IOC Radar
IPMediumSignal 22/100

220.190.43.233

Location
ChinaChina
Wenzhou, ZJ
ASN
AS4134
Chinanet
First Seen
Feb 16, 2025
Last Seen
Mar 29, 2026
Feb 16
First Seen
480d ago
Mar 29
Last Seen
73d ago
7
Reports
source reports
22%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
22%
Signal Score
22 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Network Information

CountryCNChina
RegionWenzhou, ZJ
ASNAS4134
OrganizationChinanet

Feed Intelligence Summary

7 reports22% confidence
7
Source reports
22%
Confidence score
Category tags
active scanaptasiabad reputationbot activitybotnetbotnet activitybrute forcechinacncommand and controlcredential harvestingcredential stuffingdata exfiltrationdata store exposuredistributed attacksexploitation activityfake accountidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activitymalicious linksmalicious softwaremalicious websitemalwaremanualnetworkphishingphishing attackprocess injectionresearchedscams & fraudsocial engineeringsocial mediaspamt1055t1071.001t1071.004t1189t1199t1204.001t1204.002t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1587.001t1590.001t1598t1598.003threat actortor nodetwittertwitter abuseweb securityx abuse

Activity Timeline

1 total obs
Mar 29Mar 29

Threat Activity Heatmap

· Peak: 2026-03-29
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address `220.190.43.233`, presents with a relatively low threat score of 22.14, signaling a generally low-risk posture regarding immediate and direct threats. Despite its presence across several established threat intelligence feeds, including AlienVault OTX, Cisco-Talos, and SOCRadar services, the diminished score implies that high-confidence evidence of actively malicious or targeted actions is presently scarce or unconfirmed. The inclusion of an IP …

Threat ScoreLow Risk
22
SIGNAL
Signal Score
22%
Confidence
7
Reports
First seenFeb 16, 2025
Last seenMar 29, 2026
GeolocationCN
CountryChina
LocationWenzhou, ZJ
ASNAS4134
OrgChinanet
Coords27.9960, 120.6664

VirusTotal

Not checked

WHOIS

raw
inetnum: 220.190.0.0 - 220.190.127.255 netname: CHINANET-ZJ-WZ country: CN descr: CHINANET-ZJ Wenzhou node network descr: Zhejiang Telecom admin-c: CZ4-AP tech-c: CW27-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CHINANET-ZJ mnt-lower: MAINT-CN-CHINANET-ZJ-WZ last-modified: 2008-09-04T06:58:24Z source: APNIC role: CHINANET-ZJ Wenzhou address: No.2-1 Huancheng Road(East),Wenzhou,Zhejiang.325000 country: CN phone: +86-577-88818629 fax-no: +86-577-88818635 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: and abuse reports to [email protected] remarks: Please include detailed information and times in UTC admin-c: CH117-AP tech-c: CH117-AP nic-hdl: CW27-AP mnt-by: MAINT-CHINANET-ZJ last-modified: 2019-08-09T08:16:06Z source: APNIC role: CHINANET ZHEJIANG address: No. 257 Qingjiang Road, Hangzhou, Zhejiang.310066 country: CN phone: +86-571-86821752 fax-no: +86-571-86988329 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: and abuse reports to [email protected] remarks: Please include detailed information and times in UTC admin-c: CZ61-AP tech-c: CZ61-AP nic-hdl: CZ4-AP mnt-by: MAINT-CHINANET-ZJ last-modified: 2023-08-11T08:33:28Z source: APNIC
references
https://x.com/romonlyht/status/1890953177060487652, https://x.com/romonlyht/status/1890953179421913482, https://x.com/romonlyht/status/1890953471852974461, https://x.com/romonlyht/status/1890953469646827891, https://x.com/romonlyht/status/1890959190421647726, https://x.com/romonlyht/status/1890959628139143384, https://x.com/romonlyht/status/1890959637891207664, https://x.com/romonlyht/status/1890964003758776784, https://x.com/romonlyht/status/1890964272919753095, https://x.com/romonlyht/status/1890964506915774956, https://x.com/romonlyht/status/1890967142775848998, https://x.com/romonlyht/status/1890973310793416820, https://x.com/romonlyht/status/1890973571633050031, https://x.com/romonlyht/status/1890973568919372037, https://x.com/romonlyht/status/1890973961032257917, https://x.com/romonlyht/status/1890973963087425892, https://x.com/romonlyht/status/1890980878530093546, https://x.com/romonlyht/status/1890980876294533173, https://x.com/romonlyht/status/1890981148546716016, https://x.com/romonlyht/status/1890981151004602504, https://x.com/romonlyht/status/1890981418215383287, https://x.com/romonlyht/status/1890981420752830594, https://x.com/romonlyht/status/1890986786643485061, https://x.com/romonlyht/status/1890986788874858537, https://x.com/romonlyht/status/1890987132707090857, https://x.com/romonlyht/status/1890987134795809055, https://x.com/romonlyht/status/1890990109677195609, https://x.com/romonlyht/status/1890990112508371046, https://x.com/romonlyht/status/1890993797183492480, https://x.com/romonlyht/status/1890998916956487735, https://x.com/romonlyht/status/1890998924783055072, https://x.com/romonlyht/status/1891002272500314334, https://x.com/romonlyht/status/1891002485533253857, https://x.com/romonlyht/status/1891031087016493427

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 7 threat reports