IPMediumSignal 25/100
175.175.59.92
Location
ChinaShenyang, LN
ASN
AS4837
China Unicom Liaoning Province Network
First Seen
Jun 4, 2025
Last Seen
Apr 1, 2026
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
25%
Signal Score
25 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionShenyang, LN
ASNAS4837
OrganizationChina Unicom Liaoning Province Network
Feed Intelligence Summary
6 reports25% confidence
6
Source reports
25%
Confidence score
Category tags
account compromiseactive scanactive scanningapi abuseaptasiabad reputationbotnetbotnet activitybrute forcebrute force attackchinacommand and controlcredential accesscredential harvestingcredential stuffingdata exfiltrationdata scrapingdata store exposureddosdistributed attacksdos attemptexploitation activityidentity & access exploitationindicatorinjection activitymalicious softwaremalicious urlsmalwarenetworkpassword attacksphishingphishing attackprivilege escalationprocess injectionransomwarereconnaissanceresearchedscanning activitysocial engineeringsocial media threatspamt1055t1059t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1486t1496t1499.002t1499.003t1534t1539t1565t1566t1566.001t1566.002t1566.003t1583t1583.001t1595t1595.001t1595.002t1595.003threat actortor nodeweb application attack
Activity Timeline
Apr 1Apr 1
Threat Activity Heatmap
· Peak: 2026-04-01LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
25
SIGNAL
Signal Score
25%
Confidence
6
Reports
First seenJun 4, 2025
Last seenApr 1, 2026
GeolocationCN
CountryChina
LocationShenyang, LN
ASNAS4837
OrgChina Unicom Liaoning Province Network
Coords41.4533, 122.7776
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 175.160.0.0 - 175.175.255.255 netname: UNICOM-LN descr: CHINA UNICOM Liaoning province network descr: China UNICOM descr: No.21,Jin-Rong Street, descr: Beijing 100140 country: CN admin-c: CH1302-AP tech-c: CH1302-AP abuse-c: AC1718-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CNCGROUP-LN mnt-routes: MAINT-CNCGROUP-RR mnt-irt: IRT-CU-CN last-modified: 2025-01-22T13:06:25Z source: APNIC irt: IRT-CU-CN address: No.21,Financial Street address: Beijing,100033 address: P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP auth: # Filtered remarks: [email protected] was validated on 2025-02-24 mnt-by: MAINT-CNCGROUP last-modified: 2025-02-24T06:16:57Z source: APNIC role: ABUSE CUCN country: ZZ address: No.21,Financial Street address: Beijing,100033 address: P.R.China phone: +000000000 e-mail: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP nic-hdl: AC1718-AP remarks: Generated from irt object IRT-CU-CN remarks: [email protected] was validated on 2025-02-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-24T06:17:45Z source: APNIC person: ChinaUnicom Hostmaster nic-hdl: CH1302-AP e-mail: [email protected] address: No.21,Jin-Rong Street address: Beijing,100033 address: P.R.China phone: +86-10-66259764 fax-no: +86-10-66259764 country: CN mnt-by: MAINT-CNCGROUP last-modified: 2017-08-17T06:13:16Z source: APNIC route: 175.160.0.0/12 descr: China Unicom Liaoning Province Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2010-01-08T05:52:04Z source: APNIC
- references
- https://x.com/romonlyht/status/1930089901355319713, https://x.com/romonlyht/status/1930090175759299067, https://x.com/romonlyht/status/1930093095246540973, https://x.com/romonlyht/status/1930093260338540753, https://x.com/romonlyht/status/1930100358581256552, https://x.com/romonlyht/status/1930100621014597999, https://x.com/romonlyht/status/1930100892625449013, https://x.com/romonlyht/status/1930100890452799517, https://x.com/romonlyht/status/1930106699777519981, https://x.com/romonlyht/status/1930106950026703251, https://x.com/romonlyht/status/1930110184141332699, https://x.com/romonlyht/status/1930110345651335618, https://x.com/romonlyht/status/1930112989157568745, https://x.com/romonlyht/status/1930113150105293087, https://x.com/romonlyht/status/1930124010920259679, https://x.com/romonlyht/status/1930124176641442038, https://x.com/romonlyht/status/1930128438545002857, https://x.com/romonlyht/status/1930128440922874244, https://x.com/romonlyht/status/1930128442923839880, https://x.com/romonlyht/status/1930128950975672664, https://x.com/romonlyht/status/1930128953336824087, https://x.com/romonlyht/status/1930128955358752920, https://x.com/romonlyht/status/1930129183554105491, https://x.com/romonlyht/status/1930131529763828197, https://x.com/romonlyht/status/1930131532817056175, https://x.com/romonlyht/status/1930134389570318746, https://x.com/romonlyht/status/1930134522940797397, https://x.com/romonlyht/status/1930137369992409316, https://x.com/romonlyht/status/1930137542910980219, https://x.com/romonlyht/status/1930141536018411654, https://x.com/romonlyht/status/1930141671213400205, https://x.com/romonlyht/status/1930141887853187475, https://x.com/romonlyht/status/1930144737526452426, https://x.com/romonlyht/status/1930144878320857439, https://x.com/romonlyht/status/1930147749393277110, https://x.com/romonlyht/status/1930147884244385902, https://x.com/romonlyht/status/1930150209214132636, https://x.com/romonlyht/status/1930153833025376759, https://x.com/romonlyht/status/1930153835592593677, https://x.com/romonlyht/status/1930154055143436479, https://x.com/romonlyht/status/1930154252917453050
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 6 threat reports