IOC Radar
IPMediumSignal 46/100

14.103.132.8

Location
ChinaChina
Beijing, Beijing
ASN
AS137718
Beijing Bitone United Networks Technology Service Co., Ltd.
First Seen
Dec 29, 2024
Last Seen
Apr 1, 2026
Dec 29
First Seen
531d ago
Apr 1
Last Seen
73d ago
18
Reports
source reports
46%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS137718
OrganizationBeijing Bitone United Networks Technology Service Co., Ltd.

Feed Intelligence Summary

18 reports46% confidence
18
Source reports
46%
Confidence score
Category tags
abuseactive scanactive scanningapplication layer protocolasiaatif feedattackaustraliaauthenticationauthentication attackauthentication attacksauto-generated securityautomated attackbad reputationbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcbrute_forcec2 serverchinacisco devicecncommand & controlcommand and controlcompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingcredential_accessctadata exfiltrationdata store exposuredata theftddosdecoy systemdenial-of-servicedevice managementdistributed attacksenterprise networkingeuropeexploitation activityfail2ban triggeredfailed loginfailed login attemptsftpftp brute forcegame_serverhackinghoneytrap honeypothttp brute forceidentity & access exploitationindicatorinfoinfrastructure acquisitionreconnaissanceinitial accessinjection activityioclamplogin attacklogin attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware distributionmanualnetworknetwork infrastructurenetwork intrusionnetwork layer protocolnetwork probingnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork security monitoringnetwork service scanningnetwork traffic analysisnoticeoceaniapassword attackspassword crackingphishingphishing attackphishing trappotential intrusionprocess injectionransomwarereconnaissanceremote accessremote servicesresearchedresource exhaustionscannerscanning activitysecurity alertsecurity operationsservice scansftp attacksocial engineeringsocradar honeypotspamssh attackssh monitoringstaging_servert1021t1021.004t1041t1046t1055t1059t1059.004t1071t1071.001t1078t1078.002t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1565t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1589t1589.002t1590.001t1592t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunauthorized access attemptunited kingdomvalid accountsvulnerability scan

Activity Timeline

1 total obs
Apr 1Apr 1

Threat Activity Heatmap

· Peak: 2026-04-01
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The Internet Protocol (IP) address 14.103.132.8 represents a significant and active threat, demanding immediate attention from security teams. With a threat score of 45.89 and no whitelist status, this indicator is strongly associated with malicious activities, primarily brute-force attacks, password guessing, and credential stuffing. Its presence in an organization's network typically signifies an active attempt by adversaries to gain unauthorized access, potentially leading to widespread syste…

Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
18
Reports
First seenDec 29, 2024
Last seenApr 1, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS137718
OrgBeijing Bitone United Networks Technology Service Co., Ltd.
Coords39.9075, 116.3971

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 14.103.0.0 - 14.103.255.255 netname: VOLCANO-ENGINE descr: Beijing Volcano Engine Technology Co., Ltd. descr: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN admin-c: YW7147-AP tech-c: JS4370-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-VOLCANO-ENGINE-CN last-modified: 2022-05-19T06:54:29Z source: APNIC irt: IRT-VOLCANO-ENGINE-CN address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing e-mail: [email protected] abuse-mailbox: [email protected] admin-c: YW7147-AP tech-c: JS4370-AP auth: # Filtered remarks: [email protected] was validated on 2025-03-04 mnt-by: MAINT-CNNIC-AP last-modified: 2025-03-04T06:37:12Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Liu Nian address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN phone: +86-10-13810123695 e-mail: [email protected] nic-hdl: JS4370-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-01-06T01:34:46Z source: APNIC person: Chen Qi address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN phone: +86-10-13051468788 e-mail: [email protected] nic-hdl: YW7147-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-01-06T01:34:08Z source: APNIC route: 14.103.132.0/24 origin: AS137718 descr: China Internet Network Information Center Floor1, Building No.1 C/-Chinese Academy of Sciences 4, South 4th Street Haidian District, mnt-by: MAINT-CNNIC-AP last-modified: 2023-07-10T07:15:49Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 18 threat reports