IPMediumSignal 49/100
222.208.24.3
Location
ChinaNanchong, SC
ASN
AS4134
Chinanet SC
First Seen
May 20, 2025
Last Seen
Jun 13, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
49%
Signal Score
49 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionNanchong, SC
ASNAS4134
OrganizationChinanet SC
Feed Intelligence Summary
12 reports49% confidence
12
Source reports
49%
Confidence score
Category tags
access controlactive scanactive scanningasiaattackbad web botbotnetbotnet activitybotnet activity detectionbotnet infectionbrute forcebrute force attackbrute force attemptsbrute-forcec2 communicationchinacisco devicecivil servicescncode executioncommand & controlcommand and controlcommand executioncommunication protocolcompromised hostcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attacksenterprise networkingeuropeexploitexploitation activityfinlandfrancefraud voipftp brute forcegermanygovernment technologyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerhttp scanningidentity & access exploitationindicatorinformation technologyinitial accessiocircit infrastructurelamplamp stack attacklateral movementlogin attemptmalicious activitymalwaremalware behaviourmalware capturemalware distributionnetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork traffic analysisnorth americapassword attackpassword attacksphishingphishing attackpolandpossible mirai variantprotocol exploitationpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesremote accessremote servicesresearchedscams & fraudscannerscanning activitysecurity operationssecurity policyservice scansftp activitysftp attacksmb brute forcesmtp brute forcesocial engineeringsoftware developmentsoftware exploitationspamsshssh attackssh monitoringt1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1027t1040t1041t1046t1053t1053.005t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1071.004t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1496t1497t1499.001t1499.002t1499.003t1563t1566.001t1566.002t1566.003t1566.004t1573t1592t1595t1595.001t1595.002t1595.003tcp protocoltcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp port scanudp scanunauthorized access attemptunited statesvulnerability scanvulnerability-exploitationweb app attackweb application attackweb exploitationweb spamweb traffic
Activity Timeline
Jun 13Jun 13
Threat Activity Heatmap
· Peak: 2026-06-13LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
49
SIGNAL
Signal Score
49%
Confidence
12
Reports
First seenMay 20, 2025
Last seenJun 13, 2026
GeolocationCN
CountryChina
LocationNanchong, SC
ASNAS4134
OrgChinanet SC
Coords31.1163, 105.0835
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 222.208.0.0 - 222.215.255.255 netname: CHINANET-SC descr: CHINANET Sichuan province network descr: China Telecom descr: A12,Xin-Jie-Kou-Wai Street descr: Beijing 100088 country: CN admin-c: CH93-AP tech-c: CS408-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CHINANET-SC mnt-routes: MAINT-CHINANET-SC mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:39Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-09-04T00:59:42Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC role: CHINANET SICHUAN address: No.72,Wen Miao Qian Str Chengdu SiChuan PR China country: CN phone: +86-28-86190657 fax-no: +86-25-86190641 e-mail: [email protected] remarks: send anti-spam reports to [email protected] remarks: send abuse reports to [email protected] remarks: times in GMT+8 remarks: noc.cd.sc.cn admin-c: YZ43-AP tech-c: RL357-AP tech-c: XS16-AP nic-hdl: CS408-AP notify: [email protected] mnt-by: MAINT-CHINANET-SC last-modified: 2013-12-26T03:05:02Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 12 days ago
Appeared in 12 threat reports