IOC Radar
IPMediumSignal 42/100

123.160.172.94

Location
ChinaChina
Guancheng, Henan
ASN
AS4134
Chinanet HA
First Seen
Feb 11, 2024
Last Seen
Apr 23, 2026
Feb 11
First Seen
866d ago
Apr 23
Last Seen
64d ago
7
Reports
source reports
42%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

6 techniques

Network Information

CountryCNChina
RegionGuancheng, Henan
ASNAS4134
OrganizationChinanet HA

Feed Intelligence Summary

7 reports42% confidence
7
Source reports
42%
Confidence score
Category tags
active scanactive scanningasiachinaddosdenial of serviceexploitexploitation activityexploited hosthackingindicatornetworkreconnaissanceresearchedscannert1190t1203t1499.001t1595.001t1595.002t1595.003tpotvulnerability scanvulnerability-exploitationweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
7
Reports
First seenFeb 11, 2024
Last seenApr 23, 2026
GeolocationCN
CountryChina
LocationGuancheng, Henan
ASNAS4134
OrgChinanet HA
Coords34.6800, 113.5344

VirusTotal

Not checked

WHOIS

description
Score: 50/100. Labels: abuseipdb:brute-force, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:low, abuseipdb:port-scan, abuseipdb:reported. 123.160.172.94 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, exploited-host, hacking).
raw
inetnum: 123.160.0.0 - 123.163.255.255 netname: CHINANET-HA descr: CHINANET henan province network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: HZ149-AP tech-c: HZ149-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: Henan Telecom Corporation hostmaster remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-HA mnt-routes: MAINT-CHINANET-HA mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:05:12Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-13 mnt-by: MAINT-CHINANET last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-11-13 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-13T14:15:15Z source: APNIC person: Hongbiao Zhang nic-hdl: HZ149-AP e-mail: [email protected] address: 97# Zhongyuan Street, Zhengzhou City, China phone: +86 371 65310018 fax-no: +86 371 65310015 country: CN mnt-by: MAINT-CHINANET-HA last-modified: 2008-09-04T07:29:40Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 7 threat reports