IPMediumSignal 40/100
103.231.172.170
Location
Hong KongTsim Sha Tsui, Hong Kong
ASN
AS45753
Netsec
First Seen
May 12, 2025
Last Seen
Apr 22, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryHong Kong
Hong KongRegionTsim Sha Tsui, Hong Kong
ASNAS45753
OrganizationNetsec
Feed Intelligence Summary
7 reports40% confidence
7
Source reports
40%
Confidence score
Category tags
abuseactive scanactive scanningapt27asiabad reputationbase64base64 encodingbotnetbotnet activitybronze unionchina-based aptcms exploitationcommand and controldata exfiltrationdata store exposuredistributed attacksearth smilodonemissary pandaexploitation activityhong kongindicatorinjection activityiron tigerluckymousemalicious softwaremalwarenetworknorth americaphp injectionprocess injectionreconnaissanceremote code executionresearchedscannerscripting languageshopt1053.005t1055t1055.001t1059.001t1059.004t1059.007t1068t1071.001t1133t1189t1190t1203t1486t1496t1499.002t1499.003t1505.003t1547.001t1565t1595.001t1595.002t1595.003threat actorthreat group-3390tor nodeunited statesweb application attackweb application exploitationweb developmentweb shell
Activity Timeline
Apr 22Apr 22
Threat Activity Heatmap
· Peak: 2026-04-22LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
40
SIGNAL
Signal Score
40%
Confidence
7
Reports
First seenMay 12, 2025
Last seenApr 22, 2026
GeolocationHK
CountryHong Kong
LocationTsim Sha Tsui, Hong Kong
ASNAS45753
OrgNetsec
Coords40.7123, -74.0068
VirusTotal
Not checked
WHOIS
- description
- web attack pboot cms
- raw
- inetnum: 103.231.172.0 - 103.231.172.255 netname: NETSEC descr: NETSEC country: HK admin-c: NN541-AP tech-c: NN541-AP abuse-c: AM2702-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-MCTL-HK mnt-irt: IRT-MCTL-HK last-modified: 2025-05-19T07:01:00Z source: APNIC irt: IRT-MCTL-HK address: Unit 1103, 11/F,, 29 Austin Road, Tsim sha tsui,, Kowloon, Hong Kong, Hong Kong Kowloon 999077 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: WL3130-AP tech-c: WL3130-AP auth: # Filtered remarks: [email protected] remarks: [email protected] was validated on 2025-05-17 mnt-by: MAINT-MCTL-HK last-modified: 2025-05-17T08:18:45Z source: APNIC role: ABUSE MCTLHK country: ZZ address: Unit 1103, 11/F,, 29 Austin Road, Tsim sha tsui,, Kowloon, Hong Kong, Hong Kong Kowloon 999077 phone: +000000000 e-mail: [email protected] admin-c: WL3130-AP tech-c: WL3130-AP nic-hdl: AM2702-AP remarks: Generated from irt object IRT-MCTL-HK remarks: [email protected] was validated on 2025-05-17 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-17T08:19:11Z source: APNIC role: NETSEC NOC address: Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay country: HK phone: +85227511100 e-mail: [email protected] admin-c: NN541-AP tech-c: NN541-AP nic-hdl: NN541-AP mnt-by: MAINT-NETSEC-HK last-modified: 2025-03-14T05:55:40Z source: APNIC route: 103.231.172.0/24 origin: AS45753 descr: MAX CLOUD TECHNOLOGY LIMITED Unit 1103, 11/F, 29 Austin Road, Tsim sha tsui, Kowloon, Hong Kong mnt-by: MAINT-MCTL-HK last-modified: 2021-11-03T08:35:01Z source: APNIC route: 103.231.172.0/24 origin: AS9744 descr: MAX CLOUD TECHNOLOGY LIMITED Unit 1103, 11/F, 29 Austin Road, Tsim sha tsui, Kowloon, Hong Kong mnt-by: MAINT-MCTL-HK last-modified: 2021-11-03T08:35:41Z source: APNIC
- references
- https://medium.com/@AptXXhunter/fuckyouwaf-0e7be8fb1ef0
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 7 threat reports