IOC Radar
IPMediumSignal 36/100

203.34.57.247

Location
ChinaChina
Wenquan, Fujian
ASN
AS58519
Chinanet FJ
First Seen
Apr 4, 2025
Last Seen
Apr 24, 2026
Apr 4
First Seen
434d ago
Apr 24
Last Seen
50d ago
13
Reports
source reports
36%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryCNChina
RegionWenquan, Fujian
ASNAS58519
OrganizationChinanet FJ

Feed Intelligence Summary

13 reports36% confidence
13
Source reports
36%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaattackaustraliaauthenticationauthentication abuseauthentication logsautomated attackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcechinacommand and controlcompromised credentialscowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredecoy systemdistributed attackseuropeexploitation activityfailed authenticationftpftp brute forceidentity & access exploitationindicatorinitial accessinjection activitylog analysismalicious activitymalicious payloadmalicious softwaremalwarenetworknetwork intrusionnetwork scanningnetwork service scanningnetwork traffic analysisoceaniapassword attacksprocess injectionransomwarereconnaissanceremote accessremote service exploitationresearchedscannerscanning activitysecurity eventsecurity operationsservice scansftp attacksshssh attackssh monitoringsystem logst1021t1021.004t1041t1046t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1583t1583.001t1589t1595t1595.001t1595.002t1595.003threat actorthreat intelligencetor nodetpotceunauthorized accessunited kingdomvulnerability scan

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
13
Reports
First seenApr 4, 2025
Last seenApr 24, 2026
GeolocationCN
CountryChina
LocationWenquan, Fujian
ASNAS58519
OrgChinanet FJ
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 203.34.56.0 - 203.34.57.255 netname: CHINANET-FJ descr: CHINANET FUJIAN PROVINCE NETWORK descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: CA67-AP tech-c: CA67-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider notify: [email protected] mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-FJ mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:37Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC role: CHINANETFJ IP ADMIN address: 7,East Street,Fuzhou,Fujian,PRC country: CN phone: +86-591-83309761 fax-no: +86-591-83371954 e-mail: [email protected] remarks: send spam reports and abuse reports remarks: to [email protected] remarks: Please include detailed information and remarks: times in UTC admin-c: FH71-AP tech-c: FH71-AP nic-hdl: CA67-AP remarks: www.fjtelecom.com notify: [email protected] mnt-by: MAINT-CHINANET-FJ last-modified: 2011-12-06T00:10:50Z source: APNIC
references
https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 13 threat reports