IOC Radar
IPMediumSignal 92/100

170.64.237.42

Location
AustraliaAustralia
Sydney, New South Wales
ASN
AS14061
DigitalOcean, LLC
First Seen
Dec 29, 2024
Last Seen
Feb 15, 2026
Dec 29
First Seen
529d ago
Feb 15
Last Seen
116d ago
15
Reports
source reports
92%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
92%
Signal Score
92 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

24 techniques

Network Information

CountryAUAustralia
RegionSydney, New South Wales
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

15 reports92% confidence
15
Source reports
92%
Confidence score
Category tags
abuseactive scanningauaustraliaauthenticationauto-generated securitybankingbotnetbrute forcebrute force attackbrute force attemptcommand and controlcredential accesscredential stuffingcredit card servicesctadata exfiltrationdenial of servicedistributed attacksfinancefinance and insurancefinancial servicesfinancial technologyindicatormalicious softwaremalwarenetworknetwork intrusionnetwork probingnetwork scanningnetwork securitynorth americaoceaniapassword attackspayment processingprocess injectionreconnaissanceremote accessremote servicesresearchedscannerscanning activityssh attackt1021.004t1055t1071.001t1078t1078.002t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1565t1589t1589.002t1595.001t1595.002t1595.003telecommunicationsunited stateswealth managementweb application attackweb exploitationweb scanner

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
92
SIGNAL
Signal Score
92%
Confidence
15
Reports
First seenDec 29, 2024
Last seenFeb 15, 2026
GeolocationAU
CountryAustralia
LocationSydney, New South Wales
ASNAS14061
OrgDigitalOcean, LLC
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 170.0.0.0 - 170.255.255.255 netname: ERX-NETBLOCK descr: Early registration addresses remarks: ------------------------------------------------------ remarks: Important: remarks: remarks: Networks in this range were allocated by InterNIC remarks: prior to the formation of Regional Internet remarks: Registries (RIRs): AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. remarks: remarks: Address ranges from this historical space have now remarks: been transferred to the appropriate RIR database.remarks: remarks: If your search has returned this record, it means the remarks: address range is not administered by APNIC. remarks: remarks: Instead, please search one of the following databases: remarks: remarks: - AfriNIC (Africa) remarks: website: http://www.afrinic.net/ remarks: command line: whois.afrinic.net remarks: remarks: - ARIN (Northern America) remarks: website: http://www.arin.net/ remarks: command line: whois.arin.net remarks: remarks: - LACNIC (Latin America and the Carribean) remarks: website: http://www.lacnic.net/ remarks: command line: whois.lacnic.net remarks: remarks: - RIPE NCC (Europe) remarks: website: http://www.ripe.net/ remarks: command line: whois.ripe.net remarks: remarks: For information on the Early Registration Transfer remarks: (ERX) project, see: remarks: remarks: http://www.apnic.net/db/erx remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: APNIC-HM mnt-lower: APNIC-HM status: ALLOCATED PORTABLE last-modified: 2015-08-28T00:31:44Z source: APNIC mnt-irt: IRT-APNIC-AP irt: IRT-APNIC-AP address: Brisbane, Australia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HM20-AP tech-c: NO4-AP auth: # Filtered remarks: APNIC is a Regional Internet Registry. remarks: We do not operate the referring network and remarks: are unable to investigate complaints of network abuse. remarks: For information about IRT, see www.apnic.net/irt remarks: [email protected] was validated on 2020-02-03 mnt-by: APNIC-HM last-modified: 2023-08-18T00:42:38Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 15 threat reports