IOC Radar
IPMediumSignal 100/100

139.198.2.41

Location
ChinaChina
Longtan, Beijing
ASN
AS59078
Yunify Technologies Inc.
First Seen
Sep 10, 2024
Last Seen
Feb 15, 2026
Sep 10
First Seen
638d ago
Feb 15
Last Seen
115d ago
22
Reports
source reports
99%
Confidence
medium
1/91
VirusTotal
detections
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryCNChina
RegionLongtan, Beijing
ASNAS59078
OrganizationYunify Technologies Inc.

Feed Intelligence Summary

22 reports99% confidence
22
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningasiaattackauthentication attackauthentication attacksauto-generated securitybotnetbrute forcebrute force attackc2 serverchinacncommand and controlcommunication protocolcompromised hostscowrie attackscowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata theftddosddos attackddos attemptdecoy systemdenial of servicedistributed attackseuropefail2ban triggeredftpftp brute forcehackinghoneytrap honeypotindicatorinfrastructure acquisitionreconnaissanceioclampmalicious activitymalicious payloadmalicious softwaremalwaremalware distributionmanualnetworknetwork intrusionnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysispassword attacksphishing attackprocess injectionreconnaissanceremote service exploitationresearchedresource hijackingscannersecurity policysentrypeer attackssentrypeer botnetsftp attacksftp probingsip brute forcesip vulnerability scanningsocial engineeringsocradar honeypotspamssh attackssh monitoringt1018t1021t1021.004t1040t1041t1046t1055t1059t1059.004t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1573t1587.001t1588t1588.002t1590.001t1595t1595.001t1595.002t1595.003tannertanner attackstelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventionunauthorized accessunauthorized access attemptunauthorized access attemptsunited kingdomvoipvoip attackweb brute force

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
22
Reports
First seenSep 10, 2024
Last seenFeb 15, 2026
GeolocationCN
CountryChina
LocationLongtan, Beijing
ASNAS59078
OrgYunify Technologies Inc.
Coords34.7732, 113.7220

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
2024-09-22T14:30:52.000Z Honeypot : Honeytrap : Source: 139.198.2.41 : Port: 2222 Message: {'payload': {'sha512_hash': 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e', 'length': 0, 'md5_hash': 'd41d8cd98f00b204e9800998ecf8427e', 'data_hex': ''}, 'protocol': 'tcp'}
raw
inetnum: 139.198.0.0 - 139.198.255.255 netname: YUNIFY-NET descr: Yunify Technologies Inc. country: CN admin-c: ZM1700-AP tech-c: ZM1700-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-YUNIFY-NET-CN mnt-routes: MAINT-YTL-HK last-modified: 2023-11-28T00:57:06Z source: APNIC irt: IRT-YUNIFY-NET-CN address: 7th Floor, 6th Floor, Building 16, No. 36, Chaolai Science and Technology Industrial Park, Chaoyang District, Beijing e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ZM1700-AP tech-c: ZM1700-AP auth: # Filtered remarks: [email protected] was validated on 2025-06-12 mnt-by: MAINT-CNNIC-AP last-modified: 2025-06-12T02:56:18Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Zhiqiang Ma address: Room 1503, Tower 2, North Star New Era, Beiyuan Road address: Chaoyang District, Beijing, China. country: CN phone: +86-13910911019 e-mail: [email protected] nic-hdl: ZM1700-AP mnt-by: MAINT-CNNIC-AP last-modified: 2016-09-28T02:00:01Z source: APNIC route: 139.198.0.0/16 notify: [email protected] descr: Yunify Technologies Inc. country: CN origin: AS59078 mnt-by: MAINT-YTL-HK last-modified: 2018-01-18T00:40:02Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 22 threat reports