJ
ASN
AS4134
Neimeng Network of ChinaTelecom
First Seen
Apr 13, 2025
Last Seen
Feb 13, 2026
Apr 13
First Seen
427d ago
Feb 13
Last Seen
120d ago
5
Reports
source reports
61%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryCNChina
RegionTongliao, BJ
ASNAS4134
OrganizationNeimeng Network of ChinaTelecom

Feed Intelligence Summary

5 reports61% confidence
5
Source reports
61%
Confidence score
Category tags
abuseaccess controlactive scanningasiabotnetbrute forcebrute force attemptchinacommand and controlcommunication protocolcredential accessdata exfiltrationddos attacksdecoy systemdistributed attacksindicatorinitiator ipinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.002t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationstelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Feb 13Feb 13

Threat Activity Heatmap

· Peak: 2026-02-13
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
5
Reports
First seenApr 13, 2025
Last seenFeb 13, 2026
Verified IOC
GeolocationCN
CountryChina
LocationTongliao, BJ
ASNAS4134
OrgNeimeng Network of ChinaTelecom
Coords39.9285, 116.3850

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 4 months ago
Appeared in 5 threat reports