IOC Radar
IPLowSignal 36/100

223.167.169.49

Location
ChinaChina
Shanghai, SH
ASN
AS17621
China Unicom Shanghai Province Network
First Seen
Dec 27, 2024
Last Seen
Apr 19, 2026
Dec 27
First Seen
533d ago
Apr 19
Last Seen
54d ago
9
Reports
source reports
36%
Confidence
low
0/91
VirusTotal
detections
Found in 9 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryCNChina
RegionShanghai, SH
ASNAS17621
OrganizationChina Unicom Shanghai Province Network

Feed Intelligence Summary

9 reports36% confidence
9
Source reports
36%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackauthentication attemptsbad reputationbotnetbotnet activitybrute forcechinacommand and controlcommunication protocolcowrie activitycowrie honeypotcowrie ssh attackscredential accesscredential stuffingdata exfiltrationdata store exposuredecoy systemdionaea activitydionaea honeypotdionaea malware collectiondistributed attacksexploitation activityexploited hosthackinghoneytrap honeypotidentity & access exploitationindicatorinjection activitylampmalicious activitymalicious sip activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturenetworknetwork probingnetwork scanningnetwork securityprocess injectionransomwarereconnaissanceresearchedresource hijackingscannersentrypeer botnetsftp access attemptssftp attacksip brute forcesip scanningsocradar honeypotssh attackssh monitoringt1021t1040t1041t1055t1059t1059.004t1071.001t1078t1078.001t1078.002t1078.003t1078.004t1110t1110.001t1110.002t1110.003t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionthreat intelligencetor nodevoipvoip attack

Activity Timeline

1 total obs
Apr 19Apr 19

Threat Activity Heatmap

· Peak: 2026-04-19
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
9
Reports
First seenDec 27, 2024
Last seenApr 19, 2026
GeolocationCN
CountryChina
LocationShanghai, SH
ASNAS17621
OrgChina Unicom Shanghai Province Network
Coords31.0442, 121.4054

VirusTotal

0/ 91vendors flagged
0% detection rateJun 8, 2026

WHOIS

description
Unknown source type: h0neytr4p
raw
inetnum: 223.166.0.0 - 223.167.255.255 netname: UNICOM-SH descr: CHINA UNICOM Shanghai city network descr: China Unicom descr: No.21,Jin Rong Street,Beijing,100033 descr: P.R.China country: CN admin-c: CH1302-AP tech-c: CH1302-AP abuse-c: AC1718-AP status: ALLOCATED PORTABLE remarks: service provider mnt-by: APNIC-HM mnt-lower: MAINT-CNCGROUP-SH mnt-routes: MAINT-CNCGROUP-RR mnt-irt: IRT-CU-CN last-modified: 2025-01-22T13:08:40Z source: APNIC irt: IRT-CU-CN address: No.21,Financial Street address: Beijing,100033 address: P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP auth: # Filtered remarks: [email protected] was validated on 2025-02-24 mnt-by: MAINT-CNCGROUP last-modified: 2025-02-24T06:16:57Z source: APNIC role: ABUSE CUCN country: ZZ address: No.21,Financial Street address: Beijing,100033 address: P.R.China phone: +000000000 e-mail: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP nic-hdl: AC1718-AP remarks: Generated from irt object IRT-CU-CN remarks: [email protected] was validated on 2025-02-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-24T06:17:45Z source: APNIC person: ChinaUnicom Hostmaster nic-hdl: CH1302-AP e-mail: [email protected] address: No.21,Jin-Rong Street address: Beijing,100033 address: P.R.China phone: +86-10-66259764 fax-no: +86-10-66259764 country: CN mnt-by: MAINT-CNCGROUP last-modified: 2017-08-17T06:13:16Z source: APNIC route: 223.166.0.0/15 descr: China Unicom Shanghai Province Network country: CN origin: AS17621 mnt-by: MAINT-CNCGROUP-RR last-modified: 2010-07-13T00:46:02Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 1 year ago · Last seen 1 month ago
Appeared in 9 threat reports