IOC Radar
IPMediumSignal 67/100

107.148.15.128

Location
Hong KongHong Kong
Hong Kong, Kowloon
ASN
AS398478
PEG TECH INC
First Seen
Apr 17, 2026
Last Seen
Apr 27, 2026
Apr 17
First Seen
57d ago
Apr 27
Last Seen
47d ago
6
Reports
source reports
67%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryHKHong Kong
RegionHong Kong, Kowloon
ASNAS398478
OrganizationPEG TECH INC

Feed Intelligence Summary

6 reports67% confidence
6
Source reports
67%
Confidence score
Category tags
active scanasiabrute forcebrute force attackerdigital oceanhong kongnetworknorth americaportscanproxyresearchedscannerscannersservice scanunited states

Activity Timeline

1 total obs
Apr 27Apr 27

Threat Activity Heatmap

· Peak: 2026-04-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
6
Reports
First seenApr 17, 2026
Last seenApr 27, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, Kowloon
ASNAS398478
OrgPEG TECH INC
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
raw
inetnum: 0.0.0.0 - 255.255.255.255 netname: IANA-BLOCK descr: General placeholder reference for all IPv4 addresses remarks: ------------------------------------------------------ remarks: remarks: Important: remarks: remarks: This registration object does not contain remarks: specific registration details. remarks: remarks: This registration object is used only as a remarks: general placeholder for all IPv4 addresses remarks: and may include: remarks: remarks: - reserved address ranges remarks: - private use ranges remarks: - multicast ranges remarks: - address ranges administered by RIRs (Regional remarks: Internet Registries) remarks: remarks: If your query does not return an address range remarks: more specific than 0.0.0.0 - 255.255.255.255, it remarks: means the address is not administered by any RIR. remarks: For more specific information on the use of this remarks: IPv4 address space, see the Internet Assigned remarks: Numbers Authority (IANA) website at: remarks: remarks: http://www.iana.org remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:49Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-17/, https://jamesbrine.com.au, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-16/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 6 threat reports