IOC Radar
IPMediumSignal 50/100

220.250.10.170

Location
ChinaChina
Fuzhou, FJ
ASN
AS4837
CNCGroup CHINA169 FuJian province network
First Seen
Jan 30, 2024
Last Seen
May 30, 2026
Jan 30
First Seen
862d ago
May 30
Last Seen
12d ago
11
Reports
source reports
50%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryCNChina
RegionFuzhou, FJ
ASNAS4837
OrganizationCNCGroup CHINA169 FuJian province network

Feed Intelligence Summary

11 reports50% confidence
11
Source reports
50%
Confidence score
Category tags
active scanactive scanningaptasiaattackauto-generated securitybad web botbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcechinacncredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityexploitexploitation activityexploited hosthackingidentity & access exploitationindicatorinjection activityinjection attacksiot securityiot targetedmalicious activitymalwarenetworkpassword attacksportscanreconnaissanceresearchedscannerscannersservice scanssh attackt1059.003t1110.001t1110.002t1110.003t1110.004t1486t1499.002t1595.001t1595.002t1595.003threat actortor nodetpotvulnerability scanvulnerability-exploitationvultrweb app attack

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
11
Reports
First seenJan 30, 2024
Last seenMay 30, 2026
GeolocationCN
CountryChina
LocationFuzhou, FJ
ASNAS4837
OrgCNCGroup CHINA169 FuJian province network
Coords26.0614, 119.3061

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot
raw
inetnum: 220.250.0.0 - 220.250.15.255 netname: CNCGROUP-FJ-FUZHOU-MAN country: CN descr: Fuzhou city, fujian provincial network of CNCGROUP admin-c: FZ165-AP tech-c: FZ165-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CNCGROUP-FJ mnt-lower: MAINT-CN-FZ28 last-modified: 2008-09-04T07:10:32Z source: APNIC person: FU ZHOU nic-hdl: FZ165-AP e-mail: [email protected] address: Fuzhou city, Fujian province, China phone: +86-591-28363728 fax-no: +86-591-28363716 country: CN mnt-by: MAINT-CNCGROUP-FJ last-modified: 2010-05-25T08:12:01Z source: APNIC route: 220.250.0.0/19 descr: CNCGroup CHINA169 FuJian province network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2008-09-04T07:54:49Z source: APNIC
references
https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 12 days ago
Appeared in 11 threat reports