IOC Radar
IPMediumSignal 72/100

216.118.230.118

Location
Hong KongHong Kong
Lai Chi Kok, Sham Shui Po District
ASN
AS45753
Simcentric Solutions Limited.
First Seen
Oct 17, 2023
Last Seen
Jun 2, 2026
Oct 17
First Seen
984d ago
Jun 2
Last Seen
26d ago
13
Reports
source reports
72%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryHKHong Kong
RegionLai Chi Kok, Sham Shui Po District
ASNAS45753
OrganizationSimcentric Solutions Limited.

Feed Intelligence Summary

13 reports72% confidence
13
Source reports
72%
Confidence score
Category tags
active scanactive scanningasiaattackauthentication attackbotnetbotnet activitybrute forcecobalt-strikecobaltstrikecommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdenial of servicedistributed attacksenumerationexploitation activityftpftp brute forcehkhong konghttp brute forcehttp scanneridentity & access exploitationimapindicatorinfrastructure acquisitionreconnaissanceinjection activitymalicious activitymalicious softwaremalwaremanualnetworknetwork attacksnetwork intrusionnetwork protocolnetwork scanningnetwork securitynetwork service scanningphishingphishing attackprocess injectionprotocol exploitationqakbotransomwarereconnaissanceremote accessremote servicesresearchedservice scansmb scanningsmtpsmtp brute forcesocial engineeringssh attackt1018t1021t1021.001t1040t1046t1055t1059t1071.001t1076t1078t1110t1110.002t1190t1486t1496t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1587.001t1589t1590.001t1595t1595.001t1595.002t1595.003tcp scantcp scanningtelnet threatthreat actortor nodeudp scanweb traffic

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
13
Reports
First seenOct 17, 2023
Last seenJun 2, 2026
GeolocationHK
CountryHong Kong
LocationLai Chi Kok, Sham Shui Po District
ASNAS45753
OrgSimcentric Solutions Limited.
Coords22.2578, 114.1657

VirusTotal

Not checked

WHOIS

raw
inetnum: 216.118.224.0 - 216.118.255.255 netname: NETSEC-HK descr: Netsec Limited country: HK org: ORG-NASS1-AP admin-c: NN541-AP tech-c: NN541-AP status: ALLOCATED PORTABLE abuse-c: AH1002-AP mnt-by: APNIC-HM mnt-lower: MAINT-NETSEC-HK mnt-routes: MAINT-NETSEC-HK mnt-irt: IRT-HK-NETSEC last-modified: 2025-03-14T06:45:24Z source: APNIC irt: IRT-HK-NETSEC address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NN411-AP tech-c: NN411-AP auth: # Filtered remarks: [email protected] was validated on 2025-09-18 remarks: [email protected] was validated on 2025-11-25 mnt-by: MAINT-HK-NETSEC last-modified: 2025-11-25T06:20:12Z source: APNIC organisation: ORG-NASS1-AP org-name: Netsec Limited org-type: LIR country: HK address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha phone: +852-27511100 fax-no: +852-27511199 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:15:31Z source: APNIC role: ABUSE HKNETSEC country: ZZ address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong phone: +000000000 e-mail: [email protected] admin-c: NN411-AP tech-c: NN411-AP nic-hdl: AH1002-AP remarks: Generated from irt object IRT-HK-NETSEC remarks: [email protected] was validated on 2025-09-18 remarks: [email protected] was validated on 2025-11-25 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-25T06:20:44Z source: APNIC role: NETSEC NOC address: Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay country: HK phone: +85227511100 e-mail: [email protected] admin-c: NN541-AP tech-c: NN541-AP nic-hdl: NN541-AP mnt-by: MAINT-NETSEC-HK last-modified: 2025-03-14T05:55:40Z source: APNIC route: 216.118.230.0/24 origin: AS45753 descr: Netsec Limited RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha mnt-by: MAINT-NETSEC-HK last-modified: 2021-11-29T08:36:02Z source: APNIC route: 216.118.230.0/24 origin: AS9744 descr: Netsec Limited RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha mnt-by: MAINT-NETSEC-HK last-modified: 2021-11-29T07:55:42Z source: APNIC
references
https://threatfox.abuse.ch/export/csv/recent/, https://labs.inquest.net/iocdb, https://twitter.com/drb_ra/status/1756570485981106470, https://twitter.com/drb_ra/status/1756570591337832462, https://twitter.com/drb_ra/status/1756570609381749235, https://twitter.com/drb_ra/status/1756570639274590338, https://twitter.com/drb_ra/status/1756570663987322893, https://twitter.com/drb_ra/status/1756570669263835332, https://twitter.com/drb_ra/status/1756570688251388004, https://twitter.com/drb_ra/status/1756570729888264332, https://twitter.com/drb_ra/status/1756570784640717141, https://twitter.com/drb_ra/status/1756570867780268385, https://twitter.com/drb_ra/status/1756570919235981823, https://twitter.com/drb_ra/status/1756570933496545687, https://twitter.com/drb_ra/status/1756570946377265324, https://twitter.com/drb_ra/status/1756571182499770785, https://twitter.com/drb_ra/status/1756571195426681277, https://twitter.com/drb_ra/status/1756571234098167968, https://twitter.com/drb_ra/status/1756571246609695125, https://twitter.com/drb_ra/status/1756571335067635992, https://twitter.com/drb_ra/status/1756599196503712026, https://twitter.com/drb_ra/status/1756661384408944643, https://twitter.com/drb_ra/status/1756661504336670834, https://twitter.com/drb_ra/status/1756661834537386453, https://twitter.com/drb_ra/status/1756737065729884434, https://twitter.com/drb_ra/status/1756751560497873008, https://twitter.com/drb_ra/status/1756751939268641102, https://twitter.com/drb_ra/status/1756752311735533768, https://twitter.com/drb_ra/status/1756788271667917112, https://twitter.com/drb_ra/status/1756788333705941296, https://twitter.com/drb_ra/status/1756788376546525306

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 26 days ago
Appeared in 13 threat reports