IOC Radar
IPMediumSignal 56/100

220.250.11.154

Location
ChinaChina
Fuzhou, Fujian
ASN
AS4837
CNCGroup CHINA169 FuJian province network
First Seen
Apr 20, 2022
Last Seen
May 25, 2026
Apr 20
First Seen
1516d ago
May 25
Last Seen
20d ago
17
Reports
source reports
56%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryCNChina
RegionFuzhou, Fujian
ASNAS4837
OrganizationCNCGroup CHINA169 FuJian province network

Feed Intelligence Summary

17 reports56% confidence
17
Source reports
56%
Confidence score
Category tags
abuseaccessactive scanactive scanningaptasiaattackauto-generated securitybad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute-forcec2certchinacncommand & controlcommand and controlcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdionaeadistributed attacksemailexploitation activityfattftp brute forcegithubgroupshoneytrap honeypotidentity & access exploitationindicatorinjection activitylamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwarenetworknetwork enumerationnetwork scanningp0fpassword attacksphishingphishing attackphishing trappotential malicious activityprocess injectionpythonransomwarereconnaissanceresearchedscannerscriptsensor-taggedservice enumerationsftpsftp attackslugsmtp brute forcesocial engineeringsocradarsshssh attackssh monitoringsurface webt1021t1021.004t1041t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1204.002t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat detectionthreat-intelligencetor nodetpotunauthorized access attemptsunidentified attackerweb app attack

Activity Timeline

1 total obs
May 25May 25

Threat Activity Heatmap

· Peak: 2026-05-25
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
17
Reports
First seenApr 20, 2022
Last seenMay 25, 2026
GeolocationCN
CountryChina
LocationFuzhou, Fujian
ASNAS4837
OrgCNCGroup CHINA169 FuJian province network
Coords26.0742, 119.2960

VirusTotal

Not checked

WHOIS

description
Score: 50/100. Labels: abuseipdb:minimal, abuseipdb:reported, cowrie, firehol:unlisted, gti:suspicious, sector:energy. 220.250.11.154 classified as attacker with unclear intent (medium confidence). Origin: enriched. Listed on: AbuseIPDB (minimal, reported).
raw
inetnum: 220.250.0.0 - 220.250.15.255 netname: CNCGROUP-FJ-FUZHOU-MAN country: CN descr: Fuzhou city, fujian provincial network of CNCGROUP admin-c: FZ165-AP tech-c: FZ165-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-CNCGROUP-FJ mnt-lower: MAINT-CN-FZ28 last-modified: 2008-09-04T07:10:32Z source: APNIC person: FU ZHOU nic-hdl: FZ165-AP e-mail: [email protected] address: Fuzhou city, Fujian province, China phone: +86-591-28363728 fax-no: +86-591-28363716 country: CN mnt-by: MAINT-CNCGROUP-FJ last-modified: 2010-05-25T08:12:01Z source: APNIC route: 220.250.0.0/19 descr: CNCGroup CHINA169 FuJian province network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2008-09-04T07:54:49Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 20 days ago
Appeared in 17 threat reports