IOC Radar
IPMediumSignal 73/100

58.59.233.175

Location
ChinaChina
Liuzhou, GX
ASN
AS4134
Chinanet GX
First Seen
Feb 18, 2024
Last Seen
Feb 15, 2026
Feb 18
First Seen
855d ago
Feb 15
Last Seen
127d ago
10
Reports
source reports
73%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryCNChina
RegionLiuzhou, GX
ASNAS4134
OrganizationChinanet GX

Feed Intelligence Summary

10 reports73% confidence
10
Source reports
73%
Confidence score
Category tags
abuseaccessactive scanningadbhoney honeypotasiaattackauto-generated securitybad web botbotnetbrute forcebrute force attackbrute force attemptschinacommand and controlcommunication protocolcowriecowrie honeypotcowrie ssh honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdatabase securitydecoy systemdenial of servicedionaeadionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringemailftpftp brute forcegithubgroupshoneytrap honeypothttp scannerindicatorinitial accesslamplamp exploitation attemptslamp server attacklamp stack targetingmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware hostingnetworknetwork attacksnetwork intrusion attemptsnetwork protocolnetwork scanningnetwork securitypassword attackpassword attacksphishingphishing attackphishing trapprocess injectionpythonreconnaissanceresearchedresource hijackingscannerscanning activityscriptsentrypeer botnetsftpsftp attacksipsip enumerationsip vulnerability scanningslugsocial engineeringsshssh attackssh monitoringsurface webt1021t1021.002t1040t1041t1046t1053.005t1055t1059t1059.001t1059.004t1068t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligenceunauthorized loginvoipvoip attackweb application attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
10
Reports
First seenFeb 18, 2024
Last seenFeb 15, 2026
GeolocationCN
CountryChina
LocationLiuzhou, GX
ASNAS4134
OrgChinanet GX
Coords22.8108, 108.3165

VirusTotal

Not checked

WHOIS

description
2025-02-23T14:57:10.969Z Honeypot : ElasticPot : Source: 58.59.233.175 : Port: 9200 Event Type: Scan
raw
inetnum: 58.59.128.0 - 58.59.255.255 netname: CHINANET-GX descr: CHINANET Guangxi province network descr: China Telecom descr: No1,jin-rong Street descr: Beijing 100032 country: CN admin-c: CH93-AP tech-c: CR766-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-GX mnt-routes: MAINT-CHINANET-GX mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:04:49Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC role: CHINANET GUANGXI address: No.35,Minzhu Road,Nanning 530015 country: CN phone: +86-771-2815987 fax-no: +86-771-2839278 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: send abuse reports to [email protected] remarks: times in GMT+8 remarks: http://www.gx.cninfo.net admin-c: CR76-AP tech-c: BD37-AP nic-hdl: CR766-AP notify: [email protected] mnt-by: MAINT-CHINANET-GX last-modified: 2021-09-01T03:10:28Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 4 months ago
Appeared in 10 threat reports