IOC Radar
IPMediumSignal 93/100

160.119.76.52

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS49870
HostUS Solutions LLC
First Seen
Mar 22, 2026
Last Seen
Jun 12, 2026
Mar 22
First Seen
93d ago
Jun 12
Last Seen
11d ago
21
Reports
source reports
93%
Confidence
medium
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
93%
Signal Score
93 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

23 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS49870
OrganizationHostUS Solutions LLC

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

21 reports93% confidence
21
Source reports
93%
Confidence score
Category tags
abuseactive scanactive scanningadbafricaallandroidapacheapache attackeraptasiaattackaustraliaautomated attackbad reputationbad web botbotnetbotnet activitybotnet-driven malicious activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcec2classcommand & controlcommand and controlcommunication protocolcountcountrycowriecredential accesscredential stuffingcredential-harvestingdata encryptionddosddos attackdenial of servicedigital oceandionaeadistributed attacksdropperencryptionentropyenv-huntingeuropeeventsexploitexploitation activityexploited hostfattfieldftpftp brute-forcehackinghttp scanneridentity & access exploitationindicatorindicators of compromiseintrusion detectioniot securityiot targetedlateral movementmalaysiamalicious activitymalicious ipmalwaremiraimobile threatnetherlandsnetworknetwork protocolnetwork securitynginxnloceaniaopen proxyopencanaryp0fpassword attackspathphishingpolandportscanproject_gifted1proxyransomwareraspberry-pircereconnaissanceredisremote accessremote servicesresearchedscanscannerscannersscanning activityscoresensor-taggedserviceservice scansevereseychellessipsmbsocradarsocradar honeypotsouth africaspamsshssh attackssh-bruteforcet1021.001t1021.002t1040t1071.001t1076t1077t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1595t1595.001t1595.002t1595.003tannertargeting databasetcptelnetthreat actorthreat intelligencetor nodetpottypevaluevpnvpn ipvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitationweb spamweb trafficworker_strike

Activity Timeline

1 total obs
Jun 12Jun 12

Threat Activity Heatmap

· Peak: 2026-06-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
93
SIGNAL
Signal Score
93%
Confidence
21
Reports
First seenMar 22, 2026
Last seenJun 12, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS49870
OrgHostUS Solutions LLC
Coords-29.0000, 24.0000
ProxyVPN

VirusTotal

Not checked

WHOIS

description
Automated report from OpenCanary + Cowrie honeypots. 73 malicious IPs detected in the last hour.
raw
inetnum: 160.119.64.0 - 160.119.79.255 netname: HostUS-Solutions-v4 descr: HostUS Solutions LLC country: SC org: ORG-HSL1-AFRINIC admin-c: HIA2-AFRINIC admin-c: AC54-AFRINIC admin-c: JS74-AFRINIC tech-c: HIA2-AFRINIC tech-c: AC54-AFRINIC tech-c: JS74-AFRINIC status: ALLOCATED PA mnt-by: AFRINIC-HM-MNT mnt-lower: HSL1-MNT source: AFRINIC # Filtered parent: 0.0.0.0 - 255.255.255.255 organisation: ORG-HSL1-AFRINIC org-name: HostUS Solutions LLC org-type: LIR country: SC address: Pearl Street, Providence Industrial Estate address: Mahe phone: tel:+1-302-300-1737 phone: tel:+44-7454-655229 admin-c: HIA2-AFRINIC admin-c: AC54-AFRINIC admin-c: JS74-AFRINIC tech-c: HIA2-AFRINIC tech-c: AC54-AFRINIC tech-c: JS74-AFRINIC mnt-ref: AFRINIC-HM-MNT mnt-ref: HSL1-MNT mnt-by: AFRINIC-HM-MNT source: AFRINIC # Filtered person: Andrew Clarke address: Coriander Avenue address: London E14 2AA address: United Kingdom phone: tel:+1-302-300-1737 nic-hdl: AC54-AFRINIC mnt-by: HSL1-MNT source: AFRINIC # Filtered person: HostUS IP Administrator address: Coriander Avenue address: London E14 2AA address: United Kingdom phone: tel:+1-302-300-1737 nic-hdl: HIA2-AFRINIC abuse-mailbox: [email protected] mnt-by: HSL1-MNT source: AFRINIC # Filtered person: Jack Sephton address: Pearl Street, Providence Industrial Estate address: Mahe address: Seychelles phone: tel:+44-7454-655229 nic-hdl: JS74-AFRINIC source: AFRINIC # Filtered mnt-by: GENERATED-RQKBWUGNJNGPDXDJQOJTCKV9ZX2M9UJY-MNT route: 160.119.64.0/20 descr: HostUS origin: AS7489 mnt-by: HSL1-MNT source: AFRINIC # Filtered
references
hexroot-full-2026-05-11-2058.md, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-07/, https://jamesbrine.com.au, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-03-27/, https://redpiranha.net, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 11 days ago
Appeared in 21 threat reports