IPMediumSignal 44/100
14.103.82.39
Location
ChinaBeijing, Beijing
ASN
AS137718
Beijing Bitone United Networks Technology Service Co., Ltd.
First Seen
Dec 1, 2024
Last Seen
Apr 24, 2026
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionBeijing, Beijing
ASNAS137718
OrganizationBeijing Bitone United Networks Technology Service Co., Ltd.
Feed Intelligence Summary
18 reports44% confidence
18
Source reports
44%
Confidence score
Category tags
abuseactive scanactive scanningasiaatif feedattackaustraliaauthenticationauthentication attackauthentication attacksauthentication bypassauto-generated securitybad reputationbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcbrute_forcebruteforcec2 serverchinacisco devicecncommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredata theftddosddos attemptdecoy systemdevice managementdistributed attacksenterprise networkingeuropeexploitation activityfail2ban triggeredfailed login attemptsftpftp brute forcehoneytrap honeypotidentity & access exploitationindicatorinfoinfrastructure acquisitionreconnaissanceinfrastructure scanninginjection activityintrusion detectionioclamplogin attacklogin attemptmailoney honeypotmalicious activitymalicious softwaremalwaremalware distributionmanualnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork reconnaissancenetwork scanningnetwork securitynetwork security monitoringnetwork service scanningnetwork traffic analysisnoticeoceaniapassword attackpassword attacksphishingphishing attackphishing trappossible botnet activityprocess injectionreconnaissanceresearchedscannersecurity operationsservice scansftp attacksocial engineeringspamsshssh attackssh monitoringt1021t1021.004t1040t1041t1055t1059t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1589t1589.002t1590.001t1595t1595.001t1595.002t1595.003tcp protocolthreat actorthreat detectionthreat intelligencetor nodeunauthorized accessunited kingdomvulnerability scanweb_login
Activity Timeline
Apr 24Apr 24
Threat Activity Heatmap
· Peak: 2026-04-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This IPv4 address, with a moderate-to-high risk score of 44.367, signifies its active involvement in potentially hostile activities. Its presence as an Indicator of Compromise points towards an ongoing risk of brute-force attacks, credential stuffing, and broad network scanning, all aimed at identifying vulnerabilities or gaining unauthorized access to organizational assets. Should this IP be observed communicating with internal systems, it could indicate active network penetration attempts, suc…
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
18
Reports
First seenDec 1, 2024
Last seenApr 24, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS137718
OrgBeijing Bitone United Networks Technology Service Co., Ltd.
Coords34.7732, 113.7220
VirusTotal
Not checked
WHOIS
- description
- Banned by Fail2Ban [sshd]
- raw
- inetnum: 14.103.0.0 - 14.103.255.255 netname: VOLCANO-ENGINE descr: Beijing Volcano Engine Technology Co., Ltd. descr: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN admin-c: YW7147-AP tech-c: JS4370-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP mnt-irt: IRT-VOLCANO-ENGINE-CN last-modified: 2022-05-19T06:54:29Z source: APNIC irt: IRT-VOLCANO-ENGINE-CN address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing e-mail: [email protected] abuse-mailbox: [email protected] auth: # Filtered admin-c: YW7147-AP tech-c: JS4370-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-05-13T02:59:52Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: Liu Nian address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN phone: +86-10-13810123695 e-mail: [email protected] nic-hdl: JS4370-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-01-06T01:34:46Z source: APNIC person: Chen Qi address: 1309, 13/F, Building 4, Zijin Digital Park, Haidian District, Beijing country: CN phone: +86-10-13051468788 e-mail: [email protected] nic-hdl: YW7147-AP mnt-by: MAINT-CNNIC-AP last-modified: 2025-01-06T01:34:08Z source: APNIC route: 14.103.82.0/24 origin: AS137718 descr: China Internet Network Information Center Floor1, Building No.1 C/-Chinese Academy of Sciences 4, South 4th Street Haidian District, mnt-by: MAINT-CNNIC-AP last-modified: 2023-07-10T07:14:58Z source: APNIC
- references
- https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://github.com/telekom-security/tpotce, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 18 threat reports