IOC Radar
IPMediumSignal 37/100

151.44.167.217

Location
ItalyItaly
Molfetta, Lombardy
ASN
AS1267
WINDTRE s.p.a
First Seen
Jul 6, 2025
Last Seen
May 5, 2026
Jul 6
First Seen
342d ago
May 5
Last Seen
38d ago
10
Reports
source reports
37%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryITItaly
RegionMolfetta, Lombardy
ASNAS1267
OrganizationWINDTRE s.p.a

Feed Intelligence Summary

10 reports37% confidence
10
Source reports
37%
Confidence score
Category tags
abuseactive scanattackaustraliaauthenticationblacklisted ipbotnetbrute forcebrute force attemptbrute force attemptsbrute-forcec2 communicationcommand and controlcompromised hostscredential accesscredential stuffingcredentialsdata exfiltrationdistributed attackseuropeindicatorintrusion detectioniocititalymalicious activitymalicious domainmalicious softwaremalwaremalware distributionnetworknetwork intrusionnetwork securityoceaniapassword crackingprocess injectionremote accessresearchedscannersecurity operationssshssh attackt1003t1016t1021t1021.004t1040t1055t1059t1071t1071.001t1078t1078.002t1078.004t1105t1110t1110.001t1110.002t1110.003t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1565t1568threat actorthreat intelligence

Activity Timeline

1 total obs
May 5May 5

Threat Activity Heatmap

· Peak: 2026-05-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
10
Reports
First seenJul 6, 2025
Last seenMay 5, 2026
GeolocationIT
CountryItaly
LocationMolfetta, Lombardy
ASNAS1267
OrgWINDTRE s.p.a
Coords45.5190, 9.0861

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 151.3.0.0 - 151.79.255.255 netname: WIND-EX-IUNET country: IT org: ORG-WTS2-RIPE admin-c: SI4534-RIPE tech-c: SI4534-RIPE status: LEGACY mnt-by: RIPE-NCC-LEGACY-MNT mnt-by: AS1267-MNT mnt-by: MNT-IUNET mnt-lower: MNT-IUNET mnt-domains: AS1267-MNT remarks: ALL THE IP ADDRESSES BELONG TO WINDTRE S.P.A created: 2015-01-05T14:23:53Z last-modified: 2022-12-21T10:27:10Z source: RIPE organisation: ORG-WTS2-RIPE org-name: WIND TRE S.P.A. country: IT org-type: LIR address: Largo Metropolitana 5 address: 20017 address: RHO (Milano) address: ITALY phone: +390230111 phone: +390230115015 admin-c: SI4534-RIPE abuse-c: AR31270-RIPE mnt-ref: MNT-IUNET mnt-ref: AS1267-MNT remarks: WINDTRE S.P.A for abuse : [email protected] remarks: ALL IP BELONG TO WINDTRE S.P.A mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: MNT-IUNET created: 2004-04-17T11:35:18Z last-modified: 2022-12-21T13:24:50Z source: RIPE # Filtered person: STAFF IP address: Largo Metropolitana 5 - 20017 Rho ( Milano ) phone: +39-02-3011.1 nic-hdl: SI4534-RIPE mnt-by: WIND-MNT mnt-by: MNT-IUNET mnt-by: AS1267-MNT created: 2022-12-21T07:59:29Z last-modified: 2022-12-21T07:59:29Z source: RIPE route: 151.44.0.0/16 descr: INFOSTRADA origin: AS1267 remarks: removed cross-mnt: AS1267-MNT mnt-lower: AS1267-MNT mnt-routes: AS1267-MNT mnt-by: AS1267-MNT created: 2001-10-09T11:49:14Z last-modified: 2004-01-30T16:35:40Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 1 month ago
Appeared in 10 threat reports