IOC Radar
IPMediumSignal 47/100

171.37.47.136

Location
ChinaChina
Liuchow, GX
ASN
AS4837
China Unicom Guangxi Province Network
First Seen
Oct 24, 2024
Last Seen
Apr 28, 2026
Oct 24
First Seen
598d ago
Apr 28
Last Seen
47d ago
6
Reports
source reports
47%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryCNChina
RegionLiuchow, GX
ASNAS4837
OrganizationChina Unicom Guangxi Province Network

Feed Intelligence Summary

6 reports47% confidence
6
Source reports
47%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute-forcebrute-force attackchinacncommand and controlcowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdecoy systemdenial of servicedistributed attacksexploitationexploitation activityexploited hosthackinghoneytrap honeypotidentity & access exploitationindicatorinjection activitylamplamp stack targetingmailoney honeypotmalicious activitymalicious emailmalicious login attemptsmalicious softwaremalwarenetworknetwork discoverynetwork intrusionnetwork scanningpassword attackpassword attacksphishingphishing attackphishing trapprocess injectionreconnaissanceresearchedscannerscanning activitysftp attacksocial engineeringsql injectionssh attackssh monitoringt1021t1041t1055t1059t1059.004t1068t1071t1071.001t1071.004t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003targeting databasetelecommunicationsthreat actorthreat detectiontor nodeunauthorized accessweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
6
Reports
First seenOct 24, 2024
Last seenApr 28, 2026
GeolocationCN
CountryChina
LocationLiuchow, GX
ASNAS4837
OrgChina Unicom Guangxi Province Network
Coords22.2620, 109.5540

VirusTotal

Not checked

WHOIS

description
2025-03-05T16:19:39.000Z Honeypot : Mailoney : Source: 171.37.47.136 : Port: 25 : Data: help
raw
inetnum: 171.36.0.0 - 171.39.255.255 netname: UNICOM-GX descr: China Unicom GuangXi province network descr: China Unicom descr: No.21,Ji-Rong Street, descr: Beijing 100033 country: CN admin-c: CH455-AP tech-c: RP181-AP abuse-c: AC1718-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CNCGROUP-GX mnt-routes: MAINT-CNCGROUP-RR mnt-irt: IRT-CU-CN last-modified: 2025-01-22T13:19:38Z source: APNIC irt: IRT-CU-CN address: No.21,Financial Street address: Beijing,100033 address: P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP auth: # Filtered remarks: [email protected] was validated on 2025-10-17 mnt-by: MAINT-CNCGROUP last-modified: 2025-11-18T00:26:20Z source: APNIC role: ABUSE CUCN country: ZZ address: No.21,Financial Street address: Beijing,100033 address: P.R.China phone: +000000000 e-mail: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP nic-hdl: AC1718-AP remarks: Generated from irt object IRT-CU-CN remarks: [email protected] was validated on 2025-10-17 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-10-17T02:26:56Z source: APNIC role: CNCGroup Hostmaster e-mail: [email protected] address: No.156,Fu-Xing-Men-Nei Street, address: Beijing,100031,P.R.China nic-hdl: CH455-AP phone: +86-10-82993155 fax-no: +86-10-82993102 country: CN admin-c: CH444-AP tech-c: CH444-AP mnt-by: MAINT-CNCGROUP last-modified: 2017-08-17T06:13:15Z source: APNIC person: runkeng pan nic-hdl: RP181-AP e-mail: [email protected] address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China phone: +86-20-22214174 fax-no: +86-20-22212266-4174 country: CN mnt-by: MAINT-CNCGROUP-GD last-modified: 2015-12-16T03:32:02Z source: APNIC route: 171.36.0.0/14 descr: China Unicom Guangxi Province Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2011-03-23T06:06:01Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 6 threat reports