IPMediumSignal 35/100
108.83.166.174
Location
United StatesOrlando, FL
ASN
AS7018
AT&T Enterprises, LLC
First Seen
Mar 28, 2025
Last Seen
Apr 11, 2026
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionOrlando, FL
ASNAS7018
OrganizationAT&T Enterprises, LLC
Feed Intelligence Summary
14 reports35% confidence
14
Source reports
35%
Confidence score
Category tags
abuseaccess attemptaccount discoveryaccount profilingaccount takeoveractive scanactive scanningapplication layer protocolattackaustraliaauthenticationauthentication abuseauthentication attackauthentication attacksautomated attacksbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcbrute_forcec2 servercommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostscowrie honeypotcredential accesscredential stuffingcredential_accessdata exfiltrationdata store exposuredata theftddosdecoy systemdistributed attackseuropeexploitation activityfail2ban blockedfailed authenticationftpftp brute forcegame_servergeoipidentity & access exploitationindicatorinfoinformation technologyinitial accessinjection activityiocipv4it infrastructurelogin attacklogin failuremalicious activitymalicious payloadmalicious softwaremalwaremalware distributionnetworknetwork accessnetwork intrusionnetwork layer protocolnetwork probingnetwork scannetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americanoticeoceaniapassword attacksphishingpotential vulnerability exploitationprocess injectionransomwarereconnaissanceremote accessremote service exploitationresearchedscanscannerscanning activitysecurity operationsself-signedservice exploitationservice scansftp attacksoftware developmentspamssh attackssh monitoringstaging_servert1018t1021t1021.001t1021.003t1021.004t1040t1041t1046t1055t1059t1059.004t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1187t1190t1486t1496t1499.002t1499.003t1565t1567t1573t1583t1588t1588.002t1589.002t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencetor nodetpotceunauthorized accessunauthorized access attemptunited kingdomunited statesvalid accountsvoipvpsvps securityvulnerability scan
Activity Timeline
Apr 11Apr 11
Threat Activity Heatmap
· Peak: 2026-04-11LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
14
Reports
First seenMar 28, 2025
Last seenApr 11, 2026
GeolocationUS
CountryUnited States
LocationOrlando, FL
ASNAS7018
OrgAT&T Enterprises, LLC
Coords28.6225, -81.4317
VirusTotal
Not checked
WHOIS
- description
- Host bruteforcing SSH
- raw
- NetRange: 108.64.0.0 - 108.95.255.255 CIDR: 108.64.0.0/11 NetName: SBCIS-SBIS NetHandle: NET-108-64-0-0-1 Parent: NET108 (NET-108-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: AT&T Enterprises, LLC (AEL-360) RegDate: 2009-10-29 Updated: 2024-12-05 Ref: https://rdap.arin.net/registry/ip/108.64.0.0 OrgName: AT&T Enterprises, LLC OrgId: AEL-360 Address: 208 S. Akard St. City: Dallas StateProv: TX PostalCode: 75202 Country: US RegDate: 2024-11-22 Updated: 2025-07-21 Ref: https://rdap.arin.net/registry/entity/AEL-360 OrgTechHandle: ICC-ARIN OrgTechName: IP Team OrgTechPhone: +1-888-876-2382 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ICC-ARIN OrgTechHandle: ZS44-ARIN OrgTechName: IPAdmin-ATT Internet Services OrgTechPhone: +1-888-510-5545 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ZS44-ARIN OrgAbuseHandle: ABUSE7-ARIN OrgAbuseName: abuse OrgAbusePhone: +1-919-319-8167 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE7-ARIN OrgRoutingHandle: ROUTI59-ARIN OrgRoutingName: Routing POC OrgRoutingPhone: +1-999-999-9999 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/ROUTI59-ARIN
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://redpiranha.net, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 14 threat reports