IOC Radar
IPMediumSignal 68/100

123.160.175.142

Location
ChinaChina
Guancheng, HA
ASN
AS4134
Chinanet HA
First Seen
Oct 30, 2024
Last Seen
May 31, 2026
Oct 30
First Seen
592d ago
May 31
Last Seen
14d ago
6
Reports
source reports
68%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

4 techniques

Network Information

CountryCNChina
RegionGuancheng, HA
ASNAS4134
OrganizationChinanet HA

Feed Intelligence Summary

6 reports68% confidence
6
Source reports
68%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbrute forcebrute force attackerbrute-forcechinacnexploitation activityexploited hosthackinginbound scanindicatornetworkportscanreconnaissanceresearchedscannerscannersservice scant1595t1595.001t1595.002t1595.003vultr

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
6
Reports
First seenOct 30, 2024
Last seenMay 31, 2026
GeolocationCN
CountryChina
LocationGuancheng, HA
ASNAS4134
OrgChinanet HA
Coords34.6800, 113.5344

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw
inetnum: 123.160.0.0 - 123.163.255.255 netname: CHINANET-HA descr: CHINANET henan province network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: HZ149-AP tech-c: HZ149-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: Henan Telecom Corporation hostmaster remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-HA mnt-routes: MAINT-CHINANET-HA mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:05:12Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-13 mnt-by: MAINT-CHINANET last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-11-13 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-13T14:15:15Z source: APNIC person: Hongbiao Zhang nic-hdl: HZ149-AP e-mail: [email protected] address: 97# Zhongyuan Street, Zhengzhou City, China phone: +86 371 65310018 fax-no: +86 371 65310015 country: CN mnt-by: MAINT-CHINANET-HA last-modified: 2008-09-04T07:29:40Z source: APNIC
references
https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 14 days ago
Appeared in 6 threat reports