IPMediumSignal 25/100
103.39.233.104
Location
ChinaGuangzhou, Guangdong
ASN
AS4816
Shenzhen Qianhai bird cloud computing Co. Ltd.
First Seen
Mar 12, 2025
Last Seen
Apr 5, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
25%
Signal Score
25 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionGuangzhou, Guangdong
ASNAS4816
OrganizationShenzhen Qianhai bird cloud computing Co. Ltd.
Feed Intelligence Summary
11 reports25% confidence
11
Source reports
25%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaaustraliabad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptchinacncommand and controlcredential accesscredential stuffingdata exfiltrationdata store exposuredecoy systemdistributed attacksexploitation activityidentity & access exploitationindicatorinjection activitymalicious activitymalicious softwaremalwarenetworknetwork scanningoceaniapassword attackpassword attacksprocess injectionreconnaissanceremote accessresearchedscannersecurity operationssecurity policyssh attackt1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1565t1589t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencethreat preventiontor node
Activity Timeline
Apr 5Apr 5
Threat Activity Heatmap
· Peak: 2026-04-05LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
25
SIGNAL
Signal Score
25%
Confidence
11
Reports
First seenMar 12, 2025
Last seenApr 5, 2026
GeolocationCN
CountryChina
LocationGuangzhou, Guangdong
ASNAS4816
OrgShenzhen Qianhai bird cloud computing Co. Ltd.
Coords34.7732, 113.7220
VirusTotal
Not checked
WHOIS
- description
- Host bruteforcing SSH
- raw
- inetnum: 103.39.232.0 - 103.39.235.255 netname: Xiaoniaoyun descr: Shenzhen Qianhai bird cloud computing Co. Ltd. descr: 15 building 15 unit A2 Kexing Science Park Keyuan Road, descr: Nanshan District Shenzhen city of Guangdong Province country: CN admin-c: YW6468-AP tech-c: JS3737-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-XIAONIAOYUN-CN mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP last-modified: 2023-11-28T00:56:28Z source: APNIC irt: IRT-Xiaoniaoyun-CN address: 15 building 15 unit A2 Kexing Science Park Keyuan Road, address: Nanshan District Shenzhen city of Guangdong Province e-mail: [email protected] abuse-mailbox: [email protected] admin-c: YW6468-AP tech-c: JS3737-AP auth: # Filtered remarks: [email protected] was validated on 2022-04-07 mnt-by: MAINT-CNNIC-AP last-modified: 2022-04-07T06:31:13Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Shengqiang zhou address: 15 building 15 unit A2 Kexing Science Park Keyuan Road, address: Nanshan District Shenzhen city of Guangdong Province country: CN phone: +86-13728784566 e-mail: [email protected] nic-hdl: JS3737-AP mnt-by: MAINT-CNNIC-AP last-modified: 2016-03-21T05:58:01Z source: APNIC person: Lifen zhang address: 15 building 15 unit A2 Kexing Science Park Keyuan Road, address: Nanshan District Shenzhen city of Guangdong Province country: CN phone: +86-15914109973 e-mail: [email protected] nic-hdl: YW6468-AP mnt-by: MAINT-CNNIC-AP last-modified: 2016-03-21T05:58:01Z source: APNIC
- references
- https://redpiranha.net
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 11 threat reports