IOC Radar
IPMediumSignal 72/100

160.119.76.55

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS49870
HostUS Solutions LLC
First Seen
Mar 13, 2026
Last Seen
Jun 11, 2026
Mar 13
First Seen
102d ago
Jun 11
Last Seen
11d ago
24
Reports
source reports
72%
Confidence
medium
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS49870
OrganizationHostUS Solutions LLC

IP Category

Proxy
Proxy server

Feed Intelligence Summary

24 reports72% confidence
24
Source reports
72%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadminaegisamberapacheapache attackerattackauthentication failuresautomated attackautomated attack attemptsautomated attacksautomated botnet activityautomated threatautomated-threatbad reputationbad web botblock rateblocklist_allbotnetbotnet activitybotnet attacksbrute forcebrute force attackbrute force attackerbrute force attacksbrute-forcebrute-force-attackbruteforcecommand and controlcommand executioncorazacowriecredential accesscredential harvestingcredential stuffingdata encryptiondatabase securityddosddos attackddos attacksdecoy systemdenial of servicedhcpdigital oceandionaeadistributed attacksdropsencryptioneuropeexfiltrationexploitation activityexploited hostfail2ban activityfattfraud voipftpftp attacksftp brute forceftp brute-forceftp protocolfullgermanyhackinghttp-attackhttp/shttp/s brute forcehttp/s serviceshttps-attackidentity & access exploitationimapimap attackinformation gatheringinformation technologyinjection activityinternet-scanningintrusion attemptsiot botnetiot securityiot targetedit infrastructurelateral movementldaplogin attemptsmalicious activitymalicious ipmalicious ip addressesmalicious-ipmalwaremalware distributionmiraimssqlnetherlandsnetworknetwork enumerationnetwork monitoringnetwork port scanningnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynlntpopen proxyoracleoracle dbp0fpassword attacksphishingphishing attackping of deathpolandportscanprotocol exploitationproxyransomwarerdprdp attacksreconnaissanceredisremote accessremote servicesresearchedscams & fraudscanscannerscannersscanning activitysecurity operationssecurity policysensor-taggedserver exploitationserver securityservice attackservice scanseychellesskypesmbsmtpsmtp attackersmtp brute forcesmtp protocolsnmpsocial engineeringsocks5socradar honeypotsoftware developmentspamspammingsql injectionsshssh attackssh attacksssh protocolt1021.001t1021.002t1040t1046t1059.003t1059.005t1071.001t1076t1077t1078t1090t1090.003t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1499.003t1505.004t1563t1566.001t1566.002t1566.003t1590.006t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcptelnettelnet attackstelnet threatthreat actorthreat intelligencethreat preventiontor nodetpotunauthorized access attemptsvnc protocolvultrweb app attackweb application attackweb exploitationweb service attacksweb-application-attackwinwindows

Activity Timeline

1 total obs
Jun 11Jun 11

Threat Activity Heatmap

· Peak: 2026-06-11
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
24
Reports
First seenMar 13, 2026
Last seenJun 11, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS49870
OrgHostUS Solutions LLC
Coords52.3676, 4.9041
Proxy

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 160.119.64.0 - 160.119.79.255 netname: HostUS-Solutions-v4 descr: HostUS Solutions LLC country: SC org: ORG-HSL1-AFRINIC admin-c: HIA2-AFRINIC admin-c: AC54-AFRINIC admin-c: JS74-AFRINIC tech-c: HIA2-AFRINIC tech-c: AC54-AFRINIC tech-c: JS74-AFRINIC status: ALLOCATED PA mnt-by: AFRINIC-HM-MNT mnt-lower: HSL1-MNT source: AFRINIC # Filtered parent: 0.0.0.0 - 255.255.255.255 organisation: ORG-HSL1-AFRINIC org-name: HostUS Solutions LLC org-type: LIR country: SC address: Pearl Street, Providence Industrial Estate address: Mahe phone: tel:+1-302-300-1737 phone: tel:+44-7454-655229 admin-c: HIA2-AFRINIC admin-c: AC54-AFRINIC admin-c: JS74-AFRINIC tech-c: HIA2-AFRINIC tech-c: AC54-AFRINIC tech-c: JS74-AFRINIC mnt-ref: AFRINIC-HM-MNT mnt-ref: HSL1-MNT mnt-by: AFRINIC-HM-MNT source: AFRINIC # Filtered person: Andrew Clarke address: Coriander Avenue address: London E14 2AA address: United Kingdom phone: tel:+1-302-300-1737 nic-hdl: AC54-AFRINIC mnt-by: HSL1-MNT source: AFRINIC # Filtered person: HostUS IP Administrator address: Coriander Avenue address: London E14 2AA address: United Kingdom phone: tel:+1-302-300-1737 nic-hdl: HIA2-AFRINIC abuse-mailbox: [email protected] mnt-by: HSL1-MNT source: AFRINIC # Filtered person: Jack Sephton address: Pearl Street, Providence Industrial Estate address: Mahe address: Seychelles phone: tel:+44-7454-655229 nic-hdl: JS74-AFRINIC source: AFRINIC # Filtered mnt-by: GENERATED-RQKBWUGNJNGPDXDJQOJTCKV9ZX2M9UJY-MNT route: 160.119.64.0/20 descr: HostUS origin: AS7489 mnt-by: HSL1-MNT source: AFRINIC # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 11 days ago
Appeared in 24 threat reports