IPHighVerifiedSignal 72/100
180.120.144.59
Location
ChinaNantong, Jiangsu
ASN
AS4134
Chinanet JS
First Seen
Jul 7, 2025
Last Seen
Jul 24, 2025
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionNantong, Jiangsu
ASNAS4134
OrganizationChinanet JS
Feed Intelligence Summary
5 reports72% confidence
5
Source reports
72%
Confidence score
Category tags
abuseaccount compromiseactive scanningasiabotnetbrute forcebrute force attackchinacloud infrastructurecloud infrastructure attackcloud servicescommand and controlcredential accesscredential stuffingdata exfiltrationdatabase attackdecoy systemdistributed attackseuropeindicatormalicious activitymalicious softwaremalwaremssqlnetworkpassword attackpassword attackspolandprocess injectionreconnaissanceresearchedresource hijackingscannersecurity operationst1055t1059.001t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003threat actorthreat intelligencewarsaw
Activity Timeline
Jul 24Jul 24
Threat Activity Heatmap
· Peak: 2025-07-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
5
Reports
First seenJul 7, 2025
Last seenJul 24, 2025
Verified IOC
GeolocationCN
CountryChina
LocationNantong, Jiangsu
ASNAS4134
OrgChinanet JS
Coords32.0607, 118.7630
VirusTotal
Not checked
WHOIS
- description
- IPV4 hosts detected attempting to brute force MSSQL on private honeypot
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
highFirst detected 11 months ago · Last seen 11 months ago
Appeared in 5 threat reports