IOC Radar
IPMediumSignal 70/100

58.216.158.82

Location
ChinaChina
Nanjing, JS
ASN
AS4134
Chinanet
First Seen
Oct 2, 2025
Last Seen
May 29, 2026
Oct 2
First Seen
251d ago
May 29
Last Seen
13d ago
6
Reports
source reports
70%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryCNChina
RegionNanjing, JS
ASNAS4134
OrganizationChinanet

Feed Intelligence Summary

6 reports70% confidence
6
Source reports
70%
Confidence score
Category tags
active scanactive scanningasiabrute forcebrute force attackbrute force attackerchinacncredential accesscredential stuffingddosddos attackdenial of servicedigital oceanexploitation activityhackingidentity & access exploitationindicatornetworkpassword attacksping of deathportscanreconnaissanceresearchedscannerscannersservice scant1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003web app attackweb application attackweb exploitation

Activity Timeline

1 total obs
May 29May 29

Threat Activity Heatmap

· Peak: 2026-05-29
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
70
SIGNAL
Signal Score
70%
Confidence
6
Reports
First seenOct 2, 2025
Last seenMay 29, 2026
GeolocationCN
CountryChina
LocationNanjing, JS
ASNAS4134
OrgChinanet
Coords31.7685, 119.9527

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
raw
inetnum: 58.216.158.80 - 58.216.158.87 netname: CHANGZHOU-SOUTH-BANK descr: South Bank descr: Changzhou City descr: Jiangsu Province country: CN admin-c: CH445-AP tech-c: CH445-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-CHINANET-JS mnt-lower: MAINT-CHINANET-JS-CZ last-modified: 2010-07-21T15:40:05Z source: APNIC person: CHINANET-JS-CZ Hostmaster address: No.168,HePing South Road,Changzhou 213000 country: CN phone: +86-519-8130141 phone: +86-519-8150024 fax-no: +86-519-8150026 e-mail: [email protected] nic-hdl: CH445-AP remarks: send anti-spam or abuse reports to [email protected] remarks: times in GMT+8 mnt-by: MAINT-CHINANET-JS-CZ last-modified: 2022-03-15T07:12:22Z source: APNIC
references
https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 8 months ago · Last seen 13 days ago
Appeared in 6 threat reports