IOC Radar
IPMediumSignal 66/100

182.242.168.151

Location
ChinaChina
Kunming, Yunnan
ASN
AS4134
Chinanet YN
First Seen
Nov 26, 2023
Last Seen
May 30, 2026
Nov 26
First Seen
929d ago
May 30
Last Seen
13d ago
10
Reports
source reports
66%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryCNChina
RegionKunming, Yunnan
ASNAS4134
OrganizationChinanet YN

Feed Intelligence Summary

10 reports66% confidence
10
Source reports
66%
Confidence score
Category tags
active scanactive scanningaptasiabrute forcebrute-forcechinacncowriedionaeaexploitexploitation activityexploited hostfatthackingindicatornetworkp0freconnaissanceresearchedscannersensor-taggedssht1595.001t1595.002t1595.003tannerthreat actortor nodetpotvulnerability scanvulnerability-exploitationweb app attack

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
10
Reports
First seenNov 26, 2023
Last seenMay 30, 2026
GeolocationCN
CountryChina
LocationKunming, Yunnan
ASNAS4134
OrgChinanet YN
Coords25.0453, 102.7100

VirusTotal

Not checked

WHOIS

description
Score: 50/100. Labels: abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:low, abuseipdb:port-scan, abuseipdb:reported, cowrie. 182.242.168.151 classified as botnet node participating in coordinated attack campaigns (medium confidence). Origin: enriched. Listed on: AbuseIPDB (exploited-host, hacking, low).
raw
inetnum: 182.240.0.0 - 182.247.255.255 netname: CHINANET-YN descr: CHINANET YunNan PROVINCE NETWORK descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: ZL48-AP tech-c: ZL48-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-YN mnt-routes: MAINT-CHINANET-YN mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:04:53Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-13 mnt-by: MAINT-CHINANET last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-11-13 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-13T14:15:15Z source: APNIC person: zhiyong liu nic-hdl: ZL48-AP e-mail: [email protected] address: 136 beijin roadkunmingchina phone: +86-871-68226585 fax-no: +86-871-8221536 country: CN mnt-by: MAINT-CHINANET-YN last-modified: 2018-12-27T01:58:34Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 13 days ago
Appeared in 10 threat reports