IOC Radar
IPMediumSignal 61/100

103.163.220.20

Location
JapanJapan
Tokyo, Tokyo
ASN
AS206092
XS Usenet
First Seen
Mar 26, 2022
Last Seen
May 27, 2026
Mar 26
First Seen
1552d ago
May 27
Last Seen
29d ago
15
Reports
source reports
61%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryJPJapan
RegionTokyo, Tokyo
ASNAS206092
OrganizationXS Usenet

Feed Intelligence Summary

15 reports61% confidence
15
Source reports
61%
Confidence score
Category tags
abuseacademic institutionsaccess controlactive scanactive scanningapacheapache attackerapp routeraptasiaasnsbad reputationbad web botbankingbotnet activitybrute forcebrute force attackbrute-forcecanadachinacivil servicescommand executioncommunity slackcompany blogconsumer goodscookie patentcredential accesscredential harvestingcredential stuffingcredit card servicesdata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdenial of serviceearth lamiaeducational resourceseducational serviceseducational technologyestoniaeuropeexploitexploitation activityexploited hostfinancefinancial servicesfinancial technologyfleet managementflightfreight servicesgermanygoogle privacygovernment technologyhackinghigher educationhong kongidentity & access exploitationindiaindonesiainformation technologyinjection activityinjection attacksinternet of thingsiot botnetiot securityiot/ics attackit infrastructurejackpot pandajapanjpk-12 educationmalicious powershell activitymalwaremaritime transportmexicomirai botnetnation-state activitynetherlandsnetworknlnorth americapassenger transportationpassword attackspayment processingphishingphishing attackpolicies vpatproxypublic administrationpublic infrastructurepublic policypythonrail transportreactreact serverreact2shellreconnaissanceregulatory agenciesremote code executionresearchedretail tradescannerscripting attackssecurity policyservice statussingaporeslo privacyslovakiasocial engineeringsoftware developmentspainsshstate sponsoredt1059.001t1059.003t1059.004t1068t1071.001t1078t1078.004t1086t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1505t1547.001t1566.001t1566.002t1566.003t1595.001t1595.002t1595.003threat actorthreat preventiontor nodetransportation and warehousingtransportation infrastructuretransportation technologyukraineunitedunited kingdomus careerswealth managementweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
15
Reports
First seenMar 26, 2022
Last seenMay 27, 2026
GeolocationJP
CountryJapan
LocationTokyo, Tokyo
ASNAS206092
OrgXS Usenet
Coords35.6940, 139.7540

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 29 days ago
Appeared in 15 threat reports