IOC Radar
IPMediumSignal 74/100

42.51.46.17

Location
ChinaChina
Shenzhen, Guangdong
ASN
AS56005
Henan Telcom Union Technology Co., LTD
First Seen
Feb 24, 2025
Last Seen
May 5, 2026
Feb 24
First Seen
476d ago
May 5
Last Seen
41d ago
15
Reports
source reports
74%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryCNChina
RegionShenzhen, Guangdong
ASNAS56005
OrganizationHenan Telcom Union Technology Co., LTD

Feed Intelligence Summary

15 reports74% confidence
15
Source reports
74%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapplication layer protocolasiaattackaustraliabotnetbrute forcebrute force attackbrute force attemptbrute-forcbrute-forcebrute_forcechinacliftoncncommand and controlcommunication protocolcowrie honeypotcredential accesscredential stuffingcredential_accessdata exfiltrationdecoy systemdistributed attackseuropefail2ban triggeredftp brute forcegame_servergb-hostedhackinghttp brute forceindicatorinfoinformation technologyipv4 scanit infrastructurelogin attackmalicious activitymalicious softwaremalwarenetworknetwork enumerationnetwork layer protocolnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnoticeoceaniapassword attacksprocess injectionreconnaissanceresearchedscanscannersecurity operationssecurity policysftp attacksip scanningsoftware developmentsshssh attackssh monitoringssh scanningstaging_servert1021t1021.004t1040t1041t1046t1055t1059t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.002t1499.003t1565t1583t1583.001t1583.002t1583.003t1583.004t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencethreat preventionunauthorized accessunauthorized access attemptsunited kingdomunknown threat actorvalid accountsvoipvps

Activity Timeline

1 total obs
May 5May 5

Threat Activity Heatmap

· Peak: 2026-05-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
15
Reports
First seenFeb 24, 2025
Last seenMay 5, 2026
GeolocationCN
CountryChina
LocationShenzhen, Guangdong
ASNAS56005
OrgHenan Telcom Union Technology Co., LTD
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected performing scans on production environment located in Australia.
raw
inetnum: 42.51.0.0 - 42.51.127.255 netname: HTU-NET descr: Henan Telcom Union Technology Co., LTD descr: 73, 18 Buliding, 93 Jingsan Road, descr: Zhengzhou City,Henan,China country: CN admin-c: QW703-AP tech-c: LW2337-AP abuse-c: AC1910-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-AP-CNISP mnt-irt: IRT-CNISP-CN last-modified: 2021-02-17T13:08:45Z source: APNIC irt: IRT-CNISP-CN address: Beijing CNISP Technology Co., Ltd e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CM2275-AP tech-c: CM2275-AP auth: # Filtered remarks: [email protected] was validated on 2025-05-15 mnt-by: MAINT-AP-CNISP last-modified: 2025-05-15T03:22:05Z source: APNIC role: ABUSE CNISPCN country: ZZ address: Beijing CNISP Technology Co., Ltd phone: +000000000 e-mail: [email protected] admin-c: CM2275-AP tech-c: CM2275-AP nic-hdl: AC1910-AP remarks: Generated from irt object IRT-CNISP-CN remarks: [email protected] was validated on 2025-05-15 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-15T03:22:21Z source: APNIC person: Liu Wei nic-hdl: LW2337-AP e-mail: [email protected] address: 73, 18 Buliding, 93 Jingsan Road, phone: +86-371-55056677 country: CN mnt-by: MAINT-NEW last-modified: 2013-08-02T03:06:29Z source: APNIC person: Qingsong Wang nic-hdl: QW703-AP e-mail: [email protected] address: 73, 18 Buliding, 93 Jingsan Road, phone: +86-371-55056677 country: CN mnt-by: MAINT-NEW last-modified: 2013-08-02T03:06:28Z source: APNIC route: 42.51.0.0/17 descr: China Unicom Henan Province network descr: Addresses from CNNIC country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2012-08-07T07:18:02Z source: APNIC
references
https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 15 threat reports