IOC Radar
IPMediumSignal 100/100

128.14.167.87

Location
United StatesUnited States
Los Angeles, California
ASN
AS21859
ZENLA
First Seen
Dec 28, 2024
Last Seen
Feb 12, 2026
Dec 28
First Seen
539d ago
Feb 12
Last Seen
128d ago
14
Reports
source reports
99%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryUSUnited States
RegionLos Angeles, California
ASNAS21859
OrganizationZENLA

IP Category

Hosting
Hosting provider

Feed Intelligence Summary

14 reports99% confidence
14
Source reports
99%
Confidence score
Category tags
abuseactive scanningattackaustraliaauthenticationauthentication attackauto-generated securitybotnetbrute forcebrute force attackbrute force attemptcommand and controlcowrie honeypotcredential accesscredential stuffingctadata exfiltrationdecoy systemdistributed attacksindicatormalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork securitynorth americaoceaniapassword attackpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersftp attackssh attackssh monitoringt1021.004t1041t1055t1071.001t1078t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1555t1565t1588.004t1589t1589.002t1595t1595.001t1595.002t1595.003threat actorthreat intelligenceunited states

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
14
Reports
First seenDec 28, 2024
Last seenFeb 12, 2026
GeolocationUS
CountryUnited States
LocationLos Angeles, California
ASNAS21859
OrgZENLA
Coords34.0544, -118.2440
Hosting

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
Zenlayer Inc ZL-LAX3-004 (NET-128-14-0-0-1) 128.14.0.0 - 128.14.255.255 ZENLA-1 ZL-LAX-ZENWORKS-0081 (NET-128-14-167-0-1) 128.14.167.0 - 128.14.167.255
references
https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 14 threat reports