IOC Radar
IPMediumSignal 44/100

117.90.100.6

Location
ChinaChina
Zhenjiang, JS
ASN
AS4134
Chinanet JS
First Seen
Dec 9, 2023
Last Seen
Jun 12, 2026
Dec 9
First Seen
927d ago
Jun 12
Last Seen
11d ago
23
Reports
source reports
44%
Confidence
medium
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryCNChina
RegionZhenjiang, JS
ASNAS4134
OrganizationChinanet JS

Feed Intelligence Summary

23 reports44% confidence
23
Source reports
44%
Confidence score
Category tags
abuseabuseipdbactive scanactive scanningapacheapache attackerapplication layer protocolaptasiaattackaustraliabad reputationbad web botbankingblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute-forcec2c2 serverchinacivil servicescncommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostscompromised systemscowriecowrie attackcowrie honeypotcowrie ssh honeypotcredential accesscredential harvestingcredential stuffingcredit card servicesdata exfiltrationdata store exposuredata theftddosddos attackdecoy systemdenial of servicedionaeadionaea attackdionaea honeypotdionaea malware collectiondistributed attacksexploitexploitationexploitation activityexploited hostfattfinancefinancial servicesfinancial technologyfraud voipftpftp attemptftp brute forcegovernment technologyhackingheralding attackidentity & access exploitationindicatorinfected hostsinformation technologyinjection activityiocit infrastructuremalicious activitymalicious communicationmalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork intrusionnetwork intrusion attemptsnetwork layer protocolnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisoceaniap0fpassword attackspayment processingphishingphishing attackpotential brute forcepotential malware infectionprocess injectionpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesresearchedscams & fraudscanscannerscanning activitysensor-taggedservice scansftp attacksftp attemptsocial engineeringsocradar honeypotsoftware developmentspamsshssh attackssh monitoringt-pott1005t1018t1021t1021.001t1021.004t1040t1041t1046t1055t1059t1071t1071.001t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1555t1565t1566t1566.001t1566.002t1566.003t1573t1595t1595.001t1595.002t1595.003tannertanner attacktanner http honeypottelecommunicationsthreat actorthreat intelligencetor nodetpotunknown threat actorvoipvulnerability scanvulnerability-exploitationwealth managementweb app attackweb application attackweb exploitationweb scannerweb spam

Activity Timeline

1 total obs
Jun 12Jun 12

Threat Activity Heatmap

· Peak: 2026-06-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
23
Reports
First seenDec 9, 2023
Last seenJun 12, 2026
GeolocationCN
CountryChina
LocationZhenjiang, JS
ASNAS4134
OrgChinanet JS
Coords32.0589, 118.7738

VirusTotal

Not checked

WHOIS

raw
inetnum: 117.80.0.0 - 117.95.255.255 netname: CHINANET-JS descr: CHINANET jiangsu province network descr: China Telecom descr: A12,Xin-Jie-Kou-Wai Street descr: Beijing 100088 country: CN admin-c: CH93-AP tech-c: CJ186-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-JS mnt-routes: MAINT-CHINANET-JS mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:05:36Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC role: CHINANET JIANGSU address: 260 Zhongyang Road,Nanjing 210037 country: CN phone: +86-25-87799222 e-mail: [email protected] remarks: send anti-spam reports [email protected] remarks: send abuse reports [email protected] remarks: times in GMT+8 remarks: www.jsinfo.net admin-c: CH360-AP tech-c: CS306-AP tech-c: CN142-AP nic-hdl: CJ186-AP notify: [email protected] mnt-by: MAINT-CHINANET-JS last-modified: 2022-08-05T15:34:47Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://github.com/telekom-security/tpotce, https://redpiranha.net, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 11 days ago
Appeared in 23 threat reports