IOC Radar
IPHighVerifiedSignal 67/100

103.133.73.239

Location
Hong KongHong Kong
Sheung Wan, Central and Western
ASN
AS45753
Netsec
First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Apr 16
First Seen
65d ago
Apr 23
Last Seen
58d ago
4
Reports
source reports
67%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryHKHong Kong
RegionSheung Wan, Central and Western
ASNAS45753
OrganizationNetsec

Feed Intelligence Summary

4 reports67% confidence
4
Source reports
67%
Confidence score
Category tags
active scanasiabrute forcebrute force attackerhong kongindicatornetworkportscanresearchedscannersservice scanvultr

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, represents a significant and active threat to organizational security, as evidenced by its high threat score and explicit association with brute-force attacks and port scanning. These activities are critical early stages of attack, often preceding more severe incidents such as unauthorized system access, data exfiltration, or ransomware deployment. If left unaddressed, this IP could facilitate a successful breach, leading to significant operat…

Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
4
Reports
First seenApr 16, 2026
Last seenApr 23, 2026
Verified IOC
GeolocationHK
CountryHong Kong
LocationSheung Wan, Central and Western
ASNAS45753
OrgNetsec
Coords22.2863, 114.1490

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw
inetnum: 103.133.72.0 - 103.133.73.254 netname: NETSEC descr: NETSEC country: HK admin-c: NN541-AP tech-c: NN541-AP abuse-c: AR797-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-RACKANIZER-HK mnt-irt: IRT-RACKANIZER-HK last-modified: 2025-05-26T05:33:35Z source: APNIC irt: IRT-RACKANIZER-HK address: Rm 1502 15/F Nan Dao Comm Bldg No 359-361 Queen's Rd Central, Sheung Wan Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: RALA1-AP tech-c: RALA1-AP auth: # Filtered remarks: [email protected] was validated on 2026-04-16 mnt-by: MAINT-RACKANIZER-HK last-modified: 2026-04-16T04:16:25Z source: APNIC role: ABUSE RACKANIZERHK country: ZZ address: Rm 1502 15/F Nan Dao Comm Bldg No 359-361 Queen's Rd Central, Sheung Wan Hong Kong phone: +000000000 e-mail: [email protected] admin-c: RALA1-AP tech-c: RALA1-AP nic-hdl: AR797-AP remarks: Generated from irt object IRT-RACKANIZER-HK remarks: [email protected] was validated on 2026-04-16 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-04-16T04:16:43Z source: APNIC role: NETSEC NOC address: Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay country: HK phone: +85227511100 e-mail: [email protected] admin-c: NN541-AP tech-c: NN541-AP nic-hdl: NN541-AP mnt-by: MAINT-NETSEC-HK last-modified: 2025-03-14T05:55:40Z source: APNIC route: 103.133.73.0/24 origin: AS45753 descr: Rack Anizer Limited Rm 1502 15/F Nan Dao Comm Bldg No 359-361 Queen's Rd Central mnt-by: MAINT-RACKANIZER-HK last-modified: 2021-10-19T08:09:32Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 months ago · Last seen 1 month ago
Appeared in 4 threat reports