IOC Radar
IPMediumSignal 88/100

45.197.32.238

Location
Hong KongHong Kong
Hong Kong, GP
ASN
AS9294
Asline Limited
First Seen
Mar 27, 2026
Last Seen
May 25, 2026
Mar 27
First Seen
89d ago
May 25
Last Seen
30d ago
12
Reports
source reports
88%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
88%
Signal Score
88 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryHKHong Kong
RegionHong Kong, GP
ASNAS9294
OrganizationAsline Limited

Feed Intelligence Summary

12 reports88% confidence
12
Source reports
88%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningafricaasiaattackbad reputationblocklist_allbrute forcebrute force attackbrute force attackerbrute-forcecredential accesscredential stuffingddosddos attackdenial of servicedigital oceanexploitation activityexploited hosthackinghkhong kongidentity & access exploitationindicatormalicious activitymalwarenetworkpassword attacksping of deathportscanreconnaissanceresearchedscannerscannerssecurity policyservice scanseychellessouth africasshssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actorthreat preventiontor nodeweb application attackweb exploitation

Activity Timeline

1 total obs
May 25May 25

Threat Activity Heatmap

· Peak: 2026-05-25
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
88
SIGNAL
Signal Score
88%
Confidence
12
Reports
First seenMar 27, 2026
Last seenMay 25, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, GP
ASNAS9294
OrgAsline Limited
Coords-26.3811, 27.8376

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
raw
inetnum: 45.197.32.0 - 45.197.32.255 netname: GNET_INC descr: GNET INC. country: HK admin-c: CIS1-AFRINIC tech-c: CIS1-AFRINIC status: ASSIGNED PA mnt-by: CIL1-MNT mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered parent: 45.192.0.0 - 45.207.255.255 person: Cloud Innovation Support address: Ebene address: MU address: Mahe address: Seychelles phone: tel:+248-4-610-795 nic-hdl: CIS1-AFRINIC abuse-mailbox: [email protected] mnt-by: CIL1-MNT source: AFRINIC # Filtered route: 45.197.32.0/19 origin: AS9294 descr: ASLINE LIMITED mnt-by: LARUS-SERVICE-MNT source: AFRINIC # Filtered
references
https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 12 threat reports