IOC Radar
IPMediumSignal 48/100

208.98.43.16

Location
United StatesUnited States
Chicago, IL
ASN
AS46844
Sharktech
First Seen
Aug 8, 2025
Last Seen
May 30, 2026
Aug 8
First Seen
322d ago
May 30
Last Seen
27d ago
6
Reports
source reports
48%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

6 techniques

Network Information

CountryUSUnited States
RegionChicago, IL
ASNAS46844
OrganizationSharktech

Feed Intelligence Summary

6 reports48% confidence
6
Source reports
48%
Confidence score
Category tags
active scanactive scanningauto-generated securitybrute forcecredential harvestingcredential stuffingcrypto-fraudfraud ordershuman-traffickingidentity & access exploitationmalwaremastodon-benignnetworknorth americaphishingphishing attackpig-butcheringproxyreconnaissanceresearchedscam-compoundsscams & fraudscannersha-zhu-pansocial engineeringsyndicatet1566.001t1566.002t1566.003t1595.001t1595.002t1595.003transnational-organized-crimeunited statesusverified-benign

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
6
Reports
First seenAug 8, 2025
Last seenMay 30, 2026
GeolocationUS
CountryUnited States
LocationChicago, IL
ASNAS46844
OrgSharktech
Coords41.8764, -87.6133

VirusTotal

Not checked

WHOIS

description
An extensive collection of domains and IPs operated by highly organized, transnational criminal syndicates rooted in Southeast Asia. These indicators are actively used in global 'Pig Butchering' (Sha Zhu Pan) campaigns, hosting fraudulent cryptocurrency trading platforms, fake Defi liquidity pools, and weaponized smart contracts. The underlying operation relies on human trafficking, forced labor compounds, and advanced multi-layered money laundering.
raw
Sharktech SHARKTECH-INC (NET-208-98-0-0-1) 208.98.0.0 - 208.98.63.255 Sharktech SHARKTECH-LAS (NET-208-98-32-0-1) 208.98.32.0 - 208.98.63.255

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 10 months ago · Last seen 27 days ago
Appeared in 6 threat reports