IOC Radar
IPMediumSignal 62/100

113.128.205.95

Location
ChinaChina
Jinan, Shandong
ASN
AS4134
Chinanet SD
First Seen
Aug 21, 2024
Last Seen
Apr 24, 2026
Aug 21
First Seen
661d ago
Apr 24
Last Seen
51d ago
5
Reports
source reports
62%
Confidence
medium
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryCNChina
RegionJinan, Shandong
ASNAS4134
OrganizationChinanet SD

Feed Intelligence Summary

5 reports62% confidence
5
Source reports
62%
Confidence score
Category tags
abuseactive scanasiabad reputationbrute forcebrute force attackerbrute-forcebruteforcechinaindicatormssqlnetworkportscanresearchedscannersservice scanvultr

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
5
Reports
First seenAug 21, 2024
Last seenApr 24, 2026
GeolocationCN
CountryChina
LocationJinan, Shandong
ASNAS4134
OrgChinanet SD
Coords35.9660, 120.1730

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force MSSQL on Vultr Paris (France) honeypot
raw
inetnum: 113.128.0.0 - 113.129.255.255 netname: CHINANET-SD descr: CHINANET SHANDONG PROVINCE NETWORK descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: CH93-AP tech-c: XR55-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-SD mnt-routes: MAINT-CHINANET-SD mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:25Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-13 mnt-by: MAINT-CHINANET last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-11-13 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-13T14:15:15Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC person: Xin Ruosheng nic-hdl: XR55-AP e-mail: [email protected] address: No.999, road Shunhua, Jinan, Shandong province,China phone: +86-531-83190000 fax-no: +86-531-83190000 country: CN mnt-by: MAINT-CHINANET-SD last-modified: 2019-12-20T07:11:49Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 5 threat reports