IOC Radar
IPMediumSignal 38/100

122.227.221.130

Location
ChinaChina
Hangzhou, Zhejiang
ASN
AS4134
Ningbo Hechangshujun Co., ltd
First Seen
Oct 31, 2024
Last Seen
May 11, 2026
Oct 31
First Seen
589d ago
May 11
Last Seen
33d ago
14
Reports
source reports
38%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryCNChina
RegionHangzhou, Zhejiang
ASNAS4134
OrganizationNingbo Hechangshujun Co., ltd

Feed Intelligence Summary

14 reports38% confidence
14
Source reports
38%
Confidence score
Category tags
abuseaccessaccess controlaccount compromiseaccount securityactive scanactive scanningadminadministrative accessapiasiaauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attackchinacncommand and controlcommentcommunication protocolcredential accesscredential stuffingctadata exfiltrationdata store exposuredcomdcom exploitationddosddos attacksdecoy systemdenial of servicedistributed attacksexecutable fileexploit attemptsexploitation activityftp brute forcegroupshackinghttp brute forcehunteridentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklateral movementmalicious ipmalicious softwaremalwaremalware propagationmalware scanningmedia & entertainmentmicrosoft technologiesmiraimirai botnetnetworknetwork activitynetwork attacksnetwork discoverynetwork probingnetwork protocolnetwork scanningnetwork securityoperating systemoperating system securitypassword attackspngpotential vulnerability scanprivilege escalationprocess injectionransomwarerdpreconnaissanceremote accessremote servicesresearchedrpcscanscannerscanning activityscriptsecurity policyserverslugsmtp brute forcesql injection attemptsssh attacksurface webt1018t1021t1021.001t1040t1046t1047t1055t1059t1059.001t1069.001t1071.001t1076t1078t1088t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1588t1589t1595t1595.001t1595.002t1595.003targeting databasetcptcp protocolthreatthreat actorthreat intelligencethreat preventiontor nodeudpvalidatorvulnerability scanwinwindows

Activity Timeline

1 total obs
May 11May 11

Threat Activity Heatmap

· Peak: 2026-05-11
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
14
Reports
First seenOct 31, 2024
Last seenMay 11, 2026
GeolocationCN
CountryChina
LocationHangzhou, Zhejiang
ASNAS4134
OrgNingbo Hechangshujun Co., ltd
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

raw
inetnum: 122.227.221.128 - 122.227.221.131 netname: NINGBO-HECHANGSHUJUN-LTD descr: Ningbo Hechangshujun Co.,ltd descr: country: CN admin-c: BL1047-AP tech-c: CN13-AP abuse-c: AC1602-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-CN-CHINANET-ZJ-NB mnt-irt: IRT-CHINANET-ZJ last-modified: 2021-06-24T07:53:14Z source: APNIC irt: IRT-CHINANET-ZJ address: Hangzhou, 288 fucun Road, China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CZ61-AP tech-c: CZ61-AP auth: # Filtered remarks: [email protected] was validated on 2025-11-25 mnt-by: MAINT-CHINANET-ZJ last-modified: 2026-03-13T07:12:20Z source: APNIC role: ABUSE CHINANETZJ country: ZZ address: Hangzhou, 288 fucun Road, China phone: +000000000 e-mail: [email protected] admin-c: CZ61-AP tech-c: CZ61-AP nic-hdl: AC1602-AP remarks: Generated from irt object IRT-CHINANET-ZJ remarks: [email protected] was validated on 2025-11-25 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-25T01:16:42Z source: APNIC role: CHINANET-ZJ Ningbo address: No.180 Jiefang Road(North),Ningbo,Zhejiang.315010 country: CN phone: +86-574-87278134 fax-no: +86-574-87362712 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: and abuse reports to [email protected] remarks: Please include detailed information and times in UTC admin-c: CH105-AP tech-c: CH105-AP nic-hdl: CN13-AP mnt-by: MAINT-CHINANET-ZJ last-modified: 2021-05-20T02:50:38Z source: APNIC person: Bin Li nic-hdl: BL1047-AP e-mail: [email protected] address: Ningbo,Zhejiang.Postcode:315000 phone: +86-13306517595 country: CN mnt-by: MAINT-CN-CHINANET-ZJ-NB last-modified: 2011-06-27T02:24:02Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 14 threat reports