IOC Radar
IPMediumSignal 33/100

180.100.212.177

Location
ChinaChina
Nanjing, Jiangsu
ASN
AS4134
Chinanet JS
First Seen
Aug 14, 2025
Last Seen
Jun 7, 2026
Aug 14
First Seen
314d ago
Jun 7
Last Seen
17d ago
17
Reports
source reports
33%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
33%
Signal Score
33 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

53 techniques

Network Information

CountryCNChina
RegionNanjing, Jiangsu
ASNAS4134
OrganizationChinanet JS

Feed Intelligence Summary

17 reports33% confidence
17
Source reports
33%
Confidence score
Category tags
abuseaccount compromiseaccount enumerationactive scanactive scanningactive-attackadresse ipaptasiaattackattacker ipattacker-ipauthentication-failureautomated attack attemptsazure adbad reputationbad web botbankingbelgiumbelgium ip addressesblacklisted ipsblocklist_allbotnetbotnet activitybotnet activity detectionbrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcebruteforcec&c communicationc2 communicationchinacivil servicescloud account securitycloud environmentcloud infrastructurecncode executioncode injectioncode-injectioncommand & controlcommand and controlcommand executioncommunication protocolcompromised credentialscompromised hostcompromised hostscredential accesscredential compromisecredential harvestingcredential stuffingcredential theftcredential-dumpingcredit card servicesdata exfiltrationdata store exposuredatabase securityddosddos activityddos attackddos attacksdecoy systemdenial of servicedistributed attacksemailentra ideuropeexploit kitexploitation activityexploited hostfinancefinancial servicesfinancial technologyfinlandfnt-secure-sentinelfnt-sentinelfranceftpftp brute forcegermanygovernment technologyhackinghoneynet connecthttp brute forcehttp scannerhttpsidentity & access exploitationidentity managementimapimap attackindicatorinformation technologyinitial-accessinjection activityinjection attacksip-addressircit infrastructurelateral movementlogin attemptmalicious activitymalicious softwaremalicious-ipmalwaremalware distributionmicrosoft 365microsoft azuremicrosoft entramicrosoft entra idmultiple accounts targetedmultiple usersmultiple users affectednetworknetwork attacksnetwork enumerationnetwork intrusionnetwork protocolnetwork scanningnetwork securitynorth americapassword attackpassword attackspassword crackingpassword sprayingpayment processingphishingphishing attackpolandport-scanprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedsaslscannerscanning activitysecurity operationsservice scansmb brute forcesmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringsoftware developmentspamspam distributionsql-injectionsshssh attackt1003t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1053t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1555t1555.003t1563t1565t1566t1566.001t1566.002t1566.003t1588.004t1589t1589.002t1590t1592t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltcp scantelnet threatthreat actorthreat intelligencetor nodeturkeyudp scanunauthorized access attemptunauthorized login attemptsunited statesvoidtrapvulnerability scanvulnerability-scanwealth managementweb app attackweb application attackweb exploitationweb spamweb trafficweb-attack

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
33
SIGNAL
Signal Score
33%
Confidence
17
Reports
First seenAug 14, 2025
Last seenJun 7, 2026
GeolocationCN
CountryChina
LocationNanjing, Jiangsu
ASNAS4134
OrgChinanet JS
Coords32.0607, 118.7630

VirusTotal

Not checked

WHOIS

description
FNT Sentinel detected SMTP attack. 2026-05-09 00:22:04.4054 Login failure: 180.100.212.177 SMTP
raw
inetnum: 180.96.0.0 - 180.127.255.255 netname: CHINANET-JS descr: Chinanet Jiangsu Province Network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: CH93-AP tech-c: CJ186-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-JS mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:04:52Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC role: CHINANET JIANGSU address: 260 Zhongyang Road,Nanjing 210037 country: CN phone: +86-25-87799222 e-mail: [email protected] remarks: send anti-spam reports [email protected] remarks: send abuse reports [email protected] remarks: times in GMT+8 remarks: www.jsinfo.net admin-c: CH360-AP tech-c: CS306-AP tech-c: CN142-AP nic-hdl: CJ186-AP notify: [email protected] mnt-by: MAINT-CHINANET-JS last-modified: 2022-08-05T15:34:47Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 10 months ago · Last seen 17 days ago
Appeared in 17 threat reports