IOC Radar
IPMediumSignal 77/100

103.213.96.228

Location
ChinaChina
Changzhou, Jiangsu
ASN
AS23650
China Unicom Jiangsu Province network
First Seen
Oct 24, 2024
Last Seen
May 1, 2026
Oct 24
First Seen
597d ago
May 1
Last Seen
43d ago
7
Reports
source reports
77%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
77%
Signal Score
77 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryCNChina
RegionChangzhou, Jiangsu
ASNAS23650
OrganizationChina Unicom Jiangsu Province network

Feed Intelligence Summary

7 reports77% confidence
7
Source reports
77%
Confidence score
Category tags
active scanactive scanningaptasiacertchinacnddosdenial of serviceeuropeexploitation activityindicatorkill-chain exploitationkill-chain reconnaissancemedium-risknetworkreconnaissanceresearchedscannert1046t1190t1203t1499.001t1595.001t1595.002t1595.003threat actortor nodeunited kingdomwazuhweb application attackweb exploitation

Activity Timeline

1 total obs
May 1May 1

Threat Activity Heatmap

· Peak: 2026-05-01
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
77
SIGNAL
Signal Score
77%
Confidence
7
Reports
First seenOct 24, 2024
Last seenMay 1, 2026
GeolocationCN
CountryChina
LocationChangzhou, Jiangsu
ASNAS23650
OrgChina Unicom Jiangsu Province network
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
ET MALWARE Observed Coruna User-Agent (Outbound)
raw
inetnum: 103.213.96.0 - 103.213.99.255 netname: wznt descr: Jiangsu Weizi Network Technology Co?Ltd country: CN admin-c: WJJ48-AP tech-c: WJJ48-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-WZNT-CN mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNCGROUP-RR last-modified: 2023-11-28T00:56:10Z source: APNIC irt: IRT-wznt-CN address: Changzhou Wujin Hutang Maoye Thai urban business cubic room 2708 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: WJJ48-AP tech-c: WJJ48-AP auth: # Filtered mnt-by: MAINT-CNNIC-AP last-modified: 2025-11-18T00:35:03Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-19T17:20:32Z source: APNIC person: Jian jun wang address: Changzhou Wujin Hutang Maoye Thai urban business cubic room 2708 country: CN phone: +86-18115006622 e-mail: [email protected] nic-hdl: WJJ48-AP mnt-by: MAINT-CNNIC-AP last-modified: 2018-05-25T07:42:02Z source: APNIC route: 103.213.96.0/22 descr: China Unicom Jiangsu Province network descr: Addresses from CNNIC country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2018-06-04T06:34:02Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 7 threat reports