IPMediumSignal 100/100
109.169.41.22
Location
AustraliaGosport, England
ASN
AS20860
Redstation Limited
First Seen
Oct 26, 2023
Last Seen
Feb 14, 2026
Oct 26
First Seen
958d ago
Feb 14
Last Seen
116d ago
21
Reports
source reports
99%
Confidence
medium
2/91
VirusTotal
detections
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryAustralia
AustraliaRegionGosport, England
ASNAS20860
OrganizationRedstation Limited
Feed Intelligence Summary
21 reports99% confidence
21
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningattackaustraliaauthentication attackauto-generated securityautomated attackbotnetbrute forcebrute force attackbrute force attemptcommand and controlcredential accesscredential harvestingcredential stuffingctadata exfiltrationdistributed attackseuropeftpgbindicatorinfrastructure acquisitionreconnaissancemalicious activitymalicious softwaremalwaremanualnetworknetwork scanningnetwork securityoceaniapassword attacksphishing attackprocess injectionreconnaissanceremote accessresearchedscannersecurity policyself-signedsocial engineeringssh attackt1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1589t1589.002t1590.001t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat preventionunited kingdom
Activity Timeline
Feb 14Feb 14
Threat Activity Heatmap
· Peak: 2026-02-14LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
21
Reports
First seenOct 26, 2023
Last seenFeb 14, 2026
GeolocationAU
CountryAustralia
LocationGosport, England
ASNAS20860
OrgRedstation Limited
Coords51.4964, -0.1224
WHOIS
- description
- Host bruteforcing SSH
- raw
- inetnum: 109.169.0.0 - 109.169.95.255 netname: UK-RAPIDSWITCH-20091102 country: GB org: ORG-RL20-RIPE admin-c: AR6363-RIPE tech-c: AR6363-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: RAPIDSWITCH-MNT mnt-routes: RAPIDSWITCH-MNT created: 2010-02-11T09:11:40Z last-modified: 2017-03-24T16:04:24Z source: RIPE # Filtered organisation: ORG-RL20-RIPE org-name: IOMART MANAGED SERVICES LIMITED country: GB org-type: LIR address: 6 Atlantic Quay, 55 Robertson Street address: G2 8JD address: Glasgow address: UNITED KINGDOM phone: +441753471040 fax-no: +441753471049 admin-c: IOM-RIPE admin-c: IOM-RIPE admin-c: AR6363-RIPE mnt-ref: RAPIDSWITCH-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: RAPIDSWITCH-MNT abuse-c: AR12896-RIPE created: 2005-09-26T12:37:33Z last-modified: 2025-08-12T12:06:47Z source: RIPE # Filtered person: Abuse Robot address: iomart Hosting Ltd t/a RapidSwitch address: Spectrum House address: Clivemont Road address: Maidenhead address: SL6 7FW phone: +44 (0)1753 471 040 remarks: ****************************************************** remarks: * ABUSE REPORTS * remarks: * https://myservers.rapidswitch.com/reportabuse.aspx * remarks: ****************************************************** nic-hdl: AR6363-RIPE mnt-by: RAPIDSWITCH-MNT created: 2007-02-11T09:38:19Z last-modified: 2017-10-30T21:53:52Z source: RIPE # Filtered route: 109.169.0.0/18 descr: Iomart Hosting Ltd origin: AS20860 mnt-by: GB10488-RIPE-MNT mnt-by: RAPIDSWITCH-MNT created: 2011-04-29T00:01:49Z last-modified: 2011-04-29T00:01:49Z source: RIPE
- references
- https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://redpiranha.net
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 3 months ago
Appeared in 21 threat reports