IOC Radar
IPMediumSignal 59/100

123.175.98.221

Location
ChinaChina
Taiyuan, SX
ASN
AS4134
Sxtybas
First Seen
Feb 16, 2025
Last Seen
Apr 6, 2026
Feb 16
First Seen
482d ago
Apr 6
Last Seen
69d ago
9
Reports
source reports
59%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryCNChina
RegionTaiyuan, SX
ASNAS4134
OrganizationSxtybas

Feed Intelligence Summary

9 reports59% confidence
9
Source reports
59%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaptarmasiabad reputationbotnetbotnet activitybrute forcebrute force attemptchinacncommand and controlcommunication protocolcredential accesscredential stuffingctadata exfiltrationdata store exposureddosddos attacksdecoy systemdistributed attackselfexecutable fileexploitation activityidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetmozinetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyservice scant1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.002t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat intelligencethreat preventiontor node

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

· Peak: 2026-04-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
9
Reports
First seenFeb 16, 2025
Last seenApr 6, 2026
GeolocationCN
CountryChina
LocationTaiyuan, SX
ASNAS4134
OrgSxtybas
Coords39.3144, 112.4197

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 123.175.96.0 - 123.175.127.255 netname: sxtybas country: CN descr: shanxi telecom taiyuan branch ip node links to customer ip address admin-c: sa49-ap tech-c: st53-ap status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CHINANET-SX last-modified: 2009-04-17T08:20:19Z source: APNIC person: shanxitele admin nic-hdl: SA49-AP e-mail: [email protected] address: no.217 nanneihuan street address: taiyuan city 030012 phone: +86-351-5609863 fax-no: +86-351-5609868 country: cn mnt-by: MAINT-CHINANET-SX last-modified: 2008-09-04T08:55:34Z source: APNIC person: shanxitele tech nic-hdl: ST53-AP e-mail: [email protected] address: no.217 nanneihuan street address: taiyuan city 030012 phone: +86-351-5609963 fax-no: +86-351-5609868 country: cn mnt-by: MAINT-CHINATELECOM-SX last-modified: 2008-09-04T07:31:30Z source: APNIC
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 9 threat reports