IOC Radar
IPMediumSignal 37/100

103.119.3.14

Location
Hong KongHong Kong
Hong Kong, Guangdong
ASN
AS55933
Sakura Network Limited
First Seen
Dec 6, 2024
Last Seen
Apr 5, 2026
Dec 6
First Seen
551d ago
Apr 5
Last Seen
67d ago
17
Reports
source reports
37%
Confidence
medium
5/91
VirusTotal
detections
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryHKHong Kong
RegionHong Kong, Guangdong
ASNAS55933
OrganizationSakura Network Limited

Feed Intelligence Summary

17 reports37% confidence
17
Source reports
37%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaatif feedattackaustraliaaustralia network activityauthentication failuresauto-generated securityautomated attackbad reputationbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackchinacommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdecoy systemdenial of servicedistributed attackseuropeexploitation activityexternal threat actorfail2ban eventfail2ban triggeredfailed authenticationftp brute forcehkhong kongidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinitial accessinjection activityintrusion detectionjplogin failuremalicious activitymalicious softwaremalwaremanualnetworknetwork intrusion detectionnetwork probingnetwork reconnaissancenetwork scanningnetwork securityoceaniapassword attackspassword crackingphishingphishing attackprocess injectionreconnaissanceresearchedscanscannersecurity operationssecurity policysocial engineeringssh attackt1016t1021t1021.001t1021.002t1040t1046t1055t1059.004t1068t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1589t1590.001t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencethreat preventiontor nodeunauthorized access attemptunited kingdomvoip

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
17
Reports
First seenDec 6, 2024
Last seenApr 5, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, Guangdong
ASNAS55933
OrgSakura Network Limited
Coords34.7732, 113.7220

VirusTotal

5/ 91vendors flagged
5% detection rateJun 8, 2026

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 103.119.0.0 - 103.119.3.255 netname: Ybnetwork descr: Sakura Network Limited country: JP admin-c: IA525-AP tech-c: IA525-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-YBNETWORK2-CN last-modified: 2023-07-06T00:35:32Z source: APNIC irt: IRT-Ybnetwork2-CN address: Unit 1604, Perfect Industrial Building, 31 Tai Yau Street, San Po Kong, HK e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IA525-AP tech-c: IA525-AP auth: # Filtered remarks: [email protected] was validated on 2024-12-04 mnt-by: MAINT-CNNIC-AP last-modified: 2024-12-04T13:45:07Z source: APNIC person: IP administrator address: Unit 1604, Perfect Industrial Building, 31 Tai Yau Street, San Po Kong, HK country: HK phone: +852-61725306 e-mail: [email protected] nic-hdl: IA525-AP mnt-by: MAINT-CNNIC-AP last-modified: 2024-02-27T23:24:33Z source: APNIC route: 103.119.0.0/22 origin: AS55933 descr: China Internet Network Information Center Floor1, Building No.1 C/-Chinese Academy of Sciences 4, South 4th Street Haidian District, mnt-by: MAINT-CNNIC-AP last-modified: 2019-06-25T02:41:12Z source: APNIC
references
https://redpiranha.net, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 17 threat reports