IOC Radar
IPMediumSignal 32/100

49.88.211.227

Location
ChinaChina
Nanjing, JS
ASN
AS4134
Chinanet JS
First Seen
Jan 20, 2021
Last Seen
Apr 7, 2026
Jan 20
First Seen
1970d ago
Apr 7
Last Seen
67d ago
8
Reports
source reports
32%
Confidence
medium
1/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
32%
Signal Score
32 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryCNChina
RegionNanjing, JS
ASNAS4134
OrganizationChinanet JS

Feed Intelligence Summary

8 reports32% confidence
8
Source reports
32%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiabad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptchinacommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedistributed attacksexploit attemptsexploitation activityftp brute forcehttp brute forceidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklateral movementmalicious softwaremalwaremalware propagationmalware scanningmirai botnetnetworknetwork attacksnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedscanscannersecurity policyservice scansmtp brute forcesql injection attemptsssh attackt1021t1021.001t1021.002t1040t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
32
SIGNAL
Signal Score
32%
Confidence
8
Reports
First seenJan 20, 2021
Last seenApr 7, 2026
GeolocationCN
CountryChina
LocationNanjing, JS
ASNAS4134
OrgChinanet JS
Coords34.5952, 119.1664

VirusTotal

1/ 91vendors flagged
1% detection rateJun 7, 2026

WHOIS

raw
inetnum: 49.64.0.0 - 49.95.255.255 netname: CHINANET-JS descr: CHINANET jiangsu province network descr: China Telecom descr: 260 Zhongyang Road,Nanjing 210037 country: CN admin-c: CH360-AP tech-c: CS306-AP tech-c: CN142-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- notify: [email protected] mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-JS mnt-routes: MAINT-CHINANET-JS mnt-irt: IRT-CHINANET-CN last-modified: 2022-04-26T07:40:27Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC person: CHINANET-JS Hostmaster nic-hdl: CH360-AP e-mail: [email protected] address: Room 1001#, 260 Zhongyang Road, Nanjing,Jiangsu Province phone: +86-25-86588231 phone: +86-25-86588745 fax-no: +86-25-86588104 country: CN mnt-by: MAINT-CHINANET-JS last-modified: 2022-03-15T07:08:59Z source: APNIC person: CHINANET-JS Network Operations nic-hdl: CN142-AP e-mail: [email protected] address: Room 1001#, 260 Zhongyang Road, Nanjing,Jiangsu Province phone: +86-25-86588721 phone: +86-25-86788130 phone: +86-25-86788122 phone: +86-25-86588787 fax-no: +86-25-86588104 country: CN mnt-by: MAINT-CHINANET-JS last-modified: 2022-03-15T07:09:00Z source: APNIC person: CHINANET-JS Security Administrater nic-hdl: CS306-AP e-mail: [email protected] address: Room 1001#, 260 Zhongyang Road, Nanjing,Jiangsu Province phone: +86-25-86588745 phone: +86-25-86588231 fax-no: +86-25-86588104 country: CN mnt-by: MAINT-CHINANET-JS last-modified: 2022-03-15T07:09:00Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 2 months ago
Appeared in 8 threat reports