IOC Radar
IPMediumSignal 79/100

216.118.251.86

Location
Hong KongHong Kong
Lai Chi Kok, Hong Kong
ASN
AS45753
Simcentric Solutions Limited.
First Seen
Jan 28, 2026
Last Seen
May 22, 2026
Jan 28
First Seen
151d ago
May 22
Last Seen
37d ago
11
Reports
source reports
79%
Confidence
medium
11/91
VirusTotal
detections
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
79%
Signal Score
79 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

23 techniques

Network Information

CountryHKHong Kong
RegionLai Chi Kok, Hong Kong
ASNAS45753
OrganizationSimcentric Solutions Limited.

Feed Intelligence Summary

11 reports79% confidence
11
Source reports
79%
Confidence score
Category tags
active scanactive scanningaptapt27asiabad web botbase64blocklist_allbotnet activitybotnet activity detectionbotnet infectionbronze unionbrute forcebrute force attackbrute force attackerbrute-forcecommand and controlcompromised hostcredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of serviceearth smilodonemissary pandaexploitation activityexploited hostfraud ordersftp brute-forcehackinghkhong kongidentity & access exploitationindicatorinformation technologyinjection activityinjection attacksiot securityiot targetediron tigerit infrastructureluckymousemalwaremalware distributionnetworknetwork traffic analysisopenctipassword attacksphishingping of deathreconnaissanceremote code executionresearchedscams & fraudscannerscanning activityscripting languageshopsoftware developmentspamsql injectionsshssh attackt1055.001t1059t1059.001t1059.003t1059.007t1071t1078t1105t1110.001t1110.002t1110.003t1110.004t1189t1190t1203t1486t1499.001t1499.002t1505.003t1573t1595.001t1595.002t1595.003targeting databasethreat actorthreat group-3390threat intelligencetor nodevulnerability scanwebweb app attackweb application attackweb application exploitationweb developmentweb exploitationweb spam

Activity Timeline

1 total obs
May 22May 22

Threat Activity Heatmap

· Peak: 2026-05-22
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
79
SIGNAL
Signal Score
79%
Confidence
11
Reports
First seenJan 28, 2026
Last seenMay 22, 2026
GeolocationHK
CountryHong Kong
LocationLai Chi Kok, Hong Kong
ASNAS45753
OrgSimcentric Solutions Limited.
Coords22.2855, 114.1577

VirusTotal

11/ 91vendors flagged
12% detection rateJun 10, 2026

WHOIS

description
IPv4 hosts detected performing web attacks against Cloudflare honeypot edge
raw
inetnum: 216.118.224.0 - 216.118.255.255 netname: NETSEC-HK descr: Netsec Limited country: HK org: ORG-NASS1-AP admin-c: NN541-AP tech-c: NN541-AP status: ALLOCATED PORTABLE abuse-c: AH1002-AP mnt-by: APNIC-HM mnt-lower: MAINT-NETSEC-HK mnt-routes: MAINT-NETSEC-HK mnt-irt: IRT-HK-NETSEC last-modified: 2025-03-14T06:45:24Z source: APNIC irt: IRT-HK-NETSEC address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NN411-AP tech-c: NN411-AP auth: # Filtered remarks: [email protected] was validated on 2025-09-18 remarks: [email protected] was validated on 2025-11-25 mnt-by: MAINT-HK-NETSEC last-modified: 2025-11-25T06:20:12Z source: APNIC organisation: ORG-NASS1-AP org-name: Netsec Limited org-type: LIR country: HK address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha phone: +852-27511100 fax-no: +852-27511199 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:15:31Z source: APNIC role: ABUSE HKNETSEC country: ZZ address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong phone: +000000000 e-mail: [email protected] admin-c: NN411-AP tech-c: NN411-AP nic-hdl: AH1002-AP remarks: Generated from irt object IRT-HK-NETSEC remarks: [email protected] was validated on 2025-09-18 remarks: [email protected] was validated on 2025-11-25 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-25T06:20:44Z source: APNIC role: NETSEC NOC address: Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay country: HK phone: +85227511100 e-mail: [email protected] admin-c: NN541-AP tech-c: NN541-AP nic-hdl: NN541-AP mnt-by: MAINT-NETSEC-HK last-modified: 2025-03-14T05:55:40Z source: APNIC route: 216.118.251.0/24 origin: AS45753 descr: Netsec Limited RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha mnt-by: MAINT-NETSEC-HK last-modified: 2021-11-29T08:36:59Z source: APNIC route: 216.118.251.0/24 origin: AS9744 descr: Netsec Limited RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha mnt-by: MAINT-NETSEC-HK last-modified: 2021-11-29T07:58:36Z source: APNIC
references
https://medium.com/@AptXXhunter/fuckyouwaf-0e7be8fb1ef0, https://jamesbrine.com.au/cfglobal-web-ip-list-2026-03-30/, https://jamesbrine.com.au, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 months ago · Last seen 1 month ago
Appeared in 11 threat reports