IOC Radar
IPMediumSignal 62/100

103.212.98.213

Location
Hong KongHong Kong
San Po Kong, Wong Tai Sin District
ASN
AS45753
Netsec
First Seen
Apr 16, 2026
Last Seen
Apr 22, 2026
Apr 16
First Seen
64d ago
Apr 22
Last Seen
57d ago
6
Reports
source reports
62%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryHKHong Kong
RegionSan Po Kong, Wong Tai Sin District
ASNAS45753
OrganizationNetsec

Feed Intelligence Summary

6 reports62% confidence
6
Source reports
62%
Confidence score
Category tags
abuseactive scanasiabad reputationbrute forcebrute force attackerhong kongindicatornetworkportscanresearchedscannersservice scanvultr

Activity Timeline

1 total obs
Apr 22Apr 22

Threat Activity Heatmap

· Peak: 2026-04-22
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), specifically the IPv4 address `103.212.98.213`, represents a significant and urgent threat that demands immediate attention. With a high threat score of approximately 62 and explicit listings across multiple reputable threat intelligence feeds, including "Brute Force Attackers" and various blacklists, this IP address is actively associated with malicious network activities. Its observed behavior, which includes widespread port scanning and suspected brute forc…

Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
6
Reports
First seenApr 16, 2026
Last seenApr 22, 2026
GeolocationHK
CountryHong Kong
LocationSan Po Kong, Wong Tai Sin District
ASNAS45753
OrgNetsec
Coords22.3366, 114.1970

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot
raw
inetnum: 103.212.98.0 - 103.212.98.255 netname: Netsec descr: Netsec country: HK admin-c: NN541-AP tech-c: NN541-AP abuse-c: AU244-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-ULL-HK mnt-irt: IRT-ULL-HK last-modified: 2025-05-18T09:01:03Z source: APNIC irt: IRT-ULL-HK address: Room 1701, 17/F,, New Tech Plaza, San Po Kong,, Kowloon., Hong Kong., Hong Kong Kowloon 999077 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ULLA1-AP tech-c: ULLA1-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-ULL-HK last-modified: 2025-12-03T03:04:15Z source: APNIC role: ABUSE ULLHK country: ZZ address: Room 1701, 17/F,, New Tech Plaza, San Po Kong,, Kowloon., Hong Kong., Hong Kong Kowloon 999077 phone: +000000000 e-mail: [email protected] admin-c: ULLA1-AP tech-c: ULLA1-AP nic-hdl: AU244-AP remarks: Generated from irt object IRT-ULL-HK remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-12-03T03:04:45Z source: APNIC role: NETSEC NOC address: Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay country: HK phone: +85227511100 e-mail: [email protected] admin-c: NN541-AP tech-c: NN541-AP nic-hdl: NN541-AP mnt-by: MAINT-NETSEC-HK last-modified: 2025-03-14T05:55:40Z source: APNIC route: 103.212.98.0/24 origin: AS45753 descr: Unique Logic Limited Room 1701, 17/F, New Tech Plaza, San Po Kong, Kowloon., Hong Kong. mnt-by: MAINT-ULL-HK last-modified: 2021-10-19T09:07:44Z source: APNIC route: 103.212.98.0/24 origin: AS9744 descr: Unique Logic Limited Room 1701, 17/F, New Tech Plaza, San Po Kong, Kowloon., Hong Kong. mnt-by: MAINT-ULL-HK last-modified: 2021-11-03T08:41:32Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 6 threat reports