42.51.34.15 Threat Intelligence and Host Information

Nov 09, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 42.51.34.15 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force

  • Tags: 01.10.2025, 2025, 5060, Apache, block list, brute force, brute-force, bruteforce, Bruteforce, Brute-Force, china mobile, cisco, columns, company limited, cowrie, heralding, hk abusehandler, HoneyNet Connect, honeytrap, hong kong, hurricane us, info, LAMP, Mail, malicious, Mod Security, network, notice, nxdomain, pgp sign, RimbaSiber, scanners, sftp, ssh, SSH, tcp, timeout, unknown, us none, Web, wordpress

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 34 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia, Finland, France, Germany, Indonesia, Malaysia, Poland, United States of America

Malware Detected on Host

Count: 3 140ed0263ae9c919e789b51d542a3692b94d48bbb92087dcba5af7d0ce33a9c4 d42dce976fc729371f5139bf607c5d773bea0a9aed84cc74e2b217c85218b73c facbc35fb8c3f0c88b0501f0fcbc9c4b99d0aeeb4f027a6a459cb74db9dae1c4

Open Ports Detected

22

Map

Whois Information

  • inetnum: 42.51.0.0 - 42.51.127.255
  • netname: HTU-NET
  • descr: Henan Telcom Union Technology Co., LTD
  • descr: 73, 18 Buliding, 93 Jingsan Road,
  • descr: Zhengzhou City,Henan,China
  • country: CN
  • admin-c: QW703-AP
  • tech-c: LW2337-AP
  • abuse-c: AC1910-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-AP-CNISP
  • mnt-irt: IRT-CNISP-CN
  • last-modified: 2021-02-17T13:08:45Z
  • irt: IRT-CNISP-CN
  • address: Beijing CNISP Technology Co., Ltd
  • e-mail: support@cnispgroup.com
  • abuse-mailbox: support@cnispgroup.com
  • admin-c: CM2275-AP
  • tech-c: CM2275-AP
  • mnt-by: MAINT-AP-CNISP
  • last-modified: 2025-09-04T05:46:38Z
  • role: ABUSE CNISPCN
  • country: ZZ
  • address: Beijing CNISP Technology Co., Ltd
  • phone: +000000000
  • e-mail: support@cnispgroup.com
  • admin-c: CM2275-AP
  • tech-c: CM2275-AP
  • nic-hdl: AC1910-AP
  • abuse-mailbox: support@cnispgroup.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-05-15T03:22:21Z
  • person: Liu Wei
  • nic-hdl: LW2337-AP
  • e-mail: abuse@htu.cc
  • address: 73, 18 Buliding, 93 Jingsan Road,
  • phone: +86-371-55056677
  • country: CN
  • mnt-by: MAINT-NEW
  • last-modified: 2013-08-02T03:06:29Z
  • person: Qingsong Wang
  • nic-hdl: QW703-AP
  • e-mail: abuse@htu.cc
  • address: 73, 18 Buliding, 93 Jingsan Road,
  • phone: +86-371-55056677
  • country: CN
  • mnt-by: MAINT-NEW
  • last-modified: 2013-08-02T03:06:28Z
  • route: 42.51.0.0/17
  • descr: China Unicom Henan Province network
  • descr: Addresses from CNNIC
  • country: CN
  • origin: AS4837
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2012-08-07T07:18:02Z

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-11-08 bruteforce-ip-list-2025-11-08

Share on: