IOC Radar
IPMediumSignal 36/100

14.103.116.134

Location
ChinaChina
Beijing, Beijing
ASN
AS137718
Beijing Bitone United Networks Technology Service Co., Ltd.
First Seen
Jan 8, 2025
Last Seen
Apr 7, 2026
Jan 8
First Seen
531d ago
Apr 7
Last Seen
77d ago
17
Reports
source reports
36%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS137718
OrganizationBeijing Bitone United Networks Technology Service Co., Ltd.

IP Category

Proxy
Proxy server

Feed Intelligence Summary

17 reports36% confidence
17
Source reports
36%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaatif feedattackaustraliaauthenticationauthentication abuseauthentication attackauthentication attemptsauthentication failurebad reputationbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptschinacncommand and controlcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredecoy systemdistributed attackseuropeexploitation activityfail2ban alertfail2ban triggeredftp brute forcehoneytrap honeypotidentity & access exploitationinfrastructure acquisitionreconnaissanceinjection activitylamplogin attackmailoney honeypotmalicious activitymalicious softwaremalwaremanualnetworknetwork scanningnetwork security monitoringoceaniapassword attacksphishingphishing attackphishing trapprocess injectionproxyreconnaissanceremote accessresearchedscannerscanning activitysecurity operationssecurity policysftp attacksocial engineeringssh attackssh monitoringt1021t1021.004t1040t1041t1055t1059t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1587.001t1589t1590.001t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionthreat intelligencethreat preventiontor nodeunited kingdomweb brute force

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
17
Reports
First seenJan 8, 2025
Last seenApr 7, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS137718
OrgBeijing Bitone United Networks Technology Service Co., Ltd.
Coords39.9042, 116.4070
Proxy

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 14.103.0.0 - 14.103.255.255 netname: VOLCANO-ENGINE descr: Beijing Volcano Engine Technology Co., Ltd. descr: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN admin-c: YW7147-AP tech-c: JS4370-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-VOLCANO-ENGINE-CN last-modified: 2022-05-19T06:54:29Z source: APNIC irt: IRT-VOLCANO-ENGINE-CN address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing e-mail: [email protected] abuse-mailbox: [email protected] auth: # Filtered admin-c: YW7147-AP tech-c: JS4370-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-05-13T02:59:52Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Liu Nian address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN phone: +86-10-13810123695 e-mail: [email protected] nic-hdl: JS4370-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-01-06T01:34:46Z source: APNIC person: Chen Qi address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN phone: +86-10-13051468788 e-mail: [email protected] nic-hdl: YW7147-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-01-06T01:34:08Z source: APNIC route: 14.103.116.0/24 origin: AS137718 descr: China Internet Network Information Center Floor1, Building No.1 C/-Chinese Academy of Sciences 4, South 4th Street Haidian District, mnt-by: MAINT-CNNIC-AP last-modified: 2023-07-10T07:15:31Z source: APNIC
references
https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://github.com/telekom-security/tpotce, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 17 threat reports