IOC Radar
IPMediumSignal 65/100

119.253.93.62

Location
ChinaChina
Dongchengcun, Beijing
ASN
AS23844
CSTNET
First Seen
Oct 22, 2022
Last Seen
Jun 3, 2026
Oct 22
First Seen
1330d ago
Jun 3
Last Seen
9d ago
17
Reports
source reports
65%
Confidence
medium
3/91
VirusTotal
detections
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Network Information

CountryCNChina
RegionDongchengcun, Beijing
ASNAS23844
OrganizationCSTNET

Feed Intelligence Summary

17 reports65% confidence
17
Source reports
65%
Confidence score
Category tags
abuseaccess controlack scanactive scanactive scanningaerospace & defenseaptasiaattackaustraliaauthentication attacksauto-generated securityautomotive manufacturingbad reputationblacklist candidateblock listbotnetbotnet activitybotnet infectionbrute forcebrute force attackbrute force attackerbrute force attemptsbrute-forcec2c2 communicationcertchinachina mobilecivil servicescncode executioncolumnscommand & controlcommand and controlcommand executioncommand injectioncommunication protocolcompany limitedcompromised systemcompromised systemscowriecowrie honeypotcredential accesscredential attackcredential harvestingcredential stuffingcyber securitydata encryptiondata exfiltrationdata store exposureddosddos attackddos attacksdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedigital oceandionaeadionaea honeypotdistributed attacksdnsdns attackelectronics manufacturingencryptionenumerationexploitexploit attemptexploitation activityexploitation attemptexploitation attemptsexploited hostfattfin scanfirewall evasionftpftp brute forcegovernment technologyhackinghk abusehandlerhoneytrap honeypothong konghttp brute forcehttp scannerhttp scanningidentity & access exploitationindicatorindustrial automationindustrial iotindustrial productioninformation gatheringinitial accessinjection activityinternet of thingsinternet-facingintrusion detectioniociot botnetiot securityiot/ics attacklateral movementmailoney honeypotmaimon scanmalicious activitymalicious ipmalicious ip activitymalicious network activitymalicious scanmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmanufacturing technologymilitary operationsmiraimirai botnetnational securitynetbiosnetworknetwork attacksnetwork intrusion attemptsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynextraynull scanoceaniap0fp0f passive fingerprintingpassword attackspgp signphishingphishing attackphishing trapping of deathportscanprocess injectionprocess manufacturingprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlransomwarereconnaissanceregulatory agenciesresearchedresource hijackingrtbhscanscannerscannersscanning activitysecurity operationssecurity policysensor-taggedsentrypeer botnetservice scanservice version detectionsmbsmtpsmtp scanningsocial engineeringsocradarsoftware exploitationssh attackssh monitoringsupply chain attacksupply chain managementsuricata alertssyn scant1016t1018t1021t1021.001t1021.002t1027t1040t1046t1055t1059t1059.001t1068t1071t1071.001t1077t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1497t1498t1499.001t1499.002t1499.003t1550.003t1562t1565t1566.001t1566.002t1566.003t1592t1595t1595.001t1595.002t1595.003tannertcptcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat feedthreat intelligencethreat preventiontimeouttor nodetpotudp port scanus abuseus nonevoipvoip attackvultrweb trafficwindow scanxmas scan

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
17
Reports
First seenOct 22, 2022
Last seenJun 3, 2026
GeolocationCN
CountryChina
LocationDongchengcun, Beijing
ASNAS23844
OrgCSTNET
Coords39.9373, 116.4360

VirusTotal

3/ 91vendors flagged
3% detection rateJun 5, 2026

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 119.253.0.0 - 119.253.127.255 netname: SINNET descr: Beijing Sinnet Technology Co., Ltd. descr: 2A-2F,Tower A,East Gate Plaza,NO.9 Dong Zhong Street, descr: Dong Cheng Dstrict,Beijing country: CN admin-c: CH471-AP tech-c: WH271-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-irt: IRT-SINNET-CN last-modified: 2021-11-02T07:48:21Z source: APNIC irt: IRT-SINNET-CN address: 2A-2F,Tower A,East Gate Plaza,NO.9 Dong Zhong Street, address: Dong Cheng Dstrict,Beijing e-mail: [email protected] abuse-mailbox: [email protected] auth: # Filtered admin-c: CH471-AP tech-c: WH271-AP mnt-by: MAINT-CNNIC-AP last-modified: 2021-06-24T07:37:59Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Chen hao nic-hdl: CH471-AP e-mail: [email protected] address: Langfang university Langfang Development Area phone: +86-13311166160 country: CN mnt-by: MAINT-CNNIC-AP last-modified: 2008-09-04T07:29:22Z source: APNIC person: Wang Huijun nic-hdl: WH271-AP e-mail: [email protected] address: Langfang university Langfang Development Area phone: +86-13311166160 fax-no: +86-64181819 country: CN mnt-by: MAINT-CNNIC-AP last-modified: 2008-09-04T07:29:22Z source: APNIC route: 119.253.0.0/17 descr: Route originated from CSTNET country: CN origin: as7497 remarks: Please contact [email protected] if you have any remarks: questions regarding this object. remarks: Antispam mail please send to [email protected]. notify: [email protected] mnt-by: MAINT-CSTNET-CN last-modified: 2023-10-06T05:09:27Z source: APNIC
references
https://list.rtbh.com.tr/output.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 9 days ago
Appeared in 17 threat reports