IOC Radar
IPMediumSignal 44/100

103.216.223.204

Location
SingaporeSingapore
Singapore, Singapore
ASN
AS136557
Host Universal Pty Ltd
First Seen
Nov 17, 2022
Last Seen
Jun 5, 2026
Nov 17
First Seen
1306d ago
Jun 5
Last Seen
10d ago
23
Reports
source reports
44%
Confidence
medium
3/91
VirusTotal
detections
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountrySGSingapore
RegionSingapore, Singapore
ASNAS136557
OrganizationHost Universal Pty Ltd

IP Category

VPN
VPN exit node

Feed Intelligence Summary

23 reports44% confidence
23
Source reports
44%
Confidence score
Category tags
active scanactive scanningaerospace & defenseasiaattackaustraliaauthenticationauthentication attackauthentication bypassauthentication failureauto-generated securityautomotive manufacturingbad reputationbad web botblacklisted ipsblog spambotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcec2 communicationcisco devicecivil servicescommand & controlcommand and controlcommand injectioncommunication protocolcowriecowrie honeypotcredential accesscredential attackcredential harvestingcredential stuffingdarkforumsdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedevice managementdionaeadionaea honeypotdistributed attacksdnsdns attackelectronics manufacturingencryptionenterprise networkingeuropeexploitexploit attemptsexploit probingexploitation activityexploitation attemptexploitation attemptsexploitation of vulnerabilityexploited hostexternal remote servicesfattfinlandfranceftpftp attacksftp brute forcegermanygovernment technologyhackingherolding attackshoneynet connecthoneytrap honeypothttp botnethttp brute forcehttp scanneridentity & access exploitationindicators of compromiseindustrial automationindustrial iotindustrial productioninformation technologyinitial accessinjection activityinternet-facingiociot securityipphoney honeypotirc botnetit infrastructurekill-chain exploitationkill-chain reconnaissancelamplamp attackslateral movementlogin attemptlow-riskmailoney honeypotmalicious activitymalicious ipsmalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware deliverymalware distributionmanufacturing technologymilitary operationsnational securitynetworknetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork-based attack attemptsnextraynorth americaoceaniaosintp0fpassword attackpassword attacksphishingphishing attackphishing trappolandprocess injectionprocess manufacturingprotocol exploitationproxypublic administrationpublic infrastructurepublic policyquality controlrdp attacksreconnaissanceregulatory agenciesremote accessremote access serviceremote servicesresearchedresource hijackingscannerscanning activitysecurity operationssensor-taggedsentrypeer attackssentrypeer botnetserver exploitationservice scansftp attacksftp attackssgsingaporesip attackssip heraldingsmb brute forcesmtpsmtp attackssmtp brute forcesocial engineeringsoftware developmentspamsql injectionssh attackssh attacksssh monitoringsupply chain attacksupply chain managementt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp scantelecommunicationstelnet attackstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedtor nodetpotudp scanunauthorized accessunauthorized access attemptunited statesus ip addressus source ipvnc protocolvoipvoip attackvpnvulnerability scanvulnerability-exploitationweb app attackweb application attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
23
Reports
First seenNov 17, 2022
Last seenJun 5, 2026
GeolocationSG
CountrySingapore
LocationSingapore, Singapore
ASNAS136557
OrgHost Universal Pty Ltd
Coords1.4144, 103.9070
VPN

VirusTotal

3/ 91vendors flagged
3% detection rateJun 8, 2026

WHOIS

description
Observed on T-Pot within last 24h; sensors=p0f; threshold?1; private IPs excluded. geo=SG; ports=5900 Location=Sydney, Australia.
raw
inetnum: 103.216.220.0 - 103.216.223.255 netname: HOST-AU descr: Host Universal Pty Ltd country: AU org: ORG-HUPL1-AP admin-c: HUPL1-AP tech-c: HUPL1-AP abuse-c: AH892-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-HOST-AU mnt-routes: MAINT-HOST-AU mnt-irt: IRT-HOST-AU last-modified: 2024-10-04T00:24:48Z geofeed: https://www.hostuniversal.com.au/geofeed/geofeed.csv source: APNIC irt: IRT-HOST-AU address: Host Universal Pty Ltd, c/o Brentnalls SA, 255 Port Road, Hindmarsh SA 5007, Australia, Hindmarsh So e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HUPL1-AP tech-c: HUPL1-AP auth: # Filtered remarks: [email protected] was validated on 2025-02-11 mnt-by: MAINT-HOST-AU last-modified: 2025-02-11T18:47:20Z source: APNIC organisation: ORG-HUPL1-AP org-name: Host Universal Pty Ltd org-type: LIR country: AU address: Host Universal Pty Ltd address: c/o Brentnalls SA address: 255 Port Road, Hindmarsh SA 5007, Australia phone: +61403394019 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:16:54Z source: APNIC role: ABUSE HOSTAU country: ZZ address: Host Universal Pty Ltd, c/o Brentnalls SA, 255 Port Road, Hindmarsh SA 5007, Australia, Hindmarsh So phone: +000000000 e-mail: [email protected] admin-c: HUPL1-AP tech-c: HUPL1-AP nic-hdl: AH892-AP remarks: Generated from irt object IRT-HOST-AU remarks: [email protected] was validated on 2025-02-11 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-11T18:47:54Z source: APNIC role: Host Universal Pty Ltd administrator address: Host Universal Pty Ltd, c/o Brentnalls SA, 255 Port Road, Hindmarsh SA 5007, Australia, Hindmarsh So country: AU phone: +61403394019 fax-no: +61403394019 e-mail: [email protected] admin-c: HUPL1-AP tech-c: HUPL1-AP nic-hdl: HUPL1-AP mnt-by: MAINT-HOST-AU last-modified: 2016-05-03T06:34:59Z source: APNIC route: 103.216.223.0/24 origin: AS136557 descr: Host Universal Pty Ltd Host Universal Pty Ltd c/o Brentnalls SA 255 Port Road, Hindmarsh SA 5007, Australia mnt-by: MAINT-HOST-AU last-modified: 2020-02-03T00:47:53Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 10 days ago
Appeared in 23 threat reports